generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Various cleanups and fixed by Marc and Ralf to start the OpenTLS project

Browse Source
This commit is contained in:
Ralf S. Engelschall 1998-12-22 15:04:48 +00:00
parent 31b8d86844
commit 651d0aff98
140 changed files with 1266 additions and 4983 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

144
CHANGES Normal file
View File

@ -0,0 +1,144 @@
OpenTLS CHANGES
_______________
Changes between 0.9.01b and 0.9.1c
*) Updated the README file.
[Ralf S. Engelschall]
*) Added various .cvsignore files in the CVS repository subdirs
to make a "cvs update" really silent.
[Ralf S. Engelschall]
*) Recompiled the error-definition header files and added
missing symbols to the Win32 linker tables.
[Ralf S. Engelschall]
*) Cleaned up the top-level documents;
o new files: CHANGES and LICENSE
o merged VERSION, HISTORY* and README* files a CHANGES.SSLeay
o merged COPYRIGHT into LICENSE
o removed obsolete TODO file
o renamed MICROSOFT to INSTALL.W32
[Ralf S. Engelschall]
*) Removed dummy files from the 0.9.1b source tree:
crypto/asn1/x crypto/bio/cd crypto/bio/fg crypto/bio/grep crypto/bio/vi
crypto/bn/asm/......add.c crypto/bn/asm/a.out crypto/dsa/f crypto/md5/f
crypto/pem/gmon.out crypto/perlasm/f crypto/pkcs7/build crypto/rsa/f
crypto/sha/asm/f crypto/threads/f ms/zzz ssl/f ssl/f.mak test/f
util/f.mak util/pl/f util/pl/f.mak crypto/bf/bf_locl.old apps/f
[Ralf S. Engelschall]
*) Added various platform portability fixed.
[Marc J. Cox]
*) The Genesis of the OpenTLS rpject:
We start with the latest (unreleased) SSLeay version 0.9.1b which Eric A.
Joung and Tim J. Hudson created while they were working for C2Net until
summer 1998.
[The OpenTLS Project]
Changes between 0.9.0b and 0.9.1b
*) Updated a few CA certificates under certs/
[Eric A. Young]
*) Changed some BIGNUM api stuff.
[Eric A. Young]
*) Various platform ports: OpenBSD, Ultrix, IRIX 64bit, NetBSD,
DGUX x86, Linux Alpha, etc.
[Eric A. Young]
*) New COMP library [crypto/comp/] for SSL Record Layer Compression:
RLE (dummy implemented) and ZLIB (really implemented when ZLIB is
available).
[Eric A. Young]
*) Add -strparse option to asn1pars program which parses nested
binary structures
[Dr Stephen Henson <shenson@bigfoot.com>]
*) Added "oid_file" to ssleay.cnf for "ca" and "req" programs.
[Eric A. Young]
*) DSA fix for "ca" program.
[Eric A. Young]
*) Added "-genkey" option to "dsaparam" program.
[Eric A. Young]
*) Added RIPE MD160 (rmd160) message digest.
[Eric A. Young]
*) Added -a (all) option to "ssleay version" command.
[Eric A. Young]
*) Added PLATFORM define which is the id given to Configure.
[Eric A. Young]
*) Added MemCheck_XXXX functions to crypto/mem.c for memory checking.
[Eric A. Young]
*) Extended the ASN.1 parser routines.
[Eric A. Young]
*) Extended BIO routines to support REUSEADDR, seek, tell, etc.
[Eric A. Young]
*) Added a BN_CTX to the BN library.
[Eric A. Young]
*) Fixed the weak key values in DES library
[Eric A. Young]
*) Changed API in EVP library for cipher aliases.
[Eric A. Young]
*) Added support for RC2/64bit cipher.
[Eric A. Young]
*) Converted the lhash library to the crypto/mem.c functions.
[Eric A. Young]
*) Added more recognized ASN.1 object ids.
[Eric A. Young]
*) Added more RSA padding checks for SSL/TLS.
[Eric A. Young]
*) Added BIO proxy/filter functionality.
[Eric A. Young]
*) Added extra_certs to SSL_CTX which can be used
send extra CA certificates to the client in the CA cert chain sending
process. It can be configured with SSL_CTX_add_extra_chain_cert().
[Eric A. Young]
*) Now Fortezza is denied in the authentication phase because
this is key exchange mechanism is not supported by SSLeay at all.
[Eric A. Young]
*) Additional PKCS1 checks.
[Eric A. Young]
*) Support the string "TLSv1" for all TLS v1 ciphers.
[Eric A. Young]
*) Added function SSL_get_ex_data_X509_STORE_CTX_idx() which gives the
ex_data index of the SSL context in the X509_STORE_CTX ex_data.
[Eric A. Young]
*) Fixed a few memory leaks.
[Eric A. Young]
*) Fixed various code and comment typos.
[Eric A. Young]
*) A minor bug in ssl/s3_clnt.c where there would always be 4 0
bytes sent in the client random.
[Edward Bishop <ebishop@spyglass.com>]

549
HISTORY.066 → CHANGES.SSLeay
View File

@ -1,4 +1,527 @@
SSLeay 0.6.5
SSLeay CHANGES
______________
Changes between 0.8.x and 0.9.0b
10-Apr-1998
I said the next version would go out at easter, and so it shall.
I expect a 0.9.1 will follow with portability fixes in the next few weeks.
This is a quick, meet the deadline. Look to ssl-users for comments on what
is new etc.
eric (about to go bushwalking for the 4 day easter break :-)
16-Mar-98
- Patch for Cray T90 from Wayne Schroeder <schroede@SDSC.EDU>
- Lots and lots of changes
29-Jan-98
- ASN1_BIT_STRING_set_bit()/ASN1_BIT_STRING_get_bit() from
Goetz Babin-Ebell <babinebell@trustcenter.de>.
- SSL_version() now returns SSL2_VERSION, SSL3_VERSION or
TLS1_VERSION.
7-Jan-98
- Finally reworked the cipher string to ciphers again, so it
works correctly
- All the app_data stuff is now ex_data with funcion calls to access.
The index is supplied by a function and 'methods' can be setup
for the types that are called on XXX_new/XXX_free. This lets
applications get notified on creation and destruction. Some of
the RSA methods could be implemented this way and I may do so.
- Oh yes, SSL under perl5 is working at the basic level.
15-Dec-97
- Warning - the gethostbyname cache is not fully thread safe,
but it should work well enough.
- Major internal reworking of the app_data stuff. More functions
but if you were accessing ->app_data directly, things will
stop working.
- The perlv5 stuff is working. Currently on message digests,
ciphers and the bignum library.
9-Dec-97
- Modified re-negotiation so that server initated re-neg
will cause a SSL_read() to return -1 should retry.
The danger otherwise was that the server and the
client could end up both trying to read when using non-blocking
sockets.
4-Dec-97
- Lots of small changes
- Fix for binaray mode in Windows for the FILE BIO, thanks to
Bob Denny <rdenny@dc3.com>
17-Nov-97
- Quite a few internal cleanups, (removal of errno, and using macros
defined in e_os.h).
- A bug in ca.c, pointed out by yasuyuki-ito@d-cruise.co.jp, where
the automactic naming out output files was being stuffed up.
29-Oct-97
- The Cast5 cipher has been added. MD5 and SHA-1 are now in assember
for x86.
21-Oct-97
- Fixed a bug in the BIO_gethostbyname() cache.
15-Oct-97
- cbc mode for blowfish/des/3des is now in assember. Blowfish asm
has also been improved. At this point in time, on the pentium,
md5 is %80 faster, the unoptimesed sha-1 is %79 faster,
des-cbc is %28 faster, des-ede3-cbc is %9 faster and blowfish-cbc
is %62 faster.
12-Oct-97
- MEM_BUF_grow() has been fixed so that it always sets the buf->length
to the value we are 'growing' to. Think of MEM_BUF_grow() as the
way to set the length value correctly.
10-Oct-97
- I now hash for certificate lookup on the raw DER encoded RDN (md5).
This breaks things again :-(. This is efficent since I cache
the DER encoding of the RDN.
- The text DN now puts in the numeric OID instead of UNKNOWN.
- req can now process arbitary OIDs in the config file.
- I've been implementing md5 in x86 asm, much faster :-).
- Started sha1 in x86 asm, needs more work.
- Quite a few speedups in the BN stuff. RSA public operation
has been made faster by caching the BN_MONT_CTX structure.
The calulating of the Ai where A*Ai === 1 mod m was rather
expensive. Basically a 40-50% speedup on public operations.
The RSA speedup is now 15% on pentiums and %20 on pentium
pro.
30-Sep-97
- After doing some profiling, I added x86 adm for bn_add_words(),
which just adds 2 arrays of longs together. A %10 speedup
for 512 and 1024 bit RSA on the pentium pro.
29-Sep-97
- Converted the x86 bignum assembler to us the perl scripts
for generation.
23-Sep-97
- If SSL_set_session() is passed a NULL session, it now clears the
current session-id.
22-Sep-97
- Added a '-ss_cert file' to apps/ca.c. This will sign selfsigned
certificates.
- Bug in crypto/evp/encode.c where by decoding of 65 base64
encoded lines, one line at a time (via a memory BIO) would report
EOF after the first line was decoded.
- Fix in X509_find_by_issuer_and_serial() from
Dr Stephen Henson <shenson@bigfoot.com>
19-Sep-97
- NO_FP_API and NO_STDIO added.
- Put in sh config command. It auto runs Configure with the correct
parameters.
18-Sep-97
- Fix x509.c so if a DSA cert has different parameters to its parent,
they are left in place. Not tested yet.
16-Sep-97
- ssl_create_cipher_list() had some bugs, fixes from
Patrick Eisenacher <eisenach@stud.uni-frankfurt.de>
- Fixed a bug in the Base64 BIO, where it would return 1 instead
of -1 when end of input was encountered but should retry.
Basically a Base64/Memory BIO interaction problem.
- Added a HMAC set of functions in preporarion for TLS work.
15-Sep-97
- Top level makefile tweak - Cameron Simpson <cs@zip.com.au>
- Prime generation spead up %25 (512 bit prime, pentium pro linux)
by using montgomery multiplication in the prime number test.
11-Sep-97
- Ugly bug in ssl3_write_bytes(). Basically if application land
does a SSL_write(ssl,buf,len) where len > 16k, the SSLv3 write code
did not check the size and tried to copy the entire buffer.
This would tend to cause memory overwrites since SSLv3 has
a maximum packet size of 16k. If your program uses
buffers <= 16k, you would probably never see this problem.
- Fixed a new errors that were cause by malloc() not returning
0 initialised memory..
- SSL_OP_NETSCAPE_CA_DN_BUG was being switched on when using
SSL_CTX_set_options(ssl_ctx,SSL_OP_ALL); which was a bad thing
since this flags stops SSLeay being able to handle client
cert requests correctly.
08-Sep-97
- SSL_SESS_CACHE_NO_INTERNAL_LOOKUP option added. When switched
on, the SSL server routines will not use a SSL_SESSION that is
held in it's cache. This in intended to be used with the session-id
callbacks so that while the session-ids are still stored in the
cache, the decision to use them and how to look them up can be
done by the callbacks. The are the 'new', 'get' and 'remove'
callbacks. This can be used to determine the session-id
to use depending on information like which port/host the connection
is coming from. Since the are also SSL_SESSION_set_app_data() and
SSL_SESSION_get_app_data() functions, the application can hold
information against the session-id as well.
03-Sep-97
- Added lookup of CRLs to the by_dir method,
X509_load_crl_file() also added. Basically it means you can
lookup CRLs via the same system used to lookup certificates.
- Changed things so that the X509_NAME structure can contain
ASN.1 BIT_STRINGS which is required for the unique
identifier OID.
- Fixed some problems with the auto flushing of the session-id
cache. It was not occuring on the server side.
02-Sep-97
- Added SSL_CTX_sess_cache_size(SSL_CTX *ctx,unsigned long size)
which is the maximum number of entries allowed in the
session-id cache. This is enforced with a simple FIFO list.
The default size is 20*1024 entries which is rather large :-).
The Timeout code is still always operating.
01-Sep-97
- Added an argument to all the 'generate private key/prime`
callbacks. It is the last parameter so this should not
break existing code but it is needed for C++.
- Added the BIO_FLAGS_BASE64_NO_NL flag for the BIO_f_base64()
BIO. This lets the BIO read and write base64 encoded data
without inserting or looking for '\n' characters. The '-A'
flag turns this on when using apps/enc.c.
- RSA_NO_PADDING added to help BSAFE functionality. This is a
very dangerous thing to use, since RSA private key
operations without random padding bytes (as PKCS#1 adds) can
be attacked such that the private key can be revealed.
- ASN.1 bug and rc2-40-cbc and rc4-40 added by
Dr Stephen Henson <shenson@bigfoot.com>
31-Aug-97 (stuff added while I was away)
- Linux pthreads by Tim Hudson (tjh@cryptsoft.com).
- RSA_flags() added allowing bypass of pub/priv match check
in ssl/ssl_rsa.c - Tim Hudson.
- A few minor bugs.
SSLeay 0.8.1 released.
19-Jul-97
- Server side initated dynamic renegotiation is broken. I will fix
it when I get back from holidays.
15-Jul-97
- Quite a few small changes.
- INVALID_SOCKET usage cleanups from Alex Kiernan <alex@hisoft.co.uk>
09-Jul-97
- Added 2 new values to the SSL info callback.
SSL_CB_START which is passed when the SSL protocol is started
and SSL_CB_DONE when it has finished sucsessfully.
08-Jul-97
- Fixed a few bugs problems in apps/req.c and crypto/asn1/x_pkey.c
that related to DSA public/private keys.
- Added all the relevent PEM and normal IO functions to support
reading and writing RSAPublic keys.
- Changed makefiles to use ${AR} instead of 'ar r'
07-Jul-97
- Error in ERR_remove_state() that would leave a dangling reference
to a free()ed location - thanks to Alex Kiernan <alex@hisoft.co.uk>
- s_client now prints the X509_NAMEs passed from the server
when requesting a client cert.
- Added a ssl->type, which is one of SSL_ST_CONNECT or
SSL_ST_ACCEPT. I had to add it so I could tell if I was
a connect or an accept after the handshake had finished.
- SSL_get_client_CA_list(SSL *s) now returns the CA names
passed by the server if called by a client side SSL.
05-Jul-97
- Bug in X509_NAME_get_text_by_OBJ(), looking starting at index
0, not -1 :-( Fix from Tim Hudson (tjh@cryptsoft.com).
04-Jul-97
- Fixed some things in X509_NAME_add_entry(), thanks to
Matthew Donald <matthew@world.net>.
- I had a look at the cipher section and though that it was a
bit confused, so I've changed it.
- I was not setting up the RC4-64-MD5 cipher correctly. It is
a MS special that appears in exported MS Money.
- Error in all my DH ciphers. Section 7.6.7.3 of the SSLv3
spec. I was missing the two byte length header for the
ClientDiffieHellmanPublic value. This is a packet sent from
the client to the server. The SSL_OP_SSLEAY_080_CLIENT_DH_BUG
option will enable SSLeay server side SSLv3 accept either
the correct or my 080 packet format.
- Fixed a few typos in crypto/pem.org.
02-Jul-97
- Alias mapping for EVP_get_(digest|cipher)byname is now
performed before a lookup for actual cipher. This means
that an alias can be used to 're-direct' a cipher or a
digest.
- ASN1_read_bio() had a bug that only showed up when using a
memory BIO. When EOF is reached in the memory BIO, it is
reported as a -1 with BIO_should_retry() set to true.
01-Jul-97
- Fixed an error in X509_verify_cert() caused by my
miss-understanding how 'do { contine } while(0);' works.
Thanks to Emil Sit <sit@mit.edu> for educating me :-)
30-Jun-97
- Base64 decoding error. If the last data line did not end with
a '=', sometimes extra data would be returned.
- Another 'cut and paste' bug in x509.c related to setting up the
STDout BIO.
27-Jun-97
- apps/ciphers.c was not printing due to an editing error.
- Alex Kiernan <alex@hisoft.co.uk> send in a nice fix for
a library build error in util/mk1mf.pl
26-Jun-97
- Still did not have the auto 'experimental' code removal
script correct.
- A few header tweaks for Watcom 11.0 under Win32 from
Rolf Lindemann <Lindemann@maz-hh.de>
- 0 length OCTET_STRING bug in asn1_parse
- A minor fix with an non-existent function in the MS .def files.
- A few changes to the PKCS7 stuff.
25-Jun-97
SSLeay 0.8.0 finally it gets released.
24-Jun-97
Added a SSL_OP_EPHEMERAL_RSA option which causes all SSLv3 RSA keys to
use a temporary RSA key. This is experimental and needs some more work.
Fixed a few Win16 build problems.
23-Jun-97
SSLv3 bug. I was not doing the 'lookup' of the CERT structure
correctly. I was taking the SSL->ctx->default_cert when I should
have been using SSL->cert. The bug was in ssl/s3_srvr.c
20-Jun-97
X509_ATTRIBUTES were being encoded wrongly by apps/reg.c and the
rest of the library. Even though I had the code required to do
it correctly, apps/req.c was doing the wrong thing. I have fixed
and tested everything.
Missing a few #ifdef FIONBIO sections in crypto/bio/bss_acpt.c.
19-Jun-97
Fixed a bug in the SSLv2 server side first packet handling. When
using the non-blocking test BIO, the ssl->s2->first_packet flag
was being reset when a would-block failure occurred when reading
the first 5 bytes of the first packet. This caused the checking
logic to run at the wrong time and cause an error.
Fixed a problem with specifying cipher. If RC4-MD5 were used,
only the SSLv3 version would be picked up. Now this will pick
up both SSLv2 and SSLv3 versions. This required changing the
SSL_CIPHER->mask values so that they only mask the ciphers,
digests, authentication, export type and key-exchange algorithms.
I found that when a SSLv23 session is established, a reused
session, of type SSLv3 was attempting to write the SSLv2
ciphers, which were invalid. The SSL_METHOD->put_cipher_by_char
method has been modified so it will only write out cipher which
that method knows about.
Changes between 0.8.0 and 0.8.1
*) Mostly bug fixes.
There is an Ephemeral DH cipher problem which is fixed.
SSLeay 0.8.0
This version of SSLeay has quite a lot of things different from the
previous version.
Basically check all callback parameters, I will be producing documentation
about how to use things in th future. Currently I'm just getting 080 out
the door. Please not that there are several ways to do everything, and
most of the applications in the apps directory are hybrids, some using old
methods and some using new methods.
Have a look in demos/bio for some very simple programs and
apps/s_client.c and apps/s_server.c for some more advanced versions.
Notes are definitly needed but they are a week or so away.
Anyway, some quick nots from Tim Hudson (tjh@cryptsoft.com)
---
Quick porting notes for moving from SSLeay-0.6.x to SSLeay-0.8.x to
get those people that want to move to using the new code base off to
a quick start.
Note that Eric has tidied up a lot of the areas of the API that were
less than desirable and renamed quite a few things (as he had to break
the API in lots of places anyrate). There are a whole pile of additional
functions for making dealing with (and creating) certificates a lot
cleaner.
01-Jul-97
Tim Hudson
tjh@cryptsoft.com
---8<---
To maintain code that uses both SSLeay-0.6.x and SSLeay-0.8.x you could
use something like the following (assuming you #include "crypto.h" which
is something that you really should be doing).
#if SSLEAY_VERSION_NUMBER >= 0x0800
#define SSLEAY8
#endif
buffer.h -> splits into buffer.h and bio.h so you need to include bio.h
too if you are working with BIO internal stuff (as distinct
from simply using the interface in an opaque manner)
#include "bio.h" - required along with "buffer.h" if you write
your own BIO routines as the buffer and bio
stuff that was intermixed has been separated
out
envelope.h -> evp.h (which should have been done ages ago)
Initialisation ... don't forget these or you end up with code that
is missing the bits required to do useful things (like ciphers):
SSLeay_add_ssl_algorithms()
(probably also want SSL_load_error_strings() too but you should have
already had that call in place)
SSL_CTX_new() - requires an extra method parameter
SSL_CTX_new(SSLv23_method())
SSL_CTX_new(SSLv2_method())
SSL_CTX_new(SSLv3_method())
OR to only have the server or the client code
SSL_CTX_new(SSLv23_server_method())
SSL_CTX_new(SSLv2_server_method())
SSL_CTX_new(SSLv3_server_method())
or
SSL_CTX_new(SSLv23_client_method())
SSL_CTX_new(SSLv2_client_method())
SSL_CTX_new(SSLv3_client_method())
SSL_set_default_verify_paths() ... renamed to the more appropriate
SSL_CTX_set_default_verify_paths()
If you want to use client certificates then you have to add in a bit
of extra stuff in that a SSLv3 server sends a list of those CAs that
it will accept certificates from ... so you have to provide a list to
SSLeay otherwise certain browsers will not send client certs.
SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(s_cert_file));
X509_NAME_oneline(X) -> X509_NAME_oneline(X,NULL,0)
or provide a buffer and size to copy the
result into
X509_add_cert -> X509_STORE_add_cert (and you might want to read the
notes on X509_NAME structure changes too)
VERIFICATION CODE
=================
The codes have all be renamed from VERIFY_ERR_* to X509_V_ERR_* to
more accurately reflect things.
The verification callback args are now packaged differently so that
extra fields for verification can be added easily in future without
having to break things by adding extra parameters each release :-)
X509_cert_verify_error_string -> X509_verify_cert_error_string
BIO INTERNALS
=============
Eric has fixed things so that extra flags can be introduced in
the BIO layer in future without having to play with all the BIO
modules by adding in some macros.
The ugly stuff using
b->flags ~= (BIO_FLAGS_RW|BIO_FLAGS_SHOULD_RETRY)
becomes
BIO_clear_retry_flags(b)
b->flags |= (BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY)
becomes
BIO_set_retry_read(b)
Also ... BIO_get_retry_flags(b), BIO_set_flags(b)
OTHER THINGS
============
X509_NAME has been altered so that it isn't just a STACK ... the STACK
is now in the "entries" field ... and there are a pile of nice functions
for getting at the details in a much cleaner manner.
SSL_CTX has been altered ... "cert" is no longer a direct member of this
structure ... things are now down under "cert_store" (see x509_vfy.h) and
things are no longer in a CERTIFICATE_CTX but instead in a X509_STORE.
If your code "knows" about this level of detail then it will need some
surgery.
If you depending on the incorrect spelling of a number of the error codes
then you will have to change your code as these have been fixed.
ENV_CIPHER "type" got renamed to "nid" and as that is what it actually
has been all along so this makes things clearer.
ify_cert_error_string(ctx->error));
SSL_R_NO_CIPHER_WE_TRUST -> SSL_R_NO_CIPHER_LIST
and SSL_R_REUSE_CIPHER_LIST_NOT_ZERO
Changes between 0.7.x and 0.8.0
*) There have been lots of changes, mostly the addition of SSLv3.
There have been many additions from people and amongst
others, C2Net has assisted greatly.
Changes between 0.7.x and 0.7.x
*) Internal development version only
SSLeay 0.6.6 13-Jan-1997
The main additions are
- assember for x86 DES improvments.
From 191,000 per second on a pentium 100, I now get 281,000. The inner
loop and the IP/FP modifications are from
Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>. Many thanks for his
contribution.
- The 'DES macros' introduced in 0.6.5 now have 3 types.
DES_PTR1, DES_PTR2 and 'normal'. As per before, des_opts reports which
is best and there is a summery of mine in crypto/des/options.txt
- A few bug fixes.
- Added blowfish. It is not used by SSL but all the other stuff that
deals with ciphers can use it in either ecb, cbc, cfb64 or ofb64 modes.
There are 3 options for optimising Blowfish. BF_PTR, BF_PTR2 and 'normal'.
BF_PTR2 is pentium/x86 specific. The correct option is setup in
the 'Configure' script.
- There is now a 'get client certificate' callback which can be
'non-blocking'. If more details are required, let me know. It will
documented more in SSLv3 when I finish it.
- Bug fixes from 0.6.5 including the infamous 'ca' bug. The 'make test'
now tests the ca program.
- Lots of little things modified and tweaked.
SSLeay 0.6.5
After quite some time (3 months), the new release. I have been very busy
for the last few months and so this is mostly bug fixes and improvments.
@ -57,7 +580,7 @@ The main changes in this release
- 'ssleay ciphers' added, lists the default cipher list for SSLeay.
- RC2 key setup is now compatable with Netscape.
- Modifed server side of SSL implementation, big performance difference when
using session-id reuse.
using session-id reuse.
0.6.3
@ -186,16 +709,16 @@ The wrappers are easy to write
function_fp(fp,x)
FILE *fp;
{
BIO *b;
int ret;
{
BIO *b;
int ret;
if ((b=BIO_new(BIO_s_file())) == NULL) error.....
BIO_set_fp(b,fp,BIO_NOCLOSE);
ret=function_bio(b,x);
BIO_free(b);
return(ret);
}
if ((b=BIO_new(BIO_s_file())) == NULL) error.....
BIO_set_fp(b,fp,BIO_NOCLOSE);
ret=function_bio(b,x);
BIO_free(b);
return(ret);
}
Remember, there are no functions that take FILE * in SSLeay when
compiled for Windows 3.1 DLL's.
@ -236,8 +759,8 @@ The list of things to read and do
dgst -d
s_client -state (this uses a callback placed in the SSL state loop and
will be used else-where to help debug/monitor what
is happening.)
will be used else-where to help debug/monitor what
is happening.)
doc/why.doc
doc/bio.doc <- hmmm, needs lots of work.

316
HISTORY
View File

@ -1,316 +0,0 @@
16-Mar-98
- Patch for Cray T90 from Wayne Schroeder <schroede@SDSC.EDU>
- Lots and lots of changes
29-Jan-98
- ASN1_BIT_STRING_set_bit()/ASN1_BIT_STRING_get_bit() from
Goetz Babin-Ebell <babinebell@trustcenter.de>.
- SSL_version() now returns SSL2_VERSION, SSL3_VERSION or
TLS1_VERSION.
7-Jan-98
- Finally reworked the cipher string to ciphers again, so it
works correctly
- All the app_data stuff is now ex_data with funcion calls to access.
The index is supplied by a function and 'methods' can be setup
for the types that are called on XXX_new/XXX_free. This lets
applications get notified on creation and destruction. Some of
the RSA methods could be implemented this way and I may do so.
- Oh yes, SSL under perl5 is working at the basic level.
15-Dec-97
- Warning - the gethostbyname cache is not fully thread safe,
but it should work well enough.
- Major internal reworking of the app_data stuff. More functions
but if you were accessing ->app_data directly, things will
stop working.
- The perlv5 stuff is working. Currently on message digests,
ciphers and the bignum library.
9-Dec-97
- Modified re-negotiation so that server initated re-neg
will cause a SSL_read() to return -1 should retry.
The danger otherwise was that the server and the
client could end up both trying to read when using non-blocking
sockets.
4-Dec-97
- Lots of small changes
- Fix for binaray mode in Windows for the FILE BIO, thanks to
Bob Denny <rdenny@dc3.com>
17-Nov-97
- Quite a few internal cleanups, (removal of errno, and using macros
defined in e_os.h).
- A bug in ca.c, pointed out by yasuyuki-ito@d-cruise.co.jp, where
the automactic naming out output files was being stuffed up.
29-Oct-97
- The Cast5 cipher has been added. MD5 and SHA-1 are now in assember
for x86.
21-Oct-97
- Fixed a bug in the BIO_gethostbyname() cache.
15-Oct-97
- cbc mode for blowfish/des/3des is now in assember. Blowfish asm
has also been improved. At this point in time, on the pentium,
md5 is %80 faster, the unoptimesed sha-1 is %79 faster,
des-cbc is %28 faster, des-ede3-cbc is %9 faster and blowfish-cbc
is %62 faster.
12-Oct-97
- MEM_BUF_grow() has been fixed so that it always sets the buf->length
to the value we are 'growing' to. Think of MEM_BUF_grow() as the
way to set the length value correctly.
10-Oct-97
- I now hash for certificate lookup on the raw DER encoded RDN (md5).
This breaks things again :-(. This is efficent since I cache
the DER encoding of the RDN.
- The text DN now puts in the numeric OID instead of UNKNOWN.
- req can now process arbitary OIDs in the config file.
- I've been implementing md5 in x86 asm, much faster :-).
- Started sha1 in x86 asm, needs more work.
- Quite a few speedups in the BN stuff. RSA public operation
has been made faster by caching the BN_MONT_CTX structure.
The calulating of the Ai where A*Ai === 1 mod m was rather
expensive. Basically a 40-50% speedup on public operations.
The RSA speedup is now 15% on pentiums and %20 on pentium
pro.
30-Sep-97
- After doing some profiling, I added x86 adm for bn_add_words(),
which just adds 2 arrays of longs together. A %10 speedup
for 512 and 1024 bit RSA on the pentium pro.
29-Sep-97
- Converted the x86 bignum assembler to us the perl scripts
for generation.
23-Sep-97
- If SSL_set_session() is passed a NULL session, it now clears the
current session-id.
22-Sep-97
- Added a '-ss_cert file' to apps/ca.c. This will sign selfsigned
certificates.
- Bug in crypto/evp/encode.c where by decoding of 65 base64
encoded lines, one line at a time (via a memory BIO) would report
EOF after the first line was decoded.
- Fix in X509_find_by_issuer_and_serial() from
Dr Stephen Henson <shenson@bigfoot.com>
19-Sep-97
- NO_FP_API and NO_STDIO added.
- Put in sh config command. It auto runs Configure with the correct
parameters.
18-Sep-97
- Fix x509.c so if a DSA cert has different parameters to its parent,
they are left in place. Not tested yet.
16-Sep-97
- ssl_create_cipher_list() had some bugs, fixes from
Patrick Eisenacher <eisenach@stud.uni-frankfurt.de>
- Fixed a bug in the Base64 BIO, where it would return 1 instead
of -1 when end of input was encountered but should retry.
Basically a Base64/Memory BIO interaction problem.
- Added a HMAC set of functions in preporarion for TLS work.
15-Sep-97
- Top level makefile tweak - Cameron Simpson <cs@zip.com.au>
- Prime generation spead up %25 (512 bit prime, pentium pro linux)
by using montgomery multiplication in the prime number test.
11-Sep-97
- Ugly bug in ssl3_write_bytes(). Basically if application land
does a SSL_write(ssl,buf,len) where len > 16k, the SSLv3 write code
did not check the size and tried to copy the entire buffer.
This would tend to cause memory overwrites since SSLv3 has
a maximum packet size of 16k. If your program uses
buffers <= 16k, you would probably never see this problem.
- Fixed a new errors that were cause by malloc() not returning
0 initialised memory..
- SSL_OP_NETSCAPE_CA_DN_BUG was being switched on when using
SSL_CTX_set_options(ssl_ctx,SSL_OP_ALL); which was a bad thing
since this flags stops SSLeay being able to handle client
cert requests correctly.
08-Sep-97
- SSL_SESS_CACHE_NO_INTERNAL_LOOKUP option added. When switched
on, the SSL server routines will not use a SSL_SESSION that is
held in it's cache. This in intended to be used with the session-id
callbacks so that while the session-ids are still stored in the
cache, the decision to use them and how to look them up can be
done by the callbacks. The are the 'new', 'get' and 'remove'
callbacks. This can be used to determine the session-id
to use depending on information like which port/host the connection
is coming from. Since the are also SSL_SESSION_set_app_data() and
SSL_SESSION_get_app_data() functions, the application can hold
information against the session-id as well.
03-Sep-97
- Added lookup of CRLs to the by_dir method,
X509_load_crl_file() also added. Basically it means you can
lookup CRLs via the same system used to lookup certificates.
- Changed things so that the X509_NAME structure can contain
ASN.1 BIT_STRINGS which is required for the unique
identifier OID.
- Fixed some problems with the auto flushing of the session-id
cache. It was not occuring on the server side.
02-Sep-97
- Added SSL_CTX_sess_cache_size(SSL_CTX *ctx,unsigned long size)
which is the maximum number of entries allowed in the
session-id cache. This is enforced with a simple FIFO list.
The default size is 20*1024 entries which is rather large :-).
The Timeout code is still always operating.
01-Sep-97
- Added an argument to all the 'generate private key/prime`
callbacks. It is the last parameter so this should not
break existing code but it is needed for C++.
- Added the BIO_FLAGS_BASE64_NO_NL flag for the BIO_f_base64()
BIO. This lets the BIO read and write base64 encoded data
without inserting or looking for '\n' characters. The '-A'
flag turns this on when using apps/enc.c.
- RSA_NO_PADDING added to help BSAFE functionality. This is a
very dangerous thing to use, since RSA private key
operations without random padding bytes (as PKCS#1 adds) can
be attacked such that the private key can be revealed.
- ASN.1 bug and rc2-40-cbc and rc4-40 added by
Dr Stephen Henson <shenson@bigfoot.com>
31-Aug-97 (stuff added while I was away)
- Linux pthreads by Tim Hudson (tjh@cryptsoft.com).
- RSA_flags() added allowing bypass of pub/priv match check
in ssl/ssl_rsa.c - Tim Hudson.
- A few minor bugs.
SSLeay 0.8.1 released.
19-Jul-97
- Server side initated dynamic renegotiation is broken. I will fix
it when I get back from holidays.
15-Jul-97
- Quite a few small changes.
- INVALID_SOCKET usage cleanups from Alex Kiernan <alex@hisoft.co.uk>
09-Jul-97
- Added 2 new values to the SSL info callback.
SSL_CB_START which is passed when the SSL protocol is started
and SSL_CB_DONE when it has finished sucsessfully.
08-Jul-97
- Fixed a few bugs problems in apps/req.c and crypto/asn1/x_pkey.c
that related to DSA public/private keys.
- Added all the relevent PEM and normal IO functions to support
reading and writing RSAPublic keys.
- Changed makefiles to use ${AR} instead of 'ar r'
07-Jul-97
- Error in ERR_remove_state() that would leave a dangling reference
to a free()ed location - thanks to Alex Kiernan <alex@hisoft.co.uk>
- s_client now prints the X509_NAMEs passed from the server
when requesting a client cert.
- Added a ssl->type, which is one of SSL_ST_CONNECT or
SSL_ST_ACCEPT. I had to add it so I could tell if I was
a connect or an accept after the handshake had finished.
- SSL_get_client_CA_list(SSL *s) now returns the CA names
passed by the server if called by a client side SSL.
05-Jul-97
- Bug in X509_NAME_get_text_by_OBJ(), looking starting at index
0, not -1 :-( Fix from Tim Hudson (tjh@cryptsoft.com).
04-Jul-97
- Fixed some things in X509_NAME_add_entry(), thanks to
Matthew Donald <matthew@world.net>.
- I had a look at the cipher section and though that it was a
bit confused, so I've changed it.
- I was not setting up the RC4-64-MD5 cipher correctly. It is
a MS special that appears in exported MS Money.
- Error in all my DH ciphers. Section 7.6.7.3 of the SSLv3
spec. I was missing the two byte length header for the
ClientDiffieHellmanPublic value. This is a packet sent from
the client to the server. The SSL_OP_SSLEAY_080_CLIENT_DH_BUG
option will enable SSLeay server side SSLv3 accept either
the correct or my 080 packet format.
- Fixed a few typos in crypto/pem.org.
02-Jul-97
- Alias mapping for EVP_get_(digest|cipher)byname is now
performed before a lookup for actual cipher. This means
that an alias can be used to 're-direct' a cipher or a
digest.
- ASN1_read_bio() had a bug that only showed up when using a
memory BIO. When EOF is reached in the memory BIO, it is
reported as a -1 with BIO_should_retry() set to true.
01-Jul-97
- Fixed an error in X509_verify_cert() caused by my
miss-understanding how 'do { contine } while(0);' works.
Thanks to Emil Sit <sit@mit.edu> for educating me :-)
30-Jun-97
- Base64 decoding error. If the last data line did not end with
a '=', sometimes extra data would be returned.
- Another 'cut and paste' bug in x509.c related to setting up the
STDout BIO.
27-Jun-97
- apps/ciphers.c was not printing due to an editing error.
- Alex Kiernan <alex@hisoft.co.uk> send in a nice fix for
a library build error in util/mk1mf.pl
26-Jun-97
- Still did not have the auto 'experimental' code removal
script correct.
- A few header tweaks for Watcom 11.0 under Win32 from
Rolf Lindemann <Lindemann@maz-hh.de>
- 0 length OCTET_STRING bug in asn1_parse
- A minor fix with an non-existent function in the MS .def files.
- A few changes to the PKCS7 stuff.
25-Jun-97
SSLeay 0.8.0 finally it gets released.
24-Jun-97
Added a SSL_OP_EPHEMERAL_RSA option which causes all SSLv3 RSA keys to
use a temporary RSA key. This is experimental and needs some more work.
Fixed a few Win16 build problems.
23-Jun-97
SSLv3 bug. I was not doing the 'lookup' of the CERT structure
correctly. I was taking the SSL->ctx->default_cert when I should
have been using SSL->cert. The bug was in ssl/s3_srvr.c
20-Jun-97
X509_ATTRIBUTES were being encoded wrongly by apps/reg.c and the
rest of the library. Even though I had the code required to do
it correctly, apps/req.c was doing the wrong thing. I have fixed
and tested everything.
Missing a few #ifdef FIONBIO sections in crypto/bio/bss_acpt.c.
19-Jun-97
Fixed a bug in the SSLv2 server side first packet handling. When
using the non-blocking test BIO, the ssl->s2->first_packet flag
was being reset when a would-block failure occurred when reading
the first 5 bytes of the first packet. This caused the checking
logic to run at the wrong time and cause an error.
Fixed a problem with specifying cipher. If RC4-MD5 were used,
only the SSLv3 version would be picked up. Now this will pick
up both SSLv2 and SSLv3 versions. This required changing the
SSL_CIPHER->mask values so that they only mask the ciphers,
digests, authentication, export type and key-exchange algorithms.
I found that when a SSLv23 session is established, a reused
session, of type SSLv3 was attempting to write the SSLv2
ciphers, which were invalid. The SSL_METHOD->put_cipher_by_char
method has been modified so it will only write out cipher which
that method knows about.

7
HISTORY.090
View File

@ -1,7 +0,0 @@
- A minor bug in ssl/s3_clnt.c where there would always be 4 0 bytes
sent in the client random, thanks to
Edward Bishop <ebishop@spyglass.com>
- Changed some BIGNUM api stuff.
- I Deleted the HISTORY.090 I was working on and when I found out, it was
permanently gone :-(

0
MICROSOFT → INSTALL.W32
View File

59
COPYRIGHT → LICENSE
View File

@ -1,3 +1,62 @@
/* ====================================================================
* Copyright (c) 1998 The OpenTLS Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenTLS Project
* for use in the OpenTLS Toolkit. (http://www.opentls.org/)"
*
* 4. The names "OpenTLS Toolkit" and "OpenTLS Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@opentls.org.
*
* 5. Products derived from this software may not be called "OpenTLS"
* nor may "OpenTLS" appear in their names without prior written
* permission of the OpenTLS Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenTLS Project
* for use in the OpenTLS Toolkit (http://www.opentls.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OPENTLS PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OPENTLS PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric A. Young
* (eay@cryptsoft.com). This product includes software written by Tim J.
* Hudson (tjh@cryptsoft.com).
*/
__________________________________________________________________________
Old SSLeay License
__________________________________________________________________________
Copyright (C) 1997 Eric Young (eay@cryptsoft.com)
All rights reserved.

74
MINFO
View File

@ -1,11 +1,11 @@
RELATIVE_DIRECTORY=.
AR=ar r
BASENAME=SSLeay
BASENAME=opentls
BF_ENC=bf_enc.o
BN_ASM=bn_asm.o
CAST_ENC=c_enc.o
CC=cl
CFLAG=
CC=cc
CFLAG=-O -DNOPROTO
DES_ENC=des_enc.o fcrypt_b.o
DIRS=crypto ssl rsaref apps test tools
EDIRS=times doc bugs util include certs ms shlib mt demos perl sf dep
@ -20,22 +20,21 @@ MAKEFILE=Makefile.ssl
MAN1=1
MAN3=3
MD5_ASM_OBJ=
MISC=COPYRIGHT Configure HISTORY.090 HISTORY.066 INSTALL Makefile.ssl Makefile README TODO HISTORY README.066 README.080 README.090 VERSION PROBLEMS MINFO makefile.one e_os.h MICROSOFT makevms.com config PATENTS
NAME=SSLeay-0.9.1b
NAME=opentls-0.9.1c
ONEDIRS=out tmp
PEX_LIBS=-L. -L.. -L../.. -L../../..
PLATFORM=VC-WIN32
PLATFORM=dist
RC4_ENC=rc4_enc.o
RC5_ENC=rc5_enc.o
RMD160_ASM_OBJ=
SDIRS=md2 md5 sha mdc2 hmac ripemd des rc2 rc4 rc5 idea bf cast bn rsa dsa dh buffer bio stack lhash rand err objects evp pem asn1 x509 conf txt_db pkcs7 proxy comp
SDIRS=md2 md5 sha mdc2 hmac ripemd des rc2 rc4 rc5 idea bf cast bn rsa dsa dh buffer bio stack lhash rand err objects evp pem asn1 x509 conf txt_db pkcs7 comp
SHA1_ASM_OBJ=
SHELL=/bin/sh
TARFILE=SSLeay-0.9.1b.tar
TARFILE=opentls-0.9.1c.tar
TOP=.
VERSION=0.9.1b
VERSION=0.9.1c
WDIRS=windows
WTARFILE=SSLeay-0.9.1b-win.tar
WTARFILE=opentls-0.9.1c-win.tar
RELATIVE_DIRECTORY=
RELATIVE_DIRECTORY=crypto
ALL=Makefile README cryptlib.c mem.c cversion.c ex_data.c tmdiff.c cpt_err.c cryptlib.h date.h crypto.h cryptall.h tmdiff.h
@ -62,7 +61,7 @@ MAKEDEPEND=makedepend -f Makefile.ssl
MAKEFILE=Makefile.ssl
PEX_LIBS=
RM=/bin/rm -f
SDIRS=md2 md5 sha mdc2 hmac ripemd des rc2 rc4 rc5 idea bf cast bn rsa dsa dh buffer bio stack lhash rand err objects evp pem x509 asn1 conf txt_db pkcs7 proxy comp
SDIRS=md2 md5 sha mdc2 hmac ripemd des rc2 rc4 rc5 idea bf cast bn rsa dsa dh buffer bio stack lhash rand err objects evp pem x509 asn1 conf txt_db pkcs7 comp
SRC=cryptlib.c mem.c cversion.c ex_data.c tmdiff.c cpt_err.c
TOP=..
RELATIVE_DIRECTORY=
@ -506,7 +505,7 @@ TEST=
TOP=../..
RELATIVE_DIRECTORY=
RELATIVE_DIRECTORY=crypto/bio
ALL=Makefile bio_lib.c bio_cb.c bio_err.c bss_mem.c bss_null.c bss_fd.c bss_file.c bss_sock.c bss_conn.c bf_null.c bf_buff.c b_print.c b_dump.c b_sock.c bss_acpt.c bf_nbio.c bss_cs4a.c bio.h bss_file.c
ALL=Makefile bio_lib.c bio_cb.c bio_err.c bss_mem.c bss_null.c bss_fd.c bss_file.c bss_sock.c bss_conn.c bf_null.c bf_buff.c b_print.c b_dump.c b_sock.c bss_acpt.c bf_nbio.c bio.h bss_file.c
APPS=
AR=ar r
CC=cc
@ -521,12 +520,12 @@ HEADER=bio.h bss_file.c
INCLUDES=-I.. -I../../include
INSTALLTOP=/usr/local/ssl
LIB=../../libcrypto.a
LIBOBJ=bio_lib.o bio_cb.o bio_err.o bss_mem.o bss_null.o bss_fd.o bss_file.o bss_sock.o bss_conn.o bf_null.o bf_buff.o b_print.o b_dump.o b_sock.o bss_acpt.o bf_nbio.o bss_cs4a.o
LIBSRC=bio_lib.c bio_cb.c bio_err.c bss_mem.c bss_null.c bss_fd.c bss_file.c bss_sock.c bss_conn.c bf_null.c bf_buff.c b_print.c b_dump.c b_sock.c bss_acpt.c bf_nbio.c bss_cs4a.c
LIBOBJ=bio_lib.o bio_cb.o bio_err.o bss_mem.o bss_null.o bss_fd.o bss_file.o bss_sock.o bss_conn.o bf_null.o bf_buff.o b_print.o b_dump.o b_sock.o bss_acpt.o bf_nbio.o
LIBSRC=bio_lib.c bio_cb.c bio_err.c bss_mem.c bss_null.c bss_fd.c bss_file.c bss_sock.c bss_conn.c bf_null.c bf_buff.c b_print.c b_dump.c b_sock.c bss_acpt.c bf_nbio.c
MAKE=make -f Makefile.ssl
MAKEDEPEND=makedepend -f Makefile.ssl
MAKEFILE=Makefile.ssl
SRC=bio_lib.c bio_cb.c bio_err.c bss_mem.c bss_null.c bss_fd.c bss_file.c bss_sock.c bss_conn.c bf_null.c bf_buff.c b_print.c b_dump.c b_sock.c bss_acpt.c bf_nbio.c bss_cs4a.c
SRC=bio_lib.c bio_cb.c bio_err.c bss_mem.c bss_null.c bss_fd.c bss_file.c bss_sock.c bss_conn.c bf_null.c bf_buff.c b_print.c b_dump.c b_sock.c bss_acpt.c bf_nbio.c
TEST=
TOP=../..
RELATIVE_DIRECTORY=
@ -821,31 +820,6 @@ SRC=pk7_lib.c pkcs7err.c pk7_doit.c
TEST=
TOP=../..
RELATIVE_DIRECTORY=
RELATIVE_DIRECTORY=crypto/proxy
ALL=Makefile proxy.c pxy_txt.c bf_proxy.c pxy_conf.c pxy_err.c proxy.h
APPS=
AR=ar r
CC=cc
CFLAG=-g
CFLAGS=-I.. -I../../include -g
DIR=proxy
ERR=proxy
ERRC=pxy_err
EXHEADER=proxy.h
GENERAL=Makefile
HEADER=proxy.h
INCLUDES=-I.. -I../../include
INSTALLTOP=/usr/local/ssl
LIB=../../libcrypto.a
LIBOBJ=proxy.o pxy_txt.o bf_proxy.o pxy_conf.o pxy_err.o
LIBSRC=proxy.c pxy_txt.c bf_proxy.c pxy_conf.c pxy_err.c
MAKE=make -f Makefile.ssl
MAKEDEPEND=makedepend -f Makefile.ssl
MAKEFILE=Makefile.ssl
SRC=proxy.c pxy_txt.c bf_proxy.c pxy_conf.c pxy_err.c
TEST=
TOP=../..
RELATIVE_DIRECTORY=
RELATIVE_DIRECTORY=crypto/comp
ALL=Makefile comp_lib.c c_rle.c c_zlib.c comp.h
APPS=
@ -872,7 +846,7 @@ TEST=
TOP=../..
RELATIVE_DIRECTORY=
RELATIVE_DIRECTORY=ssl
ALL=Makefile README s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c pxy_ssl.c ssl_err.c ssl.h ssl2.h ssl3.h ssl23.h tls1.h ssl_locl.h
ALL=Makefile README s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c ssl_err.c ssl.h ssl2.h ssl3.h ssl23.h tls1.h ssl_locl.h
APPS=
AR=ar r
CC=cc
@ -887,12 +861,12 @@ HEADER=ssl.h ssl2.h ssl3.h ssl23.h tls1.h ssl_locl.h
INCLUDES=-I../crypto -I../include
INSTALLTOP=/usr/local/ssl
LIB=../libssl.a
LIBOBJ=s2_meth.o s2_srvr.o s2_clnt.o s2_lib.o s2_enc.o s2_pkt.o s3_meth.o s3_srvr.o s3_clnt.o s3_lib.o s3_enc.o s3_pkt.o s3_both.o s23_meth.o s23_srvr.o s23_clnt.o s23_lib.o s23_pkt.o t1_meth.o t1_srvr.o t1_clnt.o t1_lib.o t1_enc.o ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o ssl_ciph.o ssl_stat.o ssl_rsa.o ssl_asn1.o ssl_txt.o ssl_algs.o bio_ssl.o pxy_ssl.o ssl_err.o
LIBSRC=s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c pxy_ssl.c ssl_err.c
LIBOBJ=s2_meth.o s2_srvr.o s2_clnt.o s2_lib.o s2_enc.o s2_pkt.o s3_meth.o s3_srvr.o s3_clnt.o s3_lib.o s3_enc.o s3_pkt.o s3_both.o s23_meth.o s23_srvr.o s23_clnt.o s23_lib.o s23_pkt.o t1_meth.o t1_srvr.o t1_clnt.o t1_lib.o t1_enc.o ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o ssl_ciph.o ssl_stat.o ssl_rsa.o ssl_asn1.o ssl_txt.o ssl_algs.o bio_ssl.o ssl_err.o
LIBSRC=s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c ssl_err.c
MAKE=make -f Makefile.ssl
MAKEDEPEND=makedepend -f Makefile.ssl
MAKEFILE=Makefile.ssl
SRC=s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c pxy_ssl.c ssl_err.c
SRC=s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c ssl_err.c
TEST=ssltest.c
TOP=..
RELATIVE_DIRECTORY=
@ -922,7 +896,7 @@ TEST=
TOP=..
RELATIVE_DIRECTORY=
RELATIVE_DIRECTORY=apps
ALL=Makefile verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c bf_perm.c version.c sess_id.c ciphers.c apps.h progs.h s_apps.h testdsa.h testrsa.h
ALL=Makefile verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c version.c sess_id.c ciphers.c apps.h progs.h s_apps.h testdsa.h testrsa.h
A_OBJ=apps.o
A_SRC=apps.c
CC=cc
@ -935,8 +909,8 @@ EXE=ssleay
EXHEADER=
EX_LIBS=
E_EXE=verify asn1pars req dgst dh enc gendh errstr ca crl rsa dsa dsaparam x509 genrsa s_server s_client speed s_time version pkcs7 crl2pkcs7 sess_id ciphers
E_OBJ=verify.o asn1pars.o req.o dgst.o dh.o enc.o gendh.o errstr.o ca.o pkcs7.o crl2p7.o crl.o rsa.o dsa.o dsaparam.o x509.o genrsa.o s_server.o s_client.o s_ speed.o s_time.o apps.o s_cb.o s_socket.o bf_perm.o version.o sess_id.o ciphers.o
E_SRC=verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c bf_perm.c version.c sess_id.c ciphers.c
E_OBJ=verify.o asn1pars.o req.o dgst.o dh.o enc.o gendh.o errstr.o ca.o pkcs7.o crl2p7.o crl.o rsa.o dsa.o dsaparam.o x509.o genrsa.o s_server.o s_client.o speed.o s_time.o apps.o s_cb.o s_socket.o version.o sess_id.o ciphers.o
E_SRC=verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c version.c sess_id.c ciphers.c
GENERAL=Makefile
HEADER=apps.h progs.h s_apps.h testdsa.h testrsa.h
INCLUDES=-I../include
@ -950,10 +924,10 @@ PEX_LIBS=
PROGS=ssleay.c
RM=/bin/rm -f
SCRIPTS=CA.sh der_chop
SRC=verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c bf_perm.c version.c sess_id.c ciphers.c
SRC=verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c version.c sess_id.c ciphers.c
SSLEAY=ssleay
S_OBJ=s_cb.o s_socket.o bf_perm.o
S_SRC=s_cb.c s_socket.c bf_perm.c
S_OBJ=s_cb.o s_socket.o
S_SRC=s_cb.c s_socket.c
TOP=..
RELATIVE_DIRECTORY=
RELATIVE_DIRECTORY=test

34
Makefile.ssl
View File

@ -1,7 +1,7 @@
#
# Makefile for all the SSL related library routines and utilities
VERSION = 0.9.1b
PLATFORM=debug
VERSION = 0.9.1c
PLATFORM=dist
#
# make install will install:
# libraries into $INSTALLTOP/lib
@ -62,11 +62,11 @@ PLATFORM=debug
# equal 4.
# PKCS1_CHECK - pkcs1 tests.
CC= gcc
CC= cc
#CFLAG= -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DSHA1_ASM -DMD5_ASM -DRMD160_ASM
CFLAG= -DBN_DEBUG -DREF_CHECK -DCRYPTO_MDEBUG -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror
CFLAG= -O -DNOPROTO
PEX_LIBS= -L. -L.. -L../.. -L../../..
EX_LIBS= -lefence
EX_LIBS=
AR=ar r
# Set BN_ASM to bn_asm.o if you want to use the C version
@ -173,16 +173,11 @@ SHELL=/bin/sh
TOP= .
ONEDIRS=out tmp
EDIRS= times doc bugs util include certs ms shlib mt demos perl sf dep
MISC= COPYRIGHT Configure HISTORY.090 HISTORY.066 INSTALL Makefile.ssl \
Makefile \
README TODO HISTORY README.066 README.080 README.090 \
VERSION PROBLEMS MINFO makefile.one e_os.h \
MICROSOFT makevms.com config PATENTS
WDIRS= windows
LIBS= libcrypto.a libssl.a
GENERAL= Makefile
BASENAME= SSLeay
BASENAME= opentls
NAME= $(BASENAME)-$(VERSION)
TARFILE= $(NAME).tar
WTARFILE= $(NAME)-win.tar
@ -292,16 +287,13 @@ errors:
done;
tar:
@(cd ..;\
mv $(BASENAME) $(NAME); \
export STUFF; \
for i in $(MISC) $(DIRS) $(EDIRS) $(ONEDIRS) ;\
do \
STUFF="$$STUFF $(NAME)/$$i"; \
done; \
tar cf $(NAME)/$(TARFILE) $$STUFF; \
mv $(NAME) $(BASENAME) )
gzip -f $(TARFILE)
@gtar --no-recursion -cvf - \
`find * -depth -print | grep -v CVS | grep -v .cvsignore | sort` |\
tardy --user_number=0 --user_name=rse \
--group_number=0 --group_name=opentls \
--prefix=opentls-$(VERSION) - |\
gzip --best >../$(TARFILE).gz; \
ls -l ../$(TARFILE).gz
dist:
perl Configure dist

254
README
View File

@ -1,173 +1,119 @@
SSLeay 0.9.1a 06-Jul-1998
Copyright (c) 1997, Eric Young
All rights reserved.
This directory contains Eric Young's (eay@cryptsoft.com) implementation
of SSL and supporting libraries.
OpenTLS 0.9.1c 22-Dec-1998
The current version of this library is available from
ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/SSLeay-x.x.x.tar.gz
Copyright (c) 1998 The OpenTLS Project
Copyright (c) 1995-1998 Eric Young
All rights reserved.
There are patches to a number of internet applications which can be found in
ftp://ftp.psy.uq.oz.au/pub/Crypto/SSLapps/
The OpenTLS Project is a collaborative effort to develop a robust,
commercial-grade, fully featured, and Open Source toolkit implementing the
Transport Layer Security (TLS v1) and Secure Sockets Layer (SSL v2/v3)
protocols with full-strength cryptography world-wide. The project is managed
by a worldwide community of volunteers that use the Internet to communicate,
plan, and develop the OpenTLS tookit and its related documentation.
A Web page containing the SSLeay FAQ written by Tim Hudson <tjh@cryptsoft.com>
can be found at
http://www.psy.uq.oz.au/~ftp/Crypto
OpenTLS is based on the excellent SSLeay library developed from Eric A. Young
and Tim J. Hudson. The OpenTLS toolkit is licensed under a BSD-style licence,
which basically means that you are free to get and use it for commercial and
non-commercial purposes.
Additional documentation is being slowly written by Eric Young, and is being
added to http://www.cryptsoft.com/ssleay/doc. It will normally also be
available on http://www.psy.uq.oz.au/~ftp/Crypto/ssleay
The package includes:
This Library and programs are FREE for commercial and non-commercial
usage. The only restriction is that I must be attributed with the
development of this code. See the COPYRIGHT file for more details.
Donations would still be accepted :-).
libssl.a:
Implementation of SSLv2, SSLv3, TLSv1 and the required code to support
both SSLv2, SSLv3 and TLSv1 in the one server.
THIS LIBRARY IS NOT %100 COMPATABLE WITH SSLeay 0.6.6
libcrypto.a:
General encryption and X.509 stuff needed by TLS/SSL but not actually
logically part of it. It includes routines for the following:
The package includes
Ciphers
libdes - EAY's libdes DES encryption package which has been floating
around the net for a few years. It includes 15
'modes/variations' of DES (1, 2 and 3 key versions of ecb,
cbc, cfb and ofb; pcbc and a more general form of cfb and
ofb) including desx in cbc mode, a fast crypt(3), and
routines to read passwords from the keyboard.
RC4 encryption,
RC2 encryption - 4 different modes, ecb, cbc, cfb and ofb.
Blowfish encryption - 4 different modes, ecb, cbc, cfb and ofb.
IDEA encryption - 4 different modes, ecb, cbc, cfb and ofb.
libssl.a:
My implementation of SSLv2, SSLv3 and the required code to support
both SSLv2 and SSLv3 in the one server.
Digests
MD5 and MD2 message digest algorithms, fast implementations,
SHA (SHA-0) and SHA-1 message digest algorithms,
MDC2 message digest. A DES based hash that is polular on smart cards.
libcrypto.a:
General encryption and X509 stuff needed by SSL but not
actually logically part of it. It includes routines for the following:
Public Key
RSA encryption/decryption/generation.
There is no limit on the number of bits.
DSA encryption/decryption/generation.
There is no limit on the number of bits.
Diffie-Hellman key-exchange/key generation.
There is no limit on the number of bits.
Ciphers
libdes - My libdes DES encryption package which has been floating
around the net for a few years. It includes 15
'modes/variations' of DES (1, 2 and 3 key versions of ecb,
cbc, cfb and ofb; pcbc and a more general form of cfb and ofb)
including desx in cbc mode,
a fast crypt(3), and routines to read passwords from the
keyboard.
RC4 encryption,
RC2 encryption - 4 different modes, ecb, cbc, cfb and ofb.
Blowfish encryption - 4 different modes, ecb, cbc, cfb and ofb.
IDEA encryption - 4 different modes, ecb, cbc, cfb and ofb.
X.509v3 certificates
X509 encoding/decoding into/from binary ASN1 and a PEM
based ascii-binary encoding which supports encryption with a
private key. Program to generate RSA and DSA certificate
requests and to generate RSA and DSA certificates.
Digests
MD5 and MD2 message digest algorithms, fast implementations,
SHA (SHA-0) and SHA-1 message digest algorithms,
MDC2 message digest. A DES based hash that is polular on smart cards.
Systems
The normal digital envelope routines and base64 encoding. Higher
level access to ciphers and digests by name. New ciphers can be
loaded at run time. The BIO io system which is a simple non-blocking
IO abstraction. Current methods supported are file descriptors,
sockets, socket accept, socket connect, memory buffer, buffering, SSL
client/server, file pointer, encryption, digest, non-blocking testing
and null.
Public Key
RSA encryption/decryption/generation. There is no limit
on the number of bits.
DSA encryption/decryption/generation. There is no limit on the
number of bits.
Diffie-Hellman key-exchange/key generation. There is no limit
on the number of bits.
Data structures
A dynamically growing hashing system
A simple stack.
A Configuration loader that uses a format similar to MS .ini files.
X509v3 certificates
X509 encoding/decoding into/from binary ASN1 and a PEM
based ascii-binary encoding which supports encryption with
a private key.
Program to generate RSA and DSA certificate requests and to
generate RSA and DSA certificates.
Systems
The normal digital envelope routines and base64 encoding.
Higher level access to ciphers and digests by name. New ciphers can be
loaded at run time.
The BIO io system which is a simple non-blocking IO abstraction.
Current methods supported are file descriptors, sockets,
socket accept, socket connect, memory buffer, buffering,
SSL client/server, file pointer, encryption, digest,
non-blocking testing and null.
Data structures
A dynamically growing hashing system
A simple stack.
A Configuration loader that uses a format similar to MS .ini files.
Programs in this package include
enc - a general encryption program that can encrypt/decrypt using
one of 17 different cipher/mode combinations. The
input/output can also be converted to/from base64
ascii encoding.
dgst - a generate message digesting program that will generate
message digests for any of md2, md5, sha (sha-0 or sha-1)
or mdc2.
asn1parse - parse and display the structure of an asn1 encoded
binary file.
rsa - Manipulate RSA private keys.
dsa - Manipulate DSA private keys.
dh - Manipulate Diffie-Hellman parameter files.
dsaparam- Manipulate and generate DSA parameter files.
crl - Manipulate certificate revocation lists.
crt2pkcs7- Generate a pkcs7 object containing a crl and a certificate.
x509 - Manipulate x509 certificates, self-sign certificates.
req - Manipulate PKCS#10 certificate requests and also
generate certificate requests.
genrsa - Generates an arbitrary sized RSA private key.
gendh - Generates a set of Diffie-Hellman parameters, the prime
will be a strong prime.
ca - Create certificates from PKCS#10 certificate requests.
This program also maintains a database of certificates
issued.
verify - Check x509 certificate signatures.
speed - Benchmark SSLeay's ciphers.
s_server- A test SSL server.
s_client- A test SSL client.
s_time - Benchmark SSL performance of SSL server programs.
errstr - Convert from SSLeay hex error codes to a readable form.
Documents avaliable are
A Postscript and html reference manual
(written by Tim Hudson tjh@cryptsoft.com).
A list of text protocol references I used.
An initial version of the library manual.
Programs in this package include:
enc - a general encryption program that can encrypt/decrypt using
one of 17 different cipher/mode combinations. The
input/output can also be converted to/from base64
ascii encoding.
dgst - a generate message digesting program that will generate
message digests for any of md2, md5, sha (sha-0 or sha-1)
or mdc2.
asn1parse - parse and display the structure of an asn1 encoded
binary file.
rsa - Manipulate RSA private keys.
dsa - Manipulate DSA private keys.
dh - Manipulate Diffie-Hellman parameter files.
dsaparam- Manipulate and generate DSA parameter files.
crl - Manipulate certificate revocation lists.
crt2pkcs7- Generate a pkcs7 object containing a crl and a certificate.
x509 - Manipulate x509 certificates, self-sign certificates.
req - Manipulate PKCS#10 certificate requests and also
generate certificate requests.
genrsa - Generates an arbitrary sized RSA private key.
gendh - Generates a set of Diffie-Hellman parameters, the prime
will be a strong prime.
ca - Create certificates from PKCS#10 certificate requests.
This program also maintains a database of certificates
issued.
verify - Check x509 certificate signatures.
speed - Benchmark SSLeay's ciphers.
s_server- A test SSL server.
s_client- A test SSL client.
s_time - Benchmark SSL performance of SSL server programs.
errstr - Convert from SSLeay hex error codes to a readable form.
To install this package, read the INSTALL file.
For the Microsoft word, read MICROSOFT
This library has been compiled and tested on Solaris 2.[34] (sparc and x86),
SunOS 4.1.3, DGUX, OSF1 Alpha, HPUX 9, AIX 3.5(?), IRIX 5.[23],
LINUX, NeXT (intel), linux, Windows NT, Windows 3.1, MSDOS 6.22.
For the Microsoft world, read INSTALL.W32 file.
Multithreading has been tested under Windows NT and Solaris 2.5.1
For people in the USA, it is possible to compile SSLeay to use RSA Inc.'s
public key library, RSAref. From my understanding, it is claimed by RSA Inc.
to be illegal to use my public key routines inside the USA. Read
doc/rsaref.doc on how to build with RSAref.
Due to time constraints, the current release has only be rigorously tested
on Solaris 2.[45], Linux and Windows NT.
For people in the USA, it is possible to compile SSLeay to use RSA
Inc.'s public key library, RSAref. From my understanding, it is
claimed by RSA Inc. to be illegal to use my public key routines inside the USA.
Read doc/rsaref.doc on how to build with RSAref.
Read the documentation in the doc directory. It is quite rough,
but it lists the functions, you will probably have to look at
the code to work out how to used them. I will be working on
documentation. Look at the example programs.
There should be a SSL reference manual which is being put together by
Tim Hudson (tjh@cryptsoft.com) in the same location as this
distribution. This contains a lot more information that is very
useful. For a description of X509 Certificates, their use, and
certification, read rfc1421, rfc1422, rfc1423 and rfc1424. ssl/README
also goes over the mechanism.
We have setup some mailing lists for use by people that are interested
in helping develop this code and/or ask questions.
ssl-bugs@mincom.oz.au
ssl-users@mincom.oz.au
ssl-bugs-request@mincom.oz.au
ssl-users-request@mincom.oz.au
I have recently read about a new form of software, that which is in
a permanent state of beta release. Linux and Netscape are 2 good
examples of this, and I would also add SSLeay to this category.
The Current stable release is 0.6.6. It has a few minor problems.
0.8.0 is not call compatable so make sure you have the correct version
of SSLeay to link with.
eric (Jun 1997)
Eric Young (eay@cryptsoft.com)
86 Taunton St.
Annerley 4103.
Australia.
Read the documentation in the doc directory. It is quite rough, but it lists
the functions, you will probably have to look at the code to work out how to
used them. I will be working on documentation. Look at the example programs.

27
README.066
View File

@ -1,27 +0,0 @@
SSLeay 0.6.6 13-Jan-1997
The main additions are
- assember for x86 DES improvments.
From 191,000 per second on a pentium 100, I now get 281,000. The inner
loop and the IP/FP modifications are from
Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>. Many thanks for his
contribution.
- The 'DES macros' introduced in 0.6.5 now have 3 types.
DES_PTR1, DES_PTR2 and 'normal'. As per before, des_opts reports which
is best and there is a summery of mine in crypto/des/options.txt
- A few bug fixes.
- Added blowfish. It is not used by SSL but all the other stuff that
deals with ciphers can use it in either ecb, cbc, cfb64 or ofb64 modes.
There are 3 options for optimising Blowfish. BF_PTR, BF_PTR2 and 'normal'.
BF_PTR2 is pentium/x86 specific. The correct option is setup in
the 'Configure' script.
- There is now a 'get client certificate' callback which can be
'non-blocking'. If more details are required, let me know. It will
documented more in SSLv3 when I finish it.
- Bug fixes from 0.6.5 including the infamous 'ca' bug. The 'make test'
now tests the ca program.
- Lots of little things modified and tweaked.
eric

147
README.080
View File

@ -1,147 +0,0 @@
This version of SSLeay has quite a lot of things different from the
previous version.
Basically check all callback parameters, I will be producing documentation
about how to use things in th future. Currently I'm just getting 080 out
the door. Please not that there are several ways to do everything, and
most of the applications in the apps directory are hybrids, some using old
methods and some using new methods.
Have a look in demos/bio for some very simple programs and
apps/s_client.c and apps/s_server.c for some more advanced versions.
Notes are definitly needed but they are a week or so away.
Anyway, some quick nots from Tim Hudson (tjh@cryptsoft.com)
---
Quick porting notes for moving from SSLeay-0.6.x to SSLeay-0.8.x to
get those people that want to move to using the new code base off to
a quick start.
Note that Eric has tidied up a lot of the areas of the API that were
less than desirable and renamed quite a few things (as he had to break
the API in lots of places anyrate). There are a whole pile of additional
functions for making dealing with (and creating) certificates a lot
cleaner.
01-Jul-97
Tim Hudson
tjh@cryptsoft.com
---8<---
To maintain code that uses both SSLeay-0.6.x and SSLeay-0.8.x you could
use something like the following (assuming you #include "crypto.h" which
is something that you really should be doing).
#if SSLEAY_VERSION_NUMBER >= 0x0800
#define SSLEAY8
#endif
buffer.h -> splits into buffer.h and bio.h so you need to include bio.h
too if you are working with BIO internal stuff (as distinct
from simply using the interface in an opaque manner)
#include "bio.h" - required along with "buffer.h" if you write
your own BIO routines as the buffer and bio
stuff that was intermixed has been separated
out
envelope.h -> evp.h (which should have been done ages ago)
Initialisation ... don't forget these or you end up with code that
is missing the bits required to do useful things (like ciphers):
SSLeay_add_ssl_algorithms()
(probably also want SSL_load_error_strings() too but you should have
already had that call in place)
SSL_CTX_new() - requires an extra method parameter
SSL_CTX_new(SSLv23_method())
SSL_CTX_new(SSLv2_method())
SSL_CTX_new(SSLv3_method())
OR to only have the server or the client code
SSL_CTX_new(SSLv23_server_method())
SSL_CTX_new(SSLv2_server_method())
SSL_CTX_new(SSLv3_server_method())
or
SSL_CTX_new(SSLv23_client_method())
SSL_CTX_new(SSLv2_client_method())
SSL_CTX_new(SSLv3_client_method())
SSL_set_default_verify_paths() ... renamed to the more appropriate
SSL_CTX_set_default_verify_paths()
If you want to use client certificates then you have to add in a bit
of extra stuff in that a SSLv3 server sends a list of those CAs that
it will accept certificates from ... so you have to provide a list to
SSLeay otherwise certain browsers will not send client certs.
SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(s_cert_file));
X509_NAME_oneline(X) -> X509_NAME_oneline(X,NULL,0)
or provide a buffer and size to copy the
result into
X509_add_cert -> X509_STORE_add_cert (and you might want to read the
notes on X509_NAME structure changes too)
VERIFICATION CODE
=================
The codes have all be renamed from VERIFY_ERR_* to X509_V_ERR_* to
more accurately reflect things.
The verification callback args are now packaged differently so that
extra fields for verification can be added easily in future without
having to break things by adding extra parameters each release :-)
X509_cert_verify_error_string -> X509_verify_cert_error_string
BIO INTERNALS
=============
Eric has fixed things so that extra flags can be introduced in
the BIO layer in future without having to play with all the BIO
modules by adding in some macros.
The ugly stuff using
b->flags ~= (BIO_FLAGS_RW|BIO_FLAGS_SHOULD_RETRY)
becomes
BIO_clear_retry_flags(b)
b->flags |= (BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY)
becomes
BIO_set_retry_read(b)
Also ... BIO_get_retry_flags(b), BIO_set_flags(b)
OTHER THINGS
============
X509_NAME has been altered so that it isn't just a STACK ... the STACK
is now in the "entries" field ... and there are a pile of nice functions
for getting at the details in a much cleaner manner.
SSL_CTX has been altered ... "cert" is no longer a direct member of this
structure ... things are now down under "cert_store" (see x509_vfy.h) and
things are no longer in a CERTIFICATE_CTX but instead in a X509_STORE.
If your code "knows" about this level of detail then it will need some
surgery.
If you depending on the incorrect spelling of a number of the error codes
then you will have to change your code as these have been fixed.
ENV_CIPHER "type" got renamed to "nid" and as that is what it actually
has been all along so this makes things clearer.
ify_cert_error_string(ctx->error));
SSL_R_NO_CIPHER_WE_TRUST -> SSL_R_NO_CIPHER_LIST
and SSL_R_REUSE_CIPHER_LIST_NOT_ZERO

8
README.090
View File

@ -1,8 +0,0 @@
10-Apr-1998
I said the next version would go out at easter, and so it shall.
I expect a 0.9.1 will follow with portability fixes in the next few weeks.
This is a quick, meet the deadline. Look to ssl-users for comments on what
is new etc.
eric (about to go bushwalking for the 4 day easter break :-)

0
PATENTS → README.PATENTS
View File

0
PROBLEMS → README.PROBLEMS
View File

28
TODO
View File

@ -1,28 +0,0 @@
- The loading of the netscape RC4 encrypted key is a crock of pig pellets.
It will be reworked along with a nice general mechanism for encrypting
ASN.1 stuff. [ Jun 96 ] I've cleaned up private keys internally but
still have not done PKCS#8 support.
- Winsock support in s_client/s_server for windows nt/3.1 is a crock.
I will probably not get this fixed for a while, it is just there so
I could test things.
- Be able to generate DSS certificates.
- Add CRL to the X509 verification stuff, this will probably be added with
SSLv3.
+ X509 callback. I need to callback the application to retrieve certificates
and CRL.
*<- designates the things I'm activly working on.
+<- designates that which I have next in the queue.
====
X509v3 extensions
verify certificate chains
X509 cert lookup methods
RSA/DSA/DH methods mostly for smart cards
dsa cert generation

24
VERSION
View File

@ -1,24 +0,0 @@
SSLeay 0.8.1
- Mostly bug fixes. There is an Ephemeral DH cipher problem which
is fixed.
SSLeay 0.8.0
- New release, for those that are wondering what happend to
0.7.x, call it our internal development version :-)
- There have been lots of changes, mostly the addition of SSLv3.
- There have been many additions from people and amongst
others, C2Net has assisted greatly.
SSLeay 0.6.6
SSLeay 0.8.0 is not upward compatable with SSLeay 0.6.6, so
if your application requires 0.6.6, use it. There have been
lots of bug fixes to 0.8.x that have not been applied to 0.6.6
so use 0.8.0+ in preference.
PORTING 0.6.6 to 0.8.0
I'll be documenting this over the next few weeks but as
pressures have been increasing for making SSLv3 support
available I'm shipping it without this documentation as I
basically have not had time to write it (too busy earning a
living :-)

1
apps/.cvsignore Normal file
View File

@ -0,0 +1 @@
ssleay

2
apps/asn1pars.c
View File

@ -57,7 +57,7 @@
*/
/* A nice addition from Dr Stephen Henson <shenson@bigfoot.com> to
* add the -strparse option which parses nested binarary structures
* add the -strparse option which parses nested binary structures
*/
#include <stdio.h>

5
apps/f
View File

@ -1,5 +0,0 @@
586
2481
1400
2064

1
crypto/.cvsignore Normal file
View File

@ -0,0 +1 @@
lib

2
crypto/Makefile.ssl
View File

@ -54,7 +54,7 @@ top:
all: date.h lib subdirs
date.h: ../Makefile.ssl ../VERSION
date.h: ../Makefile.ssl
echo "#define DATE \"`date`\"" >date.h
subdirs:

1
crypto/asn1/.cvsignore Normal file
View File

@ -0,0 +1 @@
lib

2
crypto/asn1/asn1_lib.c
View File

@ -69,7 +69,7 @@ static int asn1_get_length();
static void asn1_put_length();
#endif
char *ASN1_version="ASN1 part of SSLeay 0.9.1a 06-Jul-1998";
char *ASN1_version="ASN.1 part of SSLeay 0.9.1c 22-Dec-1998";
int ASN1_check_infinite_end(p,len)
unsigned char **p;

1
crypto/bf/.cvsignore Normal file
View File

@ -0,0 +1 @@
lib

2
crypto/bf/bf_ecb.c
View File

@ -64,7 +64,7 @@
* CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993)
*/
char *BF_version="BlowFish part of SSLeay 0.9.1a 06-Jul-1998";
char *BF_version="BlowFish part of SSLeay 0.9.1c 22-Dec-1998";
char *BF_options()
{

1
crypto/bio/.cvsignore Normal file
View File

@ -0,0 +1 @@
lib

23
crypto/bio/bio.err
View File

@ -19,9 +19,8 @@
#define BIO_F_CONN_STATE 115
#define BIO_F_FILE_CTRL 116
#define BIO_F_MEM_WRITE 117
#define BIO_F_SOCKS4A_STATE 118
#define BIO_F_SSL_NEW 119
#define BIO_F_WSASTARTUP 120
#define BIO_F_SSL_NEW 118
#define BIO_F_WSASTARTUP 119
/* Reason codes. */
#define BIO_R_ACCEPT_ERROR 100
@ -40,14 +39,10 @@
#define BIO_R_NO_PORT_DEFINED 113
#define BIO_R_NO_PORT_SPECIFIED 114
#define BIO_R_NULL_PARAMETER 115
#define BIO_R_SOCKS_ID_AND_IDENT_DID_NOT_MATCH 116
#define BIO_R_SOCKS_REJECTED_CONNECTION 117
#define BIO_R_SOCKS_UNABLE_TO_TALK_TO_IDENT_SERVER 118
#define BIO_R_SOCKS_UNKNOWN_ERROR 119
#define BIO_R_TAG_MISMATCH 120
#define BIO_R_UNABLE_TO_BIND_SOCKET 121
#define BIO_R_UNABLE_TO_CREATE_SOCKET 122
#define BIO_R_UNABLE_TO_LISTEN_SOCKET 123
#define BIO_R_UNINITALISED 124
#define BIO_R_UNSUPPORTED_METHOD 125
#define BIO_R_WSASTARTUP 126
#define BIO_R_TAG_MISMATCH 116
#define BIO_R_UNABLE_TO_BIND_SOCKET 117
#define BIO_R_UNABLE_TO_CREATE_SOCKET 118
#define BIO_R_UNABLE_TO_LISTEN_SOCKET 119
#define BIO_R_UNINITALISED 120
#define BIO_R_UNSUPPORTED_METHOD 121
#define BIO_R_WSASTARTUP 122

22
crypto/bio/bio.h
View File

@ -683,8 +683,8 @@ int BIO_printf();
#define BIO_F_CONN_STATE 115
#define BIO_F_FILE_CTRL 116
#define BIO_F_MEM_WRITE 117
#define BIO_F_SSL_NEW 119
#define BIO_F_WSASTARTUP 120
#define BIO_F_SSL_NEW 118
#define BIO_F_WSASTARTUP 119
/* Reason codes. */
#define BIO_R_ACCEPT_ERROR 100
@ -703,17 +703,13 @@ int BIO_printf();
#define BIO_R_NO_PORT_DEFINED 113
#define BIO_R_NO_PORT_SPECIFIED 114
#define BIO_R_NULL_PARAMETER 115
#define BIO_R_SOCKS_ID_AND_IDENT_DID_NOT_MATCH 116
#define BIO_R_SOCKS_REJECTED_CONNECTION 117
#define BIO_R_SOCKS_UNABLE_TO_TALK_TO_IDENT_SERVER 118
#define BIO_R_SOCKS_UNKNOWN_ERROR 119
#define BIO_R_TAG_MISMATCH 120
#define BIO_R_UNABLE_TO_BIND_SOCKET 121
#define BIO_R_UNABLE_TO_CREATE_SOCKET 122
#define BIO_R_UNABLE_TO_LISTEN_SOCKET 123
#define BIO_R_UNINITALISED 124
#define BIO_R_UNSUPPORTED_METHOD 125
#define BIO_R_WSASTARTUP 126
#define BIO_R_TAG_MISMATCH 116
#define BIO_R_UNABLE_TO_BIND_SOCKET 117
#define BIO_R_UNABLE_TO_CREATE_SOCKET 118
#define BIO_R_UNABLE_TO_LISTEN_SOCKET 119
#define BIO_R_UNINITALISED 120
#define BIO_R_UNSUPPORTED_METHOD 121
#define BIO_R_WSASTARTUP 122
#ifdef __cplusplus
}

5
crypto/bio/bio_err.c
View File

@ -81,7 +81,6 @@ static ERR_STRING_DATA BIO_str_functs[]=
{ERR_PACK(0,BIO_F_CONN_STATE,0), "CONN_STATE"},
{ERR_PACK(0,BIO_F_FILE_CTRL,0), "FILE_CTRL"},
{ERR_PACK(0,BIO_F_MEM_WRITE,0), "MEM_WRITE"},
{ERR_PACK(0,BIO_F_SOCKS4A_STATE,0), "SOCKS4A_STATE"},
{ERR_PACK(0,BIO_F_SSL_NEW,0), "SSL_NEW"},
{ERR_PACK(0,BIO_F_WSASTARTUP,0), "WSASTARTUP"},
{0,NULL},
@ -105,10 +104,6 @@ static ERR_STRING_DATA BIO_str_reasons[]=
{BIO_R_NO_PORT_DEFINED ,"no port defined"},
{BIO_R_NO_PORT_SPECIFIED ,"no port specified"},
{BIO_R_NULL_PARAMETER ,"null parameter"},
{BIO_R_SOCKS_ID_AND_IDENT_DID_NOT_MATCH ,"socks id and ident did not match"},
{BIO_R_SOCKS_REJECTED_CONNECTION ,"socks rejected connection"},
{BIO_R_SOCKS_UNABLE_TO_TALK_TO_IDENT_SERVER,"socks unable to talk to ident server"},
{BIO_R_SOCKS_UNKNOWN_ERROR ,"socks unknown error"},
{BIO_R_TAG_MISMATCH ,"tag mismatch"},
{BIO_R_UNABLE_TO_BIND_SOCKET ,"unable to bind socket"},
{BIO_R_UNABLE_TO_CREATE_SOCKET ,"unable to create socket"},

1
crypto/bn/.cvsignore Normal file
View File

@ -0,0 +1 @@
lib

12
crypto/bn/asm/......add.c
View File

@ -1,12 +0,0 @@
#include <stdio.h>
{
unsigned long a[10],b[10],c[10];
a[0]=0xFFFFFFFF;
a[1]=0xFFFFFFFF;
b[0]=0xFFFFFFFF;
b[1]=0xFFFFFFFF;
c[2]=bn_add_words(c,a,b,2);
printf("%08X %08X %08X\n",c[2],c[1],c[0]);
}

BIN
crypto/bn/asm/a.out
View File

Binary file not shown.

26
crypto/bn/bn.err
View File

@ -5,18 +5,20 @@
#define BN_F_BN_BLINDING_INVERT 101
#define BN_F_BN_BLINDING_NEW 102
#define BN_F_BN_BLINDING_UPDATE 103
#define BN_F_BN_BN2DEC 104
#define BN_F_BN_BN2HEX 105
#define BN_F_BN_CTX_NEW 106
#define BN_F_BN_DIV 107
#define BN_F_BN_EXPAND2 108
#define BN_F_BN_MOD_EXP_MONT 109
#define BN_F_BN_MOD_INVERSE 110
#define BN_F_BN_MOD_MUL_RECIPROCAL 111
#define BN_F_BN_MPI2BN 112
#define BN_F_BN_NEW 113
#define BN_F_BN_RAND 114
#define BN_F_BN_USUB 115
#define BN_F_BN_BL_CTX_INIT 104
#define BN_F_BN_BL_CTX_NEW 105
#define BN_F_BN_BN2DEC 106
#define BN_F_BN_BN2HEX 107
#define BN_F_BN_CTX_NEW 108
#define BN_F_BN_DIV 109
#define BN_F_BN_EXPAND2 110
#define BN_F_BN_MOD_EXP_MONT 111
#define BN_F_BN_MOD_INVERSE 112
#define BN_F_BN_MOD_MUL_RECIPROCAL 113
#define BN_F_BN_MPI2BN 114
#define BN_F_BN_NEW 115
#define BN_F_BN_RAND 116
#define BN_F_BN_USUB 117
/* Reason codes. */
#define BN_R_ARG2_LT_ARG3 100

28
crypto/bn/bn.h
View File

@ -79,7 +79,7 @@ extern "C" {
#define BN_MUL_COMBA
#define BN_SQR_COMBA
#undef BN_RECURSION
#define BN_RECURSION
#define RECP_MUL_MOD
#define MONT_MUL_MOD
@ -566,18 +566,20 @@ int BN_div_recp();
#define BN_F_BN_BLINDING_INVERT 101
#define BN_F_BN_BLINDING_NEW 102
#define BN_F_BN_BLINDING_UPDATE 103
#define BN_F_BN_BN2DEC 104
#define BN_F_BN_BN2HEX 105
#define BN_F_BN_CTX_NEW 106
#define BN_F_BN_DIV 107
#define BN_F_BN_EXPAND2 108
#define BN_F_BN_MOD_EXP_MONT 109
#define BN_F_BN_MOD_INVERSE 110
#define BN_F_BN_MOD_MUL_RECIPROCAL 111
#define BN_F_BN_MPI2BN 112
#define BN_F_BN_NEW 113
#define BN_F_BN_RAND 114
#define BN_F_BN_USUB 115
#define BN_F_BN_BL_CTX_INIT 104
#define BN_F_BN_BL_CTX_NEW 105
#define BN_F_BN_BN2DEC 106
#define BN_F_BN_BN2HEX 107
#define BN_F_BN_CTX_NEW 108
#define BN_F_BN_DIV 109
#define BN_F_BN_EXPAND2 110
#define BN_F_BN_MOD_EXP_MONT 111
#define BN_F_BN_MOD_INVERSE 112
#define BN_F_BN_MOD_MUL_RECIPROCAL 113
#define BN_F_BN_MPI2BN 114
#define BN_F_BN_NEW 115
#define BN_F_BN_RAND 116
#define BN_F_BN_USUB 117
/* Reason codes. */
#define BN_R_ARG2_LT_ARG3 100

26
crypto/bn/bn.org
View File

@ -566,18 +566,20 @@ int BN_div_recp();
#define BN_F_BN_BLINDING_INVERT 101
#define BN_F_BN_BLINDING_NEW 102
#define BN_F_BN_BLINDING_UPDATE 103
#define BN_F_BN_BN2DEC 104
#define BN_F_BN_BN2HEX 105
#define BN_F_BN_CTX_NEW 106
#define BN_F_BN_DIV 107
#define BN_F_BN_EXPAND2 108
#define BN_F_BN_MOD_EXP_MONT 109
#define BN_F_BN_MOD_INVERSE 110
#define BN_F_BN_MOD_MUL_RECIPROCAL 111
#define BN_F_BN_MPI2BN 112
#define BN_F_BN_NEW 113
#define BN_F_BN_RAND 114
#define BN_F_BN_USUB 115
#define BN_F_BN_BL_CTX_INIT 104
#define BN_F_BN_BL_CTX_NEW 105
#define BN_F_BN_BN2DEC 106
#define BN_F_BN_BN2HEX 107
#define BN_F_BN_CTX_NEW 108
#define BN_F_BN_DIV 109
#define BN_F_BN_EXPAND2 110
#define BN_F_BN_MOD_EXP_MONT 111
#define BN_F_BN_MOD_INVERSE 112
#define BN_F_BN_MOD_MUL_RECIPROCAL 113
#define BN_F_BN_MPI2BN 114
#define BN_F_BN_NEW 115
#define BN_F_BN_RAND 116
#define BN_F_BN_USUB 117
/* Reason codes. */
#define BN_R_ARG2_LT_ARG3 100

2
crypto/bn/bn_err.c
View File

@ -67,6 +67,8 @@ static ERR_STRING_DATA BN_str_functs[]=
{ERR_PACK(0,BN_F_BN_BLINDING_INVERT,0), "BN_BLINDING_invert"},
{ERR_PACK(0,BN_F_BN_BLINDING_NEW,0), "BN_BLINDING_new"},
{ERR_PACK(0,BN_F_BN_BLINDING_UPDATE,0), "BN_BLINDING_update"},
{ERR_PACK(0,BN_F_BN_BL_CTX_INIT,0), "BN_BL_CTX_INIT"},
{ERR_PACK(0,BN_F_BN_BL_CTX_NEW,0), "BN_BL_CTX_NEW"},
{ERR_PACK(0,BN_F_BN_BN2DEC,0), "BN_bn2dec"},
{ERR_PACK(0,BN_F_BN_BN2HEX,0), "BN_bn2hex"},
{ERR_PACK(0,BN_F_BN_CTX_NEW,0), "BN_CTX_new"},

2
crypto/bn/bn_lib.c
View File

@ -60,7 +60,7 @@
#include "cryptlib.h"
#include "bn_lcl.h"
char *BN_version="Big Number part of SSLeay 0.9.1a 06-Jul-1998";
char *BN_version="Big Number part of SSLeay 0.9.1c 22-Dec-1998";
/* For a 32 bit machine
* 2 - 4 == 128

2
crypto/bn/bn_mont.c
View File

@ -235,7 +235,7 @@ printf("number BN_from_montgomery\n");
/* hmm... if a is between i and 2*i, things are bad */
if (a->top > i)
{
j=bn_add_words(ret->d,ret->d,&(a->d[i]),i);
j=(int)(bn_add_words(ret->d,ret->d,&(a->d[i]),i));
if (j) /* overflow */
bn_sub_words(ret->d,ret->d,mont->N.d,i);
}

34
crypto/bn/bn_mul.c
View File

@ -176,16 +176,16 @@ printf(" bn_mul_recursive %d * %d\n",n2,n2);
* r[32] holds (b[1]*b[1])
*/
c1=bn_add_words(t,r,&(r[n2]),n2);
c1=(int)(bn_add_words(t,r,&(r[n2]),n2));
if (neg) /* if t[32] is negative */
{
c1-=bn_sub_words(&(t[n2]),t,&(t[n2]),n2);
c1-=(int)(bn_sub_words(&(t[n2]),t,&(t[n2]),n2));
}
else
{
/* Might have a carry */
c1+=bn_add_words(&(t[n2]),&(t[n2]),t,n2);
c1+=(int)(bn_add_words(&(t[n2]),&(t[n2]),t,n2));
}
/* t[32] holds (a[0]-a[1])*(b[1]-b[0])+(a[0]*b[0])+(a[1]*b[1])
@ -193,7 +193,7 @@ printf(" bn_mul_recursive %d * %d\n",n2,n2);
* r[32] holds (b[1]*b[1])
* c1 holds the carry bits
*/
c1+=bn_add_words(&(r[n]),&(r[n]),&(t[n2]),n2);
c1+=(int)(bn_add_words(&(r[n]),&(r[n]),&(t[n2]),n2));
if (c1)
{
p= &(r[n+n2]);
@ -311,15 +311,15 @@ printf(" bn_mul_part_recursive %d * %d\n",tn+n,tn+n);
* r[32] holds (b[1]*b[1])
*/
c1=bn_add_words(t,r,&(r[n2]),n2);
c1-=bn_sub_words(&(t[n2]),t,&(t[n2]),n2);
c1=(int)(bn_add_words(t,r,&(r[n2]),n2));
c1-=(int)(bn_sub_words(&(t[n2]),t,&(t[n2]),n2));
/* t[32] holds (a[0]-a[1])*(b[1]-b[0])+(a[0]*b[0])+(a[1]*b[1])
* r[10] holds (a[0]*b[0])
* r[32] holds (b[1]*b[1])
* c1 holds the carry bits
*/
c1+=bn_add_words(&(r[n]),&(r[n]),&(t[n2]),n2);
c1+=(int)(bn_add_words(&(r[n]),&(r[n]),&(t[n2]),n2));
if (c1)
{
p= &(r[n+n2]);
@ -454,7 +454,7 @@ printf(" bn_mul_high %d * %d\n",n2,n2);
if (l != NULL)
{
lp= &(t[n2+n]);
c1=bn_add_words(lp,&(r[0]),&(l[0]),n);
c1=(int)(bn_add_words(lp,&(r[0]),&(l[0]),n));
}
else
{
@ -463,7 +463,7 @@ printf(" bn_mul_high %d * %d\n",n2,n2);
}
if (neg)
neg=bn_sub_words(&(t[n2]),lp,&(t[0]),n);
neg=(int)(bn_sub_words(&(t[n2]),lp,&(t[0]),n));
else
{
bn_add_words(&(t[n2]),lp,&(t[0]),n);
@ -498,25 +498,25 @@ printf(" bn_mul_high %d * %d\n",n2,n2);
if (l != NULL)
{
lp= &(t[n2]);
c1= bn_add_words(lp,&(t[n2+n]),&(l[0]),n);
c1= (int)(bn_add_words(lp,&(t[n2+n]),&(l[0]),n));
}
else
{
lp= &(t[n2+n]);
c1=0;
}
c1+=bn_add_words(&(t[n2]),lp, &(r[0]),n);
c1+=(int)(bn_add_words(&(t[n2]),lp, &(r[0]),n));
if (oneg)
c1-=bn_sub_words(&(t[n2]),&(t[n2]),&(t[0]),n);
c1-=(int)(bn_sub_words(&(t[n2]),&(t[n2]),&(t[0]),n));
else
c1+=bn_add_words(&(t[n2]),&(t[n2]),&(t[0]),n);
c1+=(int)(bn_add_words(&(t[n2]),&(t[n2]),&(t[0]),n));
c2 =bn_add_words(&(r[0]),&(r[0]),&(t[n2+n]),n);
c2+=bn_add_words(&(r[0]),&(r[0]),&(r[n]),n);
c2 =(int)(bn_add_words(&(r[0]),&(r[0]),&(t[n2+n]),n));
c2+=(int)(bn_add_words(&(r[0]),&(r[0]),&(r[n]),n));
if (oneg)
c2-=bn_sub_words(&(r[0]),&(r[0]),&(t[n]),n);
c2-=(int)(bn_sub_words(&(r[0]),&(r[0]),&(t[n]),n));
else
c2+=bn_add_words(&(r[0]),&(r[0]),&(t[n]),n);
c2+=(int)(bn_add_words(&(r[0]),&(r[0]),&(t[n]),n));
if (c1 != 0) /* Add starting at r[0], could be +ve or -ve */
{

6
crypto/bn/bn_sqr.c
View File

@ -241,17 +241,17 @@ printf(" bn_sqr_recursive %d * %d\n",n2,n2);
* r[32] holds (b[1]*b[1])
*/
c1=bn_add_words(t,r,&(r[n2]),n2);
c1=(int)(bn_add_words(t,r,&(r[n2]),n2));
/* t[32] is negative */
c1-=bn_sub_words(&(t[n2]),t,&(t[n2]),n2);
c1-=(int)(bn_sub_words(&(t[n2]),t,&(t[n2]),n2));
/* t[32] holds (a[0]-a[1])*(a[1]-a[0])+(a[0]*a[0])+(a[1]*a[1])
* r[10] holds (a[0]*a[0])
* r[32] holds (a[1]*a[1])
* c1 holds the carry bits
*/
c1+=bn_add_words(&(r[n]),&(r[n]),&(t[n2]),n2);
c1+=(int)(bn_add_words(&(r[n]),&(r[n]),&(t[n2]),n2));
if (c1)
{
p= &(r[n+n2]);

1
crypto/buffer/.cvsignore Normal file
View File

@ -0,0 +1 @@
lib

1
crypto/buffer/buf_err.c
View File

@ -66,7 +66,6 @@ static ERR_STRING_DATA BUF_str_functs[]=
{ERR_PACK(0,BUF_F_BUF_MEM_GROW,0), "BUF_MEM_grow"},
{ERR_PACK(0,BUF_F_BUF_MEM_NEW,0), "BUF_MEM_new"},
{ERR_PACK(0,BUF_F_BUF_STRDUP,0), "BUF_strdup"},
{ERR_PACK(0,BUF_F_PXYCLNT_READ,0), "PXYCLNT_READ"},
{0,NULL},
};

1
crypto/buffer/buffer.err
View File

@ -4,6 +4,5 @@
#define BUF_F_BUF_MEM_GROW 100
#define BUF_F_BUF_MEM_NEW 101
#define BUF_F_BUF_STRDUP 102
#define BUF_F_PXYCLNT_READ 103
/* Reason codes. */

1
crypto/buffer/buffer.h
View File

@ -96,7 +96,6 @@ void ERR_load_BUF_strings();
#define BUF_F_BUF_MEM_GROW 100
#define BUF_F_BUF_MEM_NEW 101
#define BUF_F_BUF_STRDUP 102
#define BUF_F_PXYCLNT_READ 103
/* Reason codes. */

1
crypto/cast/.cvsignore Normal file
View File

@ -0,0 +1 @@
lib

2
crypto/cast/c_ecb.c
View File

@ -59,7 +59,7 @@
#include "cast.h"
#include "cast_lcl.h"
char *CAST_version="CAST part of SSLeay 0.9.1a 06-Jul-1998";
char *CAST_version="CAST part of SSLeay 0.9.1c 22-Dec-1998";
void CAST_ecb_encrypt(in, out, ks, encrypt)
unsigned char *in;

1
crypto/comp/.cvsignore Normal file
View File

@ -0,0 +1 @@
lib

1
crypto/conf/.cvsignore Normal file
View File

@ -0,0 +1 @@
lib

2
crypto/conf/conf.c
View File

@ -95,7 +95,7 @@ static CONF_VALUE *get_section();
#define scan_esc(p) ((((p)[1] == '\0')?(p++):(p+=2)),p)
char *CONF_version="CONF part of SSLeay 0.9.1a 06-Jul-1998";
char *CONF_version="CONF part of SSLeay 0.9.1c 22-Dec-1998";
LHASH *CONF_load(h,file,line)
LHASH *h;

2
crypto/cryptlib.h
View File

@ -88,7 +88,7 @@ extern "C" {
#define X509_CERT_AREA "/usr/local/ssl"
#define X509_CERT_DIR "/usr/local/ssl/certs"
#define X509_CERT_FILE "/usr/local/ssl/cert.pem"
#define X509_PRIVATE_DIR "/usr/local/ssl/private"
#define X509_PRIVATE_DIR "/usr/local/ssl/private"
#define X509_CERT_DIR_EVP "SSL_CERT_DIR"
#define X509_CERT_FILE_EVP "SSL_CERT_FILE"

2
crypto/crypto.h
View File

@ -67,7 +67,7 @@ extern "C" {
/* This is more to be used to check the correct DLL is being used
* in the MS world. */
#define SSLEAY_VERSION_NUMBER 0x0911 /* Version 0.5.1c would be 0513 */
#define SSLEAY_VERSION_NUMBER 0x0913 /* Version 0.5.1c would be 0513 */
#define SSLEAY_VERSION 0
/* #define SSLEAY_OPTIONS 1 no longer supported */

2
crypto/cversion.c
View File

@ -66,7 +66,7 @@ char *SSLeay_version(t)
int t;
{
if (t == SSLEAY_VERSION)
return("SSLeay 0.9.1a 06-Jul-1998");
return("SSLeay 0.9.1c 22-Dec-1998");
if (t == SSLEAY_BUILT_ON)
{
#ifdef DATE

2
crypto/date.h
View File

@ -1 +1 @@
#define DATE "Wed Jul 22 12:21:22 EST 1998"
#define DATE "Tue Dec 22 15:40:03 CET 1998"

1
crypto/des/.cvsignore Normal file
View File

@ -0,0 +1 @@
lib

2
crypto/des/ecb_enc.c
View File

@ -60,7 +60,7 @@
#include "spr.h"
char *libdes_version="libdes v 3.24 - 20-Apr-1996 - eay";
char *DES_version="DES part of SSLeay 0.9.1a 06-Jul-1998";
char *DES_version="DES part of SSLeay 0.9.1c 22-Dec-1998";
char *des_options()
{

1
crypto/dh/.cvsignore Normal file
View File

@ -0,0 +1 @@
lib

2
crypto/dh/dh_lib.c
View File

@ -61,7 +61,7 @@
#include "bn.h"
#include "dh.h"
char *DH_version="Diffie-Hellman part of SSLeay 0.9.1a 06-Jul-1998";
char *DH_version="Diffie-Hellman part of SSLeay 0.9.1c 22-Dec-1998";
DH *DH_new()
{

1
crypto/dsa/.cvsignore Normal file
View File

@ -0,0 +1 @@
lib

4
crypto/dsa/dsa_lib.c
View File

@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
/* Origional version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
#include <stdio.h>
#include "cryptlib.h"
@ -64,7 +64,7 @@
#include "dsa.h"
#include "asn1.h"
char *DSA_version="\0DSA part of SSLeay 0.9.1a 06-Jul-1998";
char *DSA_version="DSA part of SSLeay 0.9.1c 22-Dec-1998";
DSA *DSA_new()
{

6
crypto/dsa/f
View File

@ -1,6 +0,0 @@
if ((dsa->method_mod_p == NULL) && (dsa->flags & DSA_FLAG_CACHE_MONT_P))
{
if ((dsa->method_mod_p=(char *)BN_MONT_CTX_new()) != NULL)
if (!BN_MONT_CTX_set((BN_MONT_CTX *)dsa->method_mod_p,
dsa->p,ctx)) goto err;
}

1
crypto/err/.cvsignore Normal file
View File

@ -0,0 +1 @@
lib

1
crypto/evp/.cvsignore Normal file
View File

@ -0,0 +1 @@
lib

2
crypto/evp/evp_enc.c
View File

@ -60,7 +60,7 @@
#include "cryptlib.h"
#include "evp.h"
char *EVP_version="EVP part of SSLeay 0.9.1a 06-Jul-1998";
char *EVP_version="EVP part of SSLeay 0.9.1c 22-Dec-1998";
void EVP_CIPHER_CTX_init(ctx)
EVP_CIPHER_CTX *ctx;

1
crypto/hmac/.cvsignore Normal file
View File

@ -0,0 +1 @@
lib

1
crypto/idea/.cvsignore Normal file
View File

@ -0,0 +1 @@
lib

2
crypto/idea/i_ecb.c
View File

@ -59,7 +59,7 @@
#include "idea.h"
#include "idea_lcl.h"
char *IDEA_version="IDEA part of SSLeay 0.9.1a 06-Jul-1998";
char *IDEA_version="IDEA part of SSLeay 0.9.1c 22-Dec-1998";
char *idea_options()
{

1
crypto/lhash/.cvsignore Normal file
View File

@ -0,0 +1 @@
lib

2
crypto/lhash/lhash.c
View File

@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
char *lh_version="lhash part of SSLeay 0.9.1a 06-Jul-1998";
char *lh_version="lhash part of SSLeay 0.9.1c 22-Dec-1998";
/* Code for dynamic hash table routines
* Author - Eric Young v 2.0

1
crypto/md/.cvsignore Normal file
View File

@ -0,0 +1 @@
lib

1
crypto/md2/.cvsignore Normal file
View File

@ -0,0 +1 @@
lib

2
crypto/md2/md2_dgst.c
View File

@ -61,7 +61,7 @@
#include <string.h>
#include "md2.h"
char *MD2_version="MD2 part of SSLeay 0.9.1a 06-Jul-1998";
char *MD2_version="MD2 part of SSLeay 0.9.1c 22-Dec-1998";
/* Implemented from RFC1319 The MD2 Message-Digest Algorithm
*/

1
crypto/md5/.cvsignore Normal file
View File

@ -0,0 +1 @@
lib

731
crypto/md5/f
View File

@ -1,731 +0,0 @@
# 1 "asm/mx86unix.cpp"
.file "md5-586.s"
.version "01.01"
gcc2_compiled.:
.text
.align 4
.globl _md5_block_x86
_md5_block_x86 :
pushl %esi
pushl %edi
movl 12(%esp), %edi
movl 16(%esp), %esi
movl 20(%esp), %ecx
pushl %ebp
pushl %ebx
addl %esi, %ecx
subl $64, %ecx
movl (%edi), %eax
pushl %ecx
movl 4(%edi), %ebx
movl 8(%edi), %ecx
movl 12(%edi), %edx
.L000start:
movl %ecx, %edi
movl (%esi), %ebp
xorl %edx, %edi
andl %ebx, %edi
leal 3614090360(%eax,%ebp,1),%eax
movl 4(%esi), %ebp
xorl %edx, %edi
addl %edi, %eax
movl %ebx, %edi
roll $7, %eax
addl %ebx, %eax
xorl %ecx, %edi
andl %eax, %edi
leal 3905402710(%edx,%ebp,1),%edx
movl 8(%esi), %ebp
xorl %ecx, %edi
addl %edi, %edx
movl %eax, %edi
roll $12, %edx
addl %eax, %edx
xorl %ebx, %edi
andl %edx, %edi
leal 606105819(%ecx,%ebp,1),%ecx
movl 12(%esi), %ebp
xorl %ebx, %edi
addl %edi, %ecx
movl %edx, %edi
roll $17, %ecx
addl %edx, %ecx
xorl %eax, %edi
andl %ecx, %edi
leal 3250441966(%ebx,%ebp,1),%ebx
movl 16(%esi), %ebp
xorl %eax, %edi
addl %edi, %ebx
movl %ecx, %edi
roll $22, %ebx
addl %ecx, %ebx
xorl %edx, %edi
andl %ebx, %edi
leal 4118548399(%eax,%ebp,1),%eax
movl 20(%esi), %ebp
xorl %edx, %edi
addl %edi, %eax
movl %ebx, %edi
roll $7, %eax
addl %ebx, %eax
xorl %ecx, %edi
andl %eax, %edi
leal 1200080426(%edx,%ebp,1),%edx
movl 24(%esi), %ebp
xorl %ecx, %edi
addl %edi, %edx
movl %eax, %edi
roll $12, %edx
addl %eax, %edx
xorl %ebx, %edi
andl %edx, %edi
leal 2821735955(%ecx,%ebp,1),%ecx
movl 28(%esi), %ebp
xorl %ebx, %edi
addl %edi, %ecx
movl %edx, %edi
roll $17, %ecx
addl %edx, %ecx
xorl %eax, %edi
andl %ecx, %edi
leal 4249261313(%ebx,%ebp,1),%ebx
movl 32(%esi), %ebp
xorl %eax, %edi
addl %edi, %ebx
movl %ecx, %edi
roll $22, %ebx
addl %ecx, %ebx
xorl %edx, %edi
andl %ebx, %edi
leal 1770035416(%eax,%ebp,1),%eax
movl 36(%esi), %ebp
xorl %edx, %edi
addl %edi, %eax
movl %ebx, %edi
roll $7, %eax
addl %ebx, %eax
xorl %ecx, %edi
andl %eax, %edi
leal 2336552879(%edx,%ebp,1),%edx
movl 40(%esi), %ebp
xorl %ecx, %edi
addl %edi, %edx
movl %eax, %edi
roll $12, %edx
addl %eax, %edx
xorl %ebx, %edi
andl %edx, %edi
leal 4294925233(%ecx,%ebp,1),%ecx
movl 44(%esi), %ebp
xorl %ebx, %edi
addl %edi, %ecx
movl %edx, %edi
roll $17, %ecx
addl %edx, %ecx
xorl %eax, %edi
andl %ecx, %edi
leal 2304563134(%ebx,%ebp,1),%ebx
movl 48(%esi), %ebp
xorl %eax, %edi
addl %edi, %ebx
movl %ecx, %edi
roll $22, %ebx
addl %ecx, %ebx
xorl %edx, %edi
andl %ebx, %edi
leal 1804603682(%eax,%ebp,1),%eax
movl 52(%esi), %ebp
xorl %edx, %edi
addl %edi, %eax
movl %ebx, %edi
roll $7, %eax
addl %ebx, %eax
xorl %ecx, %edi
andl %eax, %edi
leal 4254626195(%edx,%ebp,1),%edx
movl 56(%esi), %ebp
xorl %ecx, %edi
addl %edi, %edx
movl %eax, %edi
roll $12, %edx
addl %eax, %edx
xorl %ebx, %edi
andl %edx, %edi
leal 2792965006(%ecx,%ebp,1),%ecx
movl 60(%esi), %ebp
xorl %ebx, %edi
addl %edi, %ecx
movl %edx, %edi
roll $17, %ecx
addl %edx, %ecx
xorl %eax, %edi
andl %ecx, %edi
leal 1236535329(%ebx,%ebp,1),%ebx
movl 4(%esi), %ebp
xorl %eax, %edi
addl %edi, %ebx
movl %ecx, %edi
roll $22, %ebx
addl %ecx, %ebx
leal 4129170786(%eax,%ebp,1),%eax
xorl %ebx, %edi
andl %edx, %edi
movl 24(%esi), %ebp
xorl %ecx, %edi
addl %edi, %eax
movl %ebx, %edi
roll $5, %eax
addl %ebx, %eax
leal 3225465664(%edx,%ebp,1),%edx
xorl %eax, %edi
andl %ecx, %edi
movl 44(%esi), %ebp
xorl %ebx, %edi
addl %edi, %edx
movl %eax, %edi
roll $9, %edx
addl %eax, %edx
leal 643717713(%ecx,%ebp,1),%ecx
xorl %edx, %edi
andl %ebx, %edi
movl (%esi), %ebp
xorl %eax, %edi
addl %edi, %ecx
movl %edx, %edi
roll $14, %ecx
addl %edx, %ecx
leal 3921069994(%ebx,%ebp,1),%ebx
xorl %ecx, %edi
andl %eax, %edi
movl 20(%esi), %ebp
xorl %edx, %edi
addl %edi, %ebx
movl %ecx, %edi
roll $20, %ebx
addl %ecx, %ebx
leal 3593408605(%eax,%ebp,1),%eax
xorl %ebx, %edi
andl %edx, %edi
movl 40(%esi), %ebp
xorl %ecx, %edi
addl %edi, %eax
movl %ebx, %edi
roll $5, %eax
addl %ebx, %eax
leal 38016083(%edx,%ebp,1),%edx
xorl %eax, %edi
andl %ecx, %edi
movl 60(%esi), %ebp
xorl %ebx, %edi
addl %edi, %edx
movl %eax, %edi
roll $9, %edx
addl %eax, %edx
leal 3634488961(%ecx,%ebp,1),%ecx
xorl %edx, %edi
andl %ebx, %edi
movl 16(%esi), %ebp
xorl %eax, %edi
addl %edi, %ecx
movl %edx, %edi
roll $14, %ecx
addl %edx, %ecx
leal 3889429448(%ebx,%ebp,1),%ebx
xorl %ecx, %edi
andl %eax, %edi
movl 36(%esi), %ebp
xorl %edx, %edi
addl %edi, %ebx
movl %ecx, %edi
roll $20, %ebx
addl %ecx, %ebx
leal 568446438(%eax,%ebp,1),%eax
xorl %ebx, %edi
andl %edx, %edi
movl 56(%esi), %ebp
xorl %ecx, %edi
addl %edi, %eax
movl %ebx, %edi
roll $5, %eax
addl %ebx, %eax
leal 3275163606(%edx,%ebp,1),%edx
xorl %eax, %edi
andl %ecx, %edi
movl 12(%esi), %ebp
xorl %ebx, %edi
addl %edi, %edx
movl %eax, %edi
roll $9, %edx
addl %eax, %edx
leal 4107603335(%ecx,%ebp,1),%ecx
xorl %edx, %edi
andl %ebx, %edi
movl 32(%esi), %ebp
xorl %eax, %edi
addl %edi, %ecx
movl %edx, %edi
roll $14, %ecx
addl %edx, %ecx
leal 1163531501(%ebx,%ebp,1),%ebx
xorl %ecx, %edi
andl %eax, %edi
movl 52(%esi), %ebp
xorl %edx, %edi
addl %edi, %ebx
movl %ecx, %edi
roll $20, %ebx
addl %ecx, %ebx
leal 2850285829(%eax,%ebp,1),%eax
xorl %ebx, %edi
andl %edx, %edi
movl 8(%esi), %ebp
xorl %ecx, %edi
addl %edi, %eax
movl %ebx, %edi
roll $5, %eax
addl %ebx, %eax
leal 4243563512(%edx,%ebp,1),%edx
xorl %eax, %edi
andl %ecx, %edi
movl 28(%esi), %ebp
xorl %ebx, %edi
addl %edi, %edx
movl %eax, %edi
roll $9, %edx
addl %eax, %edx
leal 1735328473(%ecx,%ebp,1),%ecx
xorl %edx, %edi
andl %ebx, %edi
movl 48(%esi), %ebp
xorl %eax, %edi
addl %edi, %ecx
movl %edx, %edi
roll $14, %ecx
addl %edx, %ecx
leal 2368359562(%ebx,%ebp,1),%ebx
xorl %ecx, %edi
andl %eax, %edi
movl 20(%esi), %ebp
xorl %edx, %edi
addl %edi, %ebx
movl %ecx, %edi
roll $20, %ebx
addl %ecx, %ebx
xorl %edx, %edi
xorl %ebx, %edi
leal 4294588738(%eax,%ebp,1),%eax
addl %edi, %eax
movl 32(%esi), %ebp
roll $4, %eax
movl %ebx, %edi
leal 2272392833(%edx,%ebp,1),%edx
addl %ebx, %eax
xorl %ecx, %edi
xorl %eax, %edi
movl 44(%esi), %ebp
addl %edi, %edx
movl %eax, %edi
roll $11, %edx
addl %eax, %edx
xorl %ebx, %edi
xorl %edx, %edi
leal 1839030562(%ecx,%ebp,1),%ecx
addl %edi, %ecx
movl 56(%esi), %ebp
roll $16, %ecx
movl %edx, %edi
leal 4259657740(%ebx,%ebp,1),%ebx
addl %edx, %ecx
xorl %eax, %edi
xorl %ecx, %edi
movl 4(%esi), %ebp
addl %edi, %ebx
movl %ecx, %edi
roll $23, %ebx
addl %ecx, %ebx
xorl %edx, %edi
xorl %ebx, %edi
leal 2763975236(%eax,%ebp,1),%eax
addl %edi, %eax
movl 16(%esi), %ebp
roll $4, %eax
movl %ebx, %edi
leal 1272893353(%edx,%ebp,1),%edx
addl %ebx, %eax
xorl %ecx, %edi
xorl %eax, %edi
movl 28(%esi), %ebp
addl %edi, %edx
movl %eax, %edi
roll $11, %edx
addl %eax, %edx
xorl %ebx, %edi
xorl %edx, %edi
leal 4139469664(%ecx,%ebp,1),%ecx
addl %edi, %ecx
movl 40(%esi), %ebp
roll $16, %ecx
movl %edx, %edi
leal 3200236656(%ebx,%ebp,1),%ebx
addl %edx, %ecx
xorl %eax, %edi
xorl %ecx, %edi
movl 52(%esi), %ebp
addl %edi, %ebx
movl %ecx, %edi
roll $23, %ebx
addl %ecx, %ebx
xorl %edx, %edi
xorl %ebx, %edi
leal 681279174(%eax,%ebp,1),%eax
addl %edi, %eax
movl (%esi), %ebp
roll $4, %eax
movl %ebx, %edi
leal 3936430074(%edx,%ebp,1),%edx
addl %ebx, %eax
xorl %ecx, %edi
xorl %eax, %edi
movl 12(%esi), %ebp
addl %edi, %edx
movl %eax, %edi
roll $11, %edx
addl %eax, %edx
xorl %ebx, %edi
xorl %edx, %edi
leal 3572445317(%ecx,%ebp,1),%ecx
addl %edi, %ecx
movl 24(%esi), %ebp
roll $16, %ecx
movl %edx, %edi
leal 76029189(%ebx,%ebp,1),%ebx
addl %edx, %ecx
xorl %eax, %edi
xorl %ecx, %edi
movl 36(%esi), %ebp
addl %edi, %ebx
movl %ecx, %edi
roll $23, %ebx
addl %ecx, %ebx
xorl %edx, %edi
xorl %ebx, %edi
leal 3654602809(%eax,%ebp,1),%eax
addl %edi, %eax
movl 48(%esi), %ebp
roll $4, %eax
movl %ebx, %edi
leal 3873151461(%edx,%ebp,1),%edx
addl %ebx, %eax
xorl %ecx, %edi
xorl %eax, %edi
movl 60(%esi), %ebp
addl %edi, %edx
movl %eax, %edi
roll $11, %edx
addl %eax, %edx
xorl %ebx, %edi
xorl %edx, %edi
leal 530742520(%ecx,%ebp,1),%ecx
addl %edi, %ecx
movl 8(%esi), %ebp
roll $16, %ecx
movl %edx, %edi
leal 3299628645(%ebx,%ebp,1),%ebx
addl %edx, %ecx
xorl %eax, %edi
xorl %ecx, %edi
movl (%esi), %ebp
addl %edi, %ebx
movl $-1, %edi
roll $23, %ebx
addl %ecx, %ebx
xorl %edx, %edi
orl %ebx, %edi
leal 4096336452(%eax,%ebp,1),%eax
xorl %ecx, %edi
movl 28(%esi), %ebp
addl %edi, %eax
movl $-1, %edi
roll $6, %eax
xorl %ecx, %edi
addl %ebx, %eax
orl %eax, %edi
leal 1126891415(%edx,%ebp,1),%edx
xorl %ebx, %edi
movl 56(%esi), %ebp
addl %edi, %edx
movl $-1, %edi
roll $10, %edx
xorl %ebx, %edi
addl %eax, %edx
orl %edx, %edi
leal 2878612391(%ecx,%ebp,1),%ecx
xorl %eax, %edi
movl 20(%esi), %ebp
addl %edi, %ecx
movl $-1, %edi
roll $15, %ecx
xorl %eax, %edi
addl %edx, %ecx
orl %ecx, %edi
leal 4237533241(%ebx,%ebp,1),%ebx
xorl %edx, %edi
movl 48(%esi), %ebp
addl %edi, %ebx
movl $-1, %edi
roll $21, %ebx
xorl %edx, %edi
addl %ecx, %ebx
orl %ebx, %edi
leal 1700485571(%eax,%ebp,1),%eax
xorl %ecx, %edi
movl 12(%esi), %ebp
addl %edi, %eax
movl $-1, %edi
roll $6, %eax
xorl %ecx, %edi
addl %ebx, %eax
orl %eax, %edi
leal 2399980690(%edx,%ebp,1),%edx
xorl %ebx, %edi
movl 40(%esi), %ebp
addl %edi, %edx
movl $-1, %edi
roll $10, %edx
xorl %ebx, %edi
addl %eax, %edx
orl %edx, %edi
leal 4293915773(%ecx,%ebp,1),%ecx
xorl %eax, %edi
movl 4(%esi), %ebp
addl %edi, %ecx
movl $-1, %edi
roll $15, %ecx
xorl %eax, %edi
addl %edx, %ecx
orl %ecx, %edi
leal 2240044497(%ebx,%ebp,1),%ebx
xorl %edx, %edi
movl 32(%esi), %ebp
addl %edi, %ebx
movl $-1, %edi
roll $21, %ebx
xorl %edx, %edi
addl %ecx, %ebx
orl %ebx, %edi
leal 1873313359(%eax,%ebp,1),%eax
xorl %ecx, %edi
movl 60(%esi), %ebp
addl %edi, %eax
movl $-1, %edi
roll $6, %eax
xorl %ecx, %edi
addl %ebx, %eax
orl %eax, %edi
leal 4264355552(%edx,%ebp,1),%edx
xorl %ebx, %edi
movl 24(%esi), %ebp
addl %edi, %edx
movl $-1, %edi
roll $10, %edx
xorl %ebx, %edi
addl %eax, %edx
orl %edx, %edi
leal 2734768916(%ecx,%ebp,1),%ecx
xorl %eax, %edi
movl 52(%esi), %ebp
addl %edi, %ecx
movl $-1, %edi
roll $15, %ecx
xorl %eax, %edi
addl %edx, %ecx
orl %ecx, %edi
leal 1309151649(%ebx,%ebp,1),%ebx
xorl %edx, %edi
movl 16(%esi), %ebp
addl %edi, %ebx
movl $-1, %edi
roll $21, %ebx
xorl %edx, %edi
addl %ecx, %ebx
orl %ebx, %edi
leal 4149444226(%eax,%ebp,1),%eax
xorl %ecx, %edi
movl 44(%esi), %ebp
addl %edi, %eax
movl $-1, %edi
roll $6, %eax
xorl %ecx, %edi
addl %ebx, %eax
orl %eax, %edi
leal 3174756917(%edx,%ebp,1),%edx
xorl %ebx, %edi
movl 8(%esi), %ebp
addl %edi, %edx
movl $-1, %edi
roll $10, %edx
xorl %ebx, %edi
addl %eax, %edx
orl %edx, %edi
leal 718787259(%ecx,%ebp,1),%ecx
xorl %eax, %edi
movl 36(%esi), %ebp
addl %edi, %ecx
movl $-1, %edi
roll $15, %ecx
xorl %eax, %edi
addl %edx, %ecx
orl %ecx, %edi
leal 3951481745(%ebx,%ebp,1),%ebx
xorl %edx, %edi
movl 24(%esp), %ebp
addl %edi, %ebx
addl $64, %esi
roll $21, %ebx
movl (%ebp), %edi
addl %ecx, %ebx
addl %edi, %eax
movl 4(%ebp), %edi
addl %edi, %ebx
movl 8(%ebp), %edi
addl %edi, %ecx
movl 12(%ebp), %edi
addl %edi, %edx
movl %eax, (%ebp)
movl %ebx, 4(%ebp)
movl (%esp), %edi
movl %ecx, 8(%ebp)
movl %edx, 12(%ebp)
cmpl %esi, %edi
jge .L000start
popl %eax
popl %ebx
popl %ebp
popl %edi
popl %esi
ret
.md5_block_x86_end:
.ident "desasm.pl"

2
crypto/md5/md5_dgst.c
View File

@ -59,7 +59,7 @@
#include <stdio.h>
#include "md5_locl.h"
char *MD5_version="MD5 part of SSLeay 0.9.1a 06-Jul-1998";
char *MD5_version="MD5 part of SSLeay 0.9.1c 22-Dec-1998";
/* Implemented from RFC1321 The MD5 Message-Digest Algorithm
*/

1
crypto/mdc2/.cvsignore Normal file
View File

@ -0,0 +1 @@
lib

1
crypto/objects/.cvsignore Normal file
View File

@ -0,0 +1 @@
lib

2
crypto/pem/.cvsignore Normal file
View File

@ -0,0 +1,2 @@
lib
ctx_size

BIN
crypto/pem/gmon.out
View File

Binary file not shown.

2
crypto/pem/pem_lib.c
View File

@ -68,7 +68,7 @@
#include "des.h"
#endif
char *PEM_version="PEM part of SSLeay 0.9.1a 06-Jul-1998";
char *PEM_version="PEM part of SSLeay 0.9.1c 22-Dec-1998";
#define MIN_LENGTH 4

19
crypto/perlasm/f
View File

@ -1,19 +0,0 @@
sub out3
{
local($name,$p1,$p2,$p3)=@_;
push(@out,"\t$name\t");
$l=length($p1)+1;
push(@out,$p1.",");
$ll=4-($l+9)/8;
$tmp1=sprintf("\t" x $ll);
push(@out,$tmp1);
$l=length($p2)+1;
push(@out,$p2.",");
$ll=4-($l+9)/8;
$tmp1=sprintf("\t" x $ll);
push(@out,$tmp1);
push(@out,&conv($p3)."\n");
}

5
crypto/pkcs7/build
View File

@ -1,5 +0,0 @@
#!/bin/sh -x
make
gcc -I../../include -g -o enc enc.c ../../libcrypto.a
gcc -I../../include -g -o dec dec.c ../../libcrypto.a

1
crypto/pkcs7/pk7_doit.c
View File

@ -909,7 +909,6 @@ int atrtype;
char *value;
{
X509_ATTRIBUTE *attr=NULL;
ASN1_TYPE *val=NULL;
if (*sk == NULL)
{

2
crypto/pkcs7/pkcs7err.c
View File

@ -69,7 +69,7 @@ static ERR_STRING_DATA PKCS7_str_functs[]=
{ERR_PACK(0,PKCS7_F_PKCS7_ADD_SIGNER,0), "PKCS7_add_signer"},
{ERR_PACK(0,PKCS7_F_PKCS7_CTRL,0), "PKCS7_ctrl"},
{ERR_PACK(0,PKCS7_F_PKCS7_DATAINIT,0), "PKCS7_dataInit"},
{ERR_PACK(0,PKCS7_F_PKCS7_DATASIGN,0), "PKCS7_dataSign"},
{ERR_PACK(0,PKCS7_F_PKCS7_DATASIGN,0), "PKCS7_DATASIGN"},
{ERR_PACK(0,PKCS7_F_PKCS7_DATAVERIFY,0), "PKCS7_dataVerify"},
{ERR_PACK(0,PKCS7_F_PKCS7_SET_CIPHER,0), "PKCS7_set_cipher"},
{ERR_PACK(0,PKCS7_F_PKCS7_SET_CONTENT,0), "PKCS7_set_content"},

1
crypto/rand/.cvsignore Normal file
View File

@ -0,0 +1 @@
lib

6
crypto/rand/md_rand.c
View File

@ -126,13 +126,13 @@ static unsigned char state[STATE_SIZE+MD_DIGEST_LENGTH];
static unsigned char md[MD_DIGEST_LENGTH];
static long md_count[2]={0,0};
char *RAND_version="RAND part of SSLeay 0.9.1a 06-Jul-1998";
char *RAND_version="RAND part of SSLeay 0.9.1c 22-Dec-1998";
static void ssleay_rand_cleanup(void);
static void ssleay_rand_seed(unsigned char *buf, int num);
static void ssleay_rand_bytes(unsigned char *buf, int num);
RAND_METHOD rand_ssleay={
RAND_METHOD rand_ssleay_meth={
ssleay_rand_seed,
ssleay_rand_bytes,
ssleay_rand_cleanup,
@ -140,7 +140,7 @@ RAND_METHOD rand_ssleay={
RAND_METHOD *RAND_SSLeay()
{
return(&rand_ssleay);
return(&rand_ssleay_meth);
}
static void ssleay_rand_cleanup()

4
crypto/rand/rand_lib.c
View File

@ -65,8 +65,8 @@
#ifdef NO_RAND
static RAND_METHOD *rand_meth=NULL;
#else
extern RAND_METHOD rand_ssleay;
static RAND_METHOD *rand_meth= &rand_ssleay;
extern RAND_METHOD rand_ssleay_meth;
static RAND_METHOD *rand_meth= &rand_ssleay_meth;
#endif
void RAND_set_rand_method(meth)

1
crypto/rc2/.cvsignore Normal file
View File

@ -0,0 +1 @@
lib

2
crypto/rc2/rc2_ecb.c
View File

@ -59,7 +59,7 @@
#include "rc2.h"
#include "rc2_locl.h"
char *RC2_version="RC2 part of SSLeay 0.9.1a 06-Jul-1998";
char *RC2_version="RC2 part of SSLeay 0.9.1c 22-Dec-1998";
/* RC2 as implemented frm a posting from
* Newsgroups: sci.crypt

1
crypto/rc4/.cvsignore Normal file
View File

@ -0,0 +1 @@
lib

2
crypto/rc4/rc4_skey.c
View File

@ -59,7 +59,7 @@
#include "rc4.h"
#include "rc4_locl.h"
char *RC4_version="RC4 part of SSLeay 0.9.1a 06-Jul-1998";
char *RC4_version="RC4 part of SSLeay 0.9.1c 22-Dec-1998";
char *RC4_options()
{

1
crypto/rc5/.cvsignore Normal file
View File

@ -0,0 +1 @@
lib

2
crypto/rc5/rc5_ecb.c
View File

@ -59,7 +59,7 @@
#include "rc5.h"
#include "rc5_locl.h"
char *RC5_version="RC5 part of SSLeay 0.9.1a 06-Jul-1998";
char *RC5_version="RC5 part of SSLeay 0.9.1c 22-Dec-1998";
void RC5_32_ecb_encrypt(in, out, ks, encrypt)
unsigned char *in;

1
crypto/ripemd/.cvsignore Normal file
View File

@ -0,0 +1 @@
lib

2
crypto/ripemd/rmd_dgst.c
View File

@ -59,7 +59,7 @@
#include <stdio.h>
#include "rmd_locl.h"
char *RMD160_version="RIPEMD160 part of SSLeay 0.9.1a 06-Jul-1998";
char *RMD160_version="RIPE-MD160 part of SSLeay 0.9.1c 22-Dec-1998";
#ifndef NOPROTO
# ifdef RMD160_ASM

1
crypto/rsa/.cvsignore Normal file
View File

@ -0,0 +1 @@
lib

6
crypto/rsa/f
View File

@ -1,6 +0,0 @@
if ((rsa->method_mod_n == NULL) && (rsa->flags & RSA_FLAG_CACHE_PUBLIC))
{
if ((rsa->method_mod_n=(char *)BN_MONT_CTX_new()) != NULL)
if (!BN_MONT_CTX_set((BN_MONT_CTX *)rsa->method_mod_n,
rsa->n,ctx)) goto err;
}

2
crypto/rsa/rsa_lib.c
View File

@ -63,7 +63,7 @@
#include "bn.h"
#include "rsa.h"
char *RSA_version="RSA part of SSLeay 0.9.1a 06-Jul-1998";
char *RSA_version="RSA part of SSLeay 0.9.1c 22-Dec-1998";
static RSA_METHOD *default_RSA_meth=NULL;
static int rsa_meth_num=0;

1
crypto/sha/.cvsignore Normal file
View File

@ -0,0 +1 @@
lib

2089
crypto/sha/asm/f
View File

File diff suppressed because it is too large Load Diff

2
crypto/sha/sha1dgst.c
View File

@ -63,7 +63,7 @@
#include "sha.h"
#include "sha_locl.h"
char *SHA1_version="SHA1 part of SSLeay 0.9.1a 06-Jul-1998";
char *SHA1_version="SHA1 part of SSLeay 0.9.1c 22-Dec-1998";
/* Implemented from SHA-1 document - The Secure Hash Algorithm
*/

Some files were not shown because too many files have changed in this diff Show More