Merge in the latest chanegs from 0.9.6-stable.
This commit is contained in:
parent
951d8e0d6b
commit
8b98de6653
5
CHANGES
5
CHANGES
@ -4,6 +4,11 @@
|
||||
|
||||
Changes between 0.9.6d and 0.9.6e [XX xxx XXXX]
|
||||
|
||||
*) Fix cipher selection routines: ciphers without encryption had no flags
|
||||
for the cipher strength set and where therefore not handled correctly
|
||||
by the selection routines (PR #130).
|
||||
[Lutz Jaenicke]
|
||||
|
||||
*) Fix EVP_dsa_sha macro.
|
||||
[Nils Larsch]
|
||||
|
||||
|
@ -154,7 +154,7 @@ my %table=(
|
||||
"solaris-sparcv7-gcc","gcc:-O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"solaris-sparcv8-gcc","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"solaris-sparcv9-gcc","gcc:-mcpu=ultrasparc -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"solaris64-sparcv9-gcc31","gcc:-mcpu=ultrasparc -m64 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::asm/md5-sparcv9.o::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"solaris64-sparcv9-gcc31","gcc:-mcpu=ultrasparc -m64 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::asm/md5-sparcv9.o::::::dlfcn:solaris-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
# gcc pre-2.8 doesn't understand -mcpu=ultrasparc, so fall down to -mv8
|
||||
# but keep the assembler modules.
|
||||
"solaris-sparcv9-gcc27","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus-gcc27.o:::asm/md5-sparcv8plus-gcc27.o::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
|
43
FAQ
43
FAQ
@ -38,6 +38,7 @@ OpenSSL - Frequently Asked Questions
|
||||
* Why does the OpenSSL compilation fail on Alpha Tru64 Unix?
|
||||
* Why does the OpenSSL compilation fail with "ar: command not found"?
|
||||
* Why does the OpenSSL compilation fail on Win32 with VC++?
|
||||
* What is special about OpenSSL on Redhat?
|
||||
|
||||
[PROG] Questions about programming with OpenSSL
|
||||
|
||||
@ -215,8 +216,11 @@ For Solaris 2.6, Tim Nibbe <tnibbe@sprint.net> and others have suggested
|
||||
installing the SUNski package from Sun patch 105710-01 (Sparc) which
|
||||
adds a /dev/random device and make sure it gets used, usually through
|
||||
$RANDFILE. There are probably similar patches for the other Solaris
|
||||
versions. However, be warned that /dev/random is usually a blocking
|
||||
device, which may have some effects on OpenSSL.
|
||||
versions. An official statement from Sun with respect to /dev/random
|
||||
support can be found at
|
||||
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsrdb/27606&zone_32=SUNWski
|
||||
However, be warned that /dev/random is usually a blocking device, which
|
||||
may have some effects on OpenSSL.
|
||||
|
||||
|
||||
* Why do I get an "unable to write 'random state'" error message?
|
||||
@ -451,6 +455,41 @@ under 'Program Files'). This needs to be done prior to running NMAKE,
|
||||
and the changes are only valid for the current DOS session.
|
||||
|
||||
|
||||
* What is special about OpenSSL on Redhat?
|
||||
|
||||
Red Hat Linux 7.0 and following versions already have a limited version of
|
||||
openssl already installed. This may well apply to other Linux distributions
|
||||
also. This version does not have support for the IDEA, RC5 and MDC-2
|
||||
algorithms as these are patented within the United States. For information
|
||||
these patent numbers and expiry dates are:
|
||||
|
||||
MDC-2: 4,908,861 13/03/2007
|
||||
IDEA: 5,214,703 25/05/2010
|
||||
RC5: 5,724,428 03/03/2015
|
||||
|
||||
However, Europeans and other non-Americans may wish to install all the
|
||||
features.
|
||||
|
||||
To do this you MUST ensure that you do not overwrite the openssl that is in
|
||||
/usr/bin on your Red Hat machine. Several packages depend on this file,
|
||||
including sendmail and ssh. /usr/local/bin is a good alternative choice. The
|
||||
libraries that come with Red Hat 7.0 onwards have different names and so are
|
||||
not affected. (eg For Red Hat 7.2 they are /lib/libssl.so.0.9.6b and
|
||||
/lib/libcrypto.so.0.9.6b with symlinks /lib/libssl.so.2 and
|
||||
/lib/libcrypto.so.2 respectively).
|
||||
|
||||
Please note that we have been advised by Red Hat attempting to recompile the
|
||||
openssl rpm with all the cryptography enabled will not work. All other
|
||||
packages depend on the original Red Hat supplied openssl package. It is also
|
||||
worth noting that due to the way Red Hat supplies its packages, updates to
|
||||
openssl on each distribution never change the package version, only the
|
||||
build number. For example, on Red Hat 7.1, the latest openssl package has
|
||||
version number 0.9.6 and build number 9 even though it contains all the
|
||||
relevant updates in packages up to and including 0.9.6b.
|
||||
|
||||
A possible way around this is to persuade Red Hat to produce a non-US
|
||||
version of Red Hat Linux.
|
||||
|
||||
[PROG] ========================================================================
|
||||
|
||||
* Is OpenSSL thread-safe?
|
||||
|
10
INSTALL
10
INSTALL
@ -131,8 +131,11 @@
|
||||
the failure that aren't problems in OpenSSL itself (like missing
|
||||
standard headers). If it is a problem with OpenSSL itself, please
|
||||
report the problem to <openssl-bugs@openssl.org> (note that your
|
||||
message will be forwarded to a public mailing list). Include the
|
||||
output of "make report" in your message.
|
||||
message will be recorded in the request tracker publicly readable
|
||||
via http://www.openssl.org/rt2.html and will be forwarded to a public
|
||||
mailing list). Include the output of "make report" in your message.
|
||||
Please check out the request tracker. Maybe the bug was already
|
||||
reported or has already been fixed.
|
||||
|
||||
[If you encounter assembler error messages, try the "no-asm"
|
||||
configuration option as an immediate fix.]
|
||||
@ -150,7 +153,8 @@
|
||||
try removing any compiler optimization flags from the CFLAGS line
|
||||
in Makefile.ssl and run "make clean; make". Please send a bug
|
||||
report to <openssl-bugs@openssl.org>, including the output of
|
||||
"make report".
|
||||
"make report" in order to be added to the request tracker at
|
||||
http://www.openssl.org/rt2.html.
|
||||
|
||||
4. If everything tests ok, install OpenSSL with
|
||||
|
||||
|
12
INSTALL.W32
12
INSTALL.W32
@ -94,6 +94,18 @@
|
||||
You can also build a static version of the library using the Makefile
|
||||
ms\nt.mak
|
||||
|
||||
Borland C++ builder 5
|
||||
---------------------
|
||||
|
||||
* Configure for building with Borland Builder:
|
||||
> perl Configure BC-32
|
||||
|
||||
* Create the appropriate makefile
|
||||
> ms\do_nasm
|
||||
|
||||
* Build
|
||||
> make -f ms\bcb.mak
|
||||
|
||||
Borland C++ builder 3 and 4
|
||||
---------------------------
|
||||
|
||||
|
2
NEWS
2
NEWS
@ -56,7 +56,7 @@
|
||||
o Bug fixes for Win32, HP/UX and Irix.
|
||||
o Bug fixes in BIGNUM, SSL, PKCS#7, PKCS#12, X.509, CONF and
|
||||
memory checking routines.
|
||||
o Bug fixes for RSA operations in threaded enviroments.
|
||||
o Bug fixes for RSA operations in threaded environments.
|
||||
o Bug fixes in misc. openssl applications.
|
||||
o Remove a few potential memory leaks.
|
||||
o Add tighter checks of BIGNUM routines.
|
||||
|
8
PROBLEMS
8
PROBLEMS
@ -1,11 +1,5 @@
|
||||
* System libcrypto.dylib and libssl.dylib are used by system ld on MacOS X.
|
||||
|
||||
|
||||
NOTE: The problem described here only applies when OpenSSL isn't built
|
||||
with shared library support (i.e. without the "shared" configuration
|
||||
option). If you build with shared library support, you will have no
|
||||
problems as long as you set up DYLD_LIBRARY_PATH properly at all times.
|
||||
|
||||
[NOTE: This is currently undergoing tests, and may be removed soon]
|
||||
|
||||
This is really a misfeature in ld, which seems to look for .dylib libraries
|
||||
along the whole library path before it bothers looking for .a libraries. This
|
||||
|
6
README
6
README
@ -146,11 +146,13 @@
|
||||
- Problem Description (steps that will reproduce the problem, if known)
|
||||
- Stack Traceback (if the application dumps core)
|
||||
|
||||
Report the bug to the OpenSSL project at:
|
||||
Report the bug to the OpenSSL project via the Request Tracker
|
||||
(http://www.openssl.org/rt2.html) by mail to:
|
||||
|
||||
openssl-bugs@openssl.org
|
||||
|
||||
Note that mail to openssl-bugs@openssl.org is forwarded to a public
|
||||
Note that mail to openssl-bugs@openssl.org is recorded in the publicly
|
||||
readable request tracker database and is forwarded to a public
|
||||
mailing list. Confidential mail may be sent to openssl-security@openssl.org
|
||||
(PGP key available from the key servers).
|
||||
|
||||
|
@ -90,7 +90,7 @@ int MAIN(int argc, char **argv)
|
||||
int informat,outformat;
|
||||
char *infile,*outfile,*prog;
|
||||
int print_certs=0,text=0,noout=0;
|
||||
int ret=0;
|
||||
int ret=1;
|
||||
char *engine=NULL;
|
||||
|
||||
apps_startup();
|
||||
|
@ -500,9 +500,9 @@ int MAIN(int argc, char **argv)
|
||||
} else if(operation == SMIME_PK7OUT) {
|
||||
PEM_write_bio_PKCS7(out, p7);
|
||||
} else {
|
||||
if(to) BIO_printf(out, "To: %s\n", to);
|
||||
if(from) BIO_printf(out, "From: %s\n", from);
|
||||
if(subject) BIO_printf(out, "Subject: %s\n", subject);
|
||||
if(to) BIO_printf(out, "To: %s\r\n", to);
|
||||
if(from) BIO_printf(out, "From: %s\r\n", from);
|
||||
if(subject) BIO_printf(out, "Subject: %s\r\n", subject);
|
||||
if(outformat == FORMAT_SMIME)
|
||||
SMIME_write_PKCS7(out, p7, in, flags);
|
||||
else if(outformat == FORMAT_PEM)
|
||||
|
@ -211,7 +211,7 @@ ascii2ebcdic(void *dest, const void *srce, size_t count)
|
||||
}
|
||||
|
||||
#else /*CHARSET_EBCDIC*/
|
||||
#if defined(PEDANTIC) || defined(VMS) || defined(__VMS)
|
||||
#if defined(PEDANTIC) || defined(VMS) || defined(__VMS) || defined(_DARWIN)
|
||||
static void *dummy=&dummy;
|
||||
#endif
|
||||
#endif
|
||||
|
@ -61,7 +61,9 @@
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
#ifndef HEADER_PEM_H
|
||||
void ERR_load_PEM_strings(void);
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
|
@ -209,7 +209,7 @@ sub using486
|
||||
|
||||
sub main'file
|
||||
{
|
||||
push(@out, "segment .text\n");
|
||||
push(@out, "segment .text use32\n");
|
||||
}
|
||||
|
||||
sub main'function_begin
|
||||
|
@ -141,8 +141,8 @@ union {
|
||||
#define PKCS12_ERROR 0
|
||||
#define PKCS12_OK 1
|
||||
|
||||
#define M_PKCS12_bag_type(bag) OBJ_obj2nid(bag->type)
|
||||
#define M_PKCS12_cert_bag_type(bag) OBJ_obj2nid(bag->value.bag->type)
|
||||
#define M_PKCS12_bag_type(bg) OBJ_obj2nid((bg)->type)
|
||||
#define M_PKCS12_cert_bag_type(bg) OBJ_obj2nid((bg)->value.bag->type)
|
||||
#define M_PKCS12_crl_bag_type M_PKCS12_cert_bag_type
|
||||
|
||||
#define M_PKCS12_x5092certbag(x509) \
|
||||
|
@ -6,12 +6,13 @@ crl2pkcs7 - Create a PKCS#7 structure from a CRL and certificates.
|
||||
|
||||
=head1 SYNOPSIS
|
||||
|
||||
B<openssl> B<pkcs7>
|
||||
B<openssl> B<crl2pkcs7>
|
||||
[B<-inform PEM|DER>]
|
||||
[B<-outform PEM|DER>]
|
||||
[B<-in filename>]
|
||||
[B<-out filename>]
|
||||
[B<-print_certs>]
|
||||
[B<-certfile filename>]
|
||||
[B<-nocrl>]
|
||||
|
||||
=head1 DESCRIPTION
|
||||
|
||||
|
@ -26,7 +26,7 @@ as described in L<RSA_get_ex_new_index(3)>.
|
||||
|
||||
=head1 SEE ALSO
|
||||
|
||||
L<RSA_get_ex_new_index()|RSA_get_ex_new_index()>, L<dh(3)|dh(3)>
|
||||
L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>, L<dh(3)|dh(3)>
|
||||
|
||||
=head1 HISTORY
|
||||
|
||||
|
@ -192,7 +192,7 @@ in code that must be recompiled if the size of B<EVP_MD_CTX> increases.
|
||||
|
||||
L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
|
||||
L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
|
||||
L<sha(3)|sha(3)>, L<digest(1)|digest(1)>
|
||||
L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
|
||||
|
||||
=head1 HISTORY
|
||||
|
||||
|
@ -75,7 +75,7 @@ L<EVP_VerifyInit(3)|EVP_VerifyInit(3)>,
|
||||
L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>,
|
||||
L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
|
||||
L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
|
||||
L<sha(3)|sha(3)>, L<digest(1)|digest(1)>
|
||||
L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
|
||||
|
||||
=head1 HISTORY
|
||||
|
||||
|
@ -62,7 +62,7 @@ L<EVP_SignInit(3)|EVP_SignInit(3)>,
|
||||
L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>,
|
||||
L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
|
||||
L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
|
||||
L<sha(3)|sha(3)>, L<digest(1)|digest(1)>
|
||||
L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
|
||||
|
||||
=head1 HISTORY
|
||||
|
||||
|
@ -172,7 +172,7 @@ ERR_get_string_table(void) respectively.
|
||||
=head1 SEE ALSO
|
||||
|
||||
L<CRYPTO_set_id_callback(3)|CRYPTO_set_id_callback(3)>,
|
||||
L<CRYPTO_set_locking_callback(3)|<CRYPTO_set_locking_callback(3)>,
|
||||
L<CRYPTO_set_locking_callback(3)|CRYPTO_set_locking_callback(3)>,
|
||||
L<ERR_get_error(3)|ERR_get_error(3)>,
|
||||
L<ERR_GET_LIB(3)|ERR_GET_LIB(3)>,
|
||||
L<ERR_clear_error(3)|ERR_clear_error(3)>,
|
||||
|
@ -111,7 +111,7 @@ L<RSA_blinding_on(3)|RSA_blinding_on(3)>,
|
||||
L<RSA_set_method(3)|RSA_set_method(3)>, L<RSA_print(3)|RSA_print(3)>,
|
||||
L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>,
|
||||
L<RSA_private_encrypt(3)|RSA_private_encrypt(3)>,
|
||||
L<RSA_sign_ASN_OCTET_STRING(3)|RSA_sign_ASN_OCTET_STRING(3)>,
|
||||
L<RSA_sign_ASN1_OCTET_STRING(3)|RSA_sign_ASN1_OCTET_STRING(3)>,
|
||||
L<RSA_padding_add_PKCS1_type_1(3)|RSA_padding_add_PKCS1_type_1(3)>
|
||||
|
||||
=cut
|
||||
|
@ -27,7 +27,7 @@ case is the size 0, which is used for unlimited size.
|
||||
|
||||
When the maximum number of sessions is reached, no more new sessions are
|
||||
added to the cache. New space may be added by calling
|
||||
L<SSL_CTX_flush_sessions(3)|<SSL_CTX_flush_sessions(3)> to remove
|
||||
L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)> to remove
|
||||
expired sessions.
|
||||
|
||||
If the size of the session cache is reduced and more sessions are already
|
||||
@ -46,6 +46,6 @@ SSL_CTX_sess_get_cache_size() returns the currently valid size.
|
||||
L<ssl(3)|ssl(3)>,
|
||||
L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>,
|
||||
L<SSL_CTX_sess_number(3)|SSL_CTX_sess_number(3)>,
|
||||
L<SSL_CTX_flush_sessions(3)|<SSL_CTX_flush_sessions(3)>
|
||||
L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)>
|
||||
|
||||
=cut
|
||||
|
@ -79,7 +79,7 @@ L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>.
|
||||
|
||||
L<ssl(3)|ssl(3)>, L<d2i_SSL_SESSION(3)|d2i_SSL_SESSION(3)>,
|
||||
L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>,
|
||||
L<SSL_CTX_flush_sessions(3)|<SSL_CTX_flush_sessions(3)>,
|
||||
L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)>,
|
||||
L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>
|
||||
|
||||
=cut
|
||||
|
@ -35,7 +35,7 @@ operation (|). Options can only be added but can never be reset.
|
||||
SSL_CTX_set_options() and SSL_set_options() affect the (external)
|
||||
protocol behaviour of the SSL library. The (internal) behaviour of
|
||||
the API can be changed by using the similar
|
||||
L<SSL_CTX_set_modes(3)|SSL_CTX_set_modes(3)> and SSL_set_modes() functions.
|
||||
L<SSL_CTX_set_mode(3)|SSL_CTX_set_mode(3)> and SSL_set_mode() functions.
|
||||
|
||||
During a handshake, the option settings of the SSL object are used. When
|
||||
a new SSL object is created from a context using SSL_new(), the current
|
||||
|
@ -3,54 +3,54 @@ echo Generating x86 for MASM assember
|
||||
|
||||
echo Bignum
|
||||
cd crypto\bn\asm
|
||||
perl x86.pl win32 > bn-win32.asm
|
||||
perl x86.pl win32 > bn_win32.asm
|
||||
cd ..\..\..
|
||||
|
||||
echo DES
|
||||
cd crypto\des\asm
|
||||
perl des-586.pl win32 > d-win32.asm
|
||||
perl des-586.pl win32 > d_win32.asm
|
||||
cd ..\..\..
|
||||
|
||||
echo "crypt(3)"
|
||||
|
||||
cd crypto\des\asm
|
||||
perl crypt586.pl win32 > y-win32.asm
|
||||
perl crypt586.pl win32 > y_win32.asm
|
||||
cd ..\..\..
|
||||
|
||||
echo Blowfish
|
||||
|
||||
cd crypto\bf\asm
|
||||
perl bf-586.pl win32 > b-win32.asm
|
||||
perl bf-586.pl win32 > b_win32.asm
|
||||
cd ..\..\..
|
||||
|
||||
echo CAST5
|
||||
cd crypto\cast\asm
|
||||
perl cast-586.pl win32 > c-win32.asm
|
||||
perl cast-586.pl win32 > c_win32.asm
|
||||
cd ..\..\..
|
||||
|
||||
echo RC4
|
||||
cd crypto\rc4\asm
|
||||
perl rc4-586.pl win32 > r4-win32.asm
|
||||
perl rc4-586.pl win32 > r4_win32.asm
|
||||
cd ..\..\..
|
||||
|
||||
echo MD5
|
||||
cd crypto\md5\asm
|
||||
perl md5-586.pl win32 > m5-win32.asm
|
||||
perl md5-586.pl win32 > m5_win32.asm
|
||||
cd ..\..\..
|
||||
|
||||
echo SHA1
|
||||
cd crypto\sha\asm
|
||||
perl sha1-586.pl win32 > s1-win32.asm
|
||||
perl sha1-586.pl win32 > s1_win32.asm
|
||||
cd ..\..\..
|
||||
|
||||
echo RIPEMD160
|
||||
cd crypto\ripemd\asm
|
||||
perl rmd-586.pl win32 > rm-win32.asm
|
||||
perl rmd-586.pl win32 > rm_win32.asm
|
||||
cd ..\..\..
|
||||
|
||||
echo RC5\32
|
||||
cd crypto\rc5\asm
|
||||
perl rc5-586.pl win32 > r5-win32.asm
|
||||
perl rc5-586.pl win32 > r5_win32.asm
|
||||
cd ..\..\..
|
||||
|
||||
echo on
|
||||
|
@ -4,54 +4,54 @@ echo Generating x86 for NASM assember
|
||||
|
||||
echo Bignum
|
||||
cd crypto\bn\asm
|
||||
perl x86.pl win32n > bn-win32.asm
|
||||
perl x86.pl win32n > bn_win32.asm
|
||||
cd ..\..\..
|
||||
|
||||
echo DES
|
||||
cd crypto\des\asm
|
||||
perl des-586.pl win32n > d-win32.asm
|
||||
perl des-586.pl win32n > d_win32.asm
|
||||
cd ..\..\..
|
||||
|
||||
echo "crypt(3)"
|
||||
|
||||
cd crypto\des\asm
|
||||
perl crypt586.pl win32n > y-win32.asm
|
||||
perl crypt586.pl win32n > y_win32.asm
|
||||
cd ..\..\..
|
||||
|
||||
echo Blowfish
|
||||
|
||||
cd crypto\bf\asm
|
||||
perl bf-586.pl win32n > b-win32.asm
|
||||
perl bf-586.pl win32n > b_win32.asm
|
||||
cd ..\..\..
|
||||
|
||||
echo CAST5
|
||||
cd crypto\cast\asm
|
||||
perl cast-586.pl win32n > c-win32.asm
|
||||
perl cast-586.pl win32n > c_win32.asm
|
||||
cd ..\..\..
|
||||
|
||||
echo RC4
|
||||
cd crypto\rc4\asm
|
||||
perl rc4-586.pl win32n > r4-win32.asm
|
||||
perl rc4-586.pl win32n > r4_win32.asm
|
||||
cd ..\..\..
|
||||
|
||||
echo MD5
|
||||
cd crypto\md5\asm
|
||||
perl md5-586.pl win32n > m5-win32.asm
|
||||
perl md5-586.pl win32n > m5_win32.asm
|
||||
cd ..\..\..
|
||||
|
||||
echo SHA1
|
||||
cd crypto\sha\asm
|
||||
perl sha1-586.pl win32n > s1-win32.asm
|
||||
perl sha1-586.pl win32n > s1_win32.asm
|
||||
cd ..\..\..
|
||||
|
||||
echo RIPEMD160
|
||||
cd crypto\ripemd\asm
|
||||
perl rmd-586.pl win32n > rm-win32.asm
|
||||
perl rmd-586.pl win32n > rm_win32.asm
|
||||
cd ..\..\..
|
||||
|
||||
echo RC5\32
|
||||
cd crypto\rc5\asm
|
||||
perl rc5-586.pl win32n > r5-win32.asm
|
||||
perl rc5-586.pl win32n > r5_win32.asm
|
||||
cd ..\..\..
|
||||
|
||||
echo on
|
||||
@ -62,6 +62,7 @@ rem perl util\mk1mf.pl VC-W31-32 >ms\w31.mak
|
||||
perl util\mk1mf.pl dll VC-W31-32 >ms\w31dll.mak
|
||||
perl util\mk1mf.pl nasm VC-WIN32 >ms\nt.mak
|
||||
perl util\mk1mf.pl dll nasm VC-WIN32 >ms\ntdll.mak
|
||||
perl util\mk1mf.pl nasm BC-NT >ms\bcb.mak
|
||||
|
||||
perl util\mkdef.pl 16 libeay > ms\libeay16.def
|
||||
perl util\mkdef.pl 32 libeay > ms\libeay32.def
|
||||
|
@ -76,7 +76,8 @@ OPENSSL_GLOBAL SSL_CIPHER ssl2_ciphers[]={
|
||||
SSL2_TXT_NULL_WITH_MD5,
|
||||
SSL2_CK_NULL_WITH_MD5,
|
||||
SSL_kRSA|SSL_aRSA|SSL_eNULL|SSL_MD5|SSL_SSLV2,
|
||||
SSL_EXPORT|SSL_EXP40,
|
||||
SSL_EXPORT|SSL_EXP40|SSL_STRONG_NONE,
|
||||
0,
|
||||
0,
|
||||
0,
|
||||
SSL_ALL_CIPHERS,
|
||||
@ -196,6 +197,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl2_ciphers[]={
|
||||
SSL2_TXT_NULL,
|
||||
SSL2_CK_NULL,
|
||||
0,
|
||||
SSL_STRONG_NONE,
|
||||
0,
|
||||
0,
|
||||
0,
|
||||
|
10
ssl/s3_enc.c
10
ssl/s3_enc.c
@ -368,10 +368,16 @@ int ssl3_setup_key_block(SSL *s)
|
||||
*/
|
||||
s->s3->need_empty_fragments = 1;
|
||||
|
||||
if (s->session->cipher != NULL)
|
||||
{
|
||||
if ((s->session->cipher->algorithms & SSL_ENC_MASK) == SSL_eNULL)
|
||||
s->s3->need_empty_fragments = 0;
|
||||
|
||||
#ifndef NO_RC4
|
||||
if ((s->session->cipher != NULL) && ((s->session->cipher->algorithms & SSL_ENC_MASK) == SSL_RC4))
|
||||
s->s3->need_empty_fragments = 0;
|
||||
if ((s->session->cipher->algorithms & SSL_ENC_MASK) == SSL_RC4)
|
||||
s->s3->need_empty_fragments = 0;
|
||||
#endif
|
||||
}
|
||||
}
|
||||
|
||||
return(1);
|
||||
|
@ -129,7 +129,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
|
||||
SSL3_TXT_RSA_NULL_MD5,
|
||||
SSL3_CK_RSA_NULL_MD5,
|
||||
SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_MD5|SSL_SSLV3,
|
||||
SSL_NOT_EXP,
|
||||
SSL_NOT_EXP|SSL_STRONG_NONE,
|
||||
0,
|
||||
0,
|
||||
0,
|
||||
@ -142,7 +142,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
|
||||
SSL3_TXT_RSA_NULL_SHA,
|
||||
SSL3_CK_RSA_NULL_SHA,
|
||||
SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_SHA1|SSL_SSLV3,
|
||||
SSL_NOT_EXP,
|
||||
SSL_NOT_EXP|SSL_STRONG_NONE,
|
||||
0,
|
||||
0,
|
||||
0,
|
||||
@ -490,7 +490,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
|
||||
SSL3_TXT_FZA_DMS_NULL_SHA,
|
||||
SSL3_CK_FZA_DMS_NULL_SHA,
|
||||
SSL_kFZA|SSL_aFZA |SSL_eNULL |SSL_SHA1|SSL_SSLV3,
|
||||
SSL_NOT_EXP,
|
||||
SSL_NOT_EXP|SSL_STRONG_NONE,
|
||||
0,
|
||||
0,
|
||||
0,
|
||||
@ -504,7 +504,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
|
||||
SSL3_TXT_FZA_DMS_FZA_SHA,
|
||||
SSL3_CK_FZA_DMS_FZA_SHA,
|
||||
SSL_kFZA|SSL_aFZA |SSL_eFZA |SSL_SHA1|SSL_SSLV3,
|
||||
SSL_NOT_EXP,
|
||||
SSL_NOT_EXP|SSL_STRONG_NONE,
|
||||
0,
|
||||
0,
|
||||
0,
|
||||
|
@ -283,16 +283,17 @@
|
||||
#define SSL_NOT_EXP 0x00000001L
|
||||
#define SSL_EXPORT 0x00000002L
|
||||
|
||||
#define SSL_STRONG_MASK 0x0000007cL
|
||||
#define SSL_EXP40 0x00000004L
|
||||
#define SSL_STRONG_MASK 0x000000fcL
|
||||
#define SSL_STRONG_NONE 0x00000004L
|
||||
#define SSL_EXP40 0x00000008L
|
||||
#define SSL_MICRO (SSL_EXP40)
|
||||
#define SSL_EXP56 0x00000008L
|
||||
#define SSL_EXP56 0x00000010L
|
||||
#define SSL_MINI (SSL_EXP56)
|
||||
#define SSL_LOW 0x00000010L
|
||||
#define SSL_MEDIUM 0x00000020L
|
||||
#define SSL_HIGH 0x00000040L
|
||||
#define SSL_LOW 0x00000020L
|
||||
#define SSL_MEDIUM 0x00000040L
|
||||
#define SSL_HIGH 0x00000080L
|
||||
|
||||
/* we have used 0000007f - 25 bits left to go */
|
||||
/* we have used 000000ff - 24 bits left to go */
|
||||
|
||||
/*
|
||||
* Macros to check the export status and cipher strength for export ciphers.
|
||||
|
10
ssl/t1_enc.c
10
ssl/t1_enc.c
@ -440,10 +440,16 @@ printf("\nkey block\n");
|
||||
*/
|
||||
s->s3->need_empty_fragments = 1;
|
||||
|
||||
if (s->session->cipher != NULL)
|
||||
{
|
||||
if ((s->session->cipher->algorithms & SSL_ENC_MASK) == SSL_eNULL)
|
||||
s->s3->need_empty_fragments = 0;
|
||||
|
||||
#ifndef NO_RC4
|
||||
if ((s->session->cipher != NULL) && ((s->session->cipher->algorithms & SSL_ENC_MASK) == SSL_RC4))
|
||||
s->s3->need_empty_fragments = 0;
|
||||
if ((s->session->cipher->algorithms & SSL_ENC_MASK) == SSL_RC4)
|
||||
s->s3->need_empty_fragments = 0;
|
||||
#endif
|
||||
}
|
||||
}
|
||||
|
||||
return(1);
|
||||
|
@ -98,7 +98,7 @@ $out_def="out";
|
||||
$inc_def="outinc";
|
||||
$tmp_def="tmp";
|
||||
|
||||
$mkdir="mkdir";
|
||||
$mkdir="-mkdir";
|
||||
|
||||
($ssl,$crypto)=("ssl","crypto");
|
||||
$RSAglue="RSAglue";
|
||||
|
@ -65,24 +65,24 @@ $bf_enc_src='';
|
||||
|
||||
if (!$no_asm)
|
||||
{
|
||||
$bn_mulw_obj='crypto\bn\asm\bn-win32.obj';
|
||||
$bn_mulw_src='crypto\bn\asm\bn-win32.asm';
|
||||
$des_enc_obj='crypto\des\asm\d-win32.obj crypto\des\asm\y-win32.obj';
|
||||
$des_enc_src='crypto\des\asm\d-win32.asm crypto\des\asm\y-win32.asm';
|
||||
$bf_enc_obj='crypto\bf\asm\b-win32.obj';
|
||||
$bf_enc_src='crypto\bf\asm\b-win32.asm';
|
||||
$cast_enc_obj='crypto\cast\asm\c-win32.obj';
|
||||
$cast_enc_src='crypto\cast\asm\c-win32.asm';
|
||||
$rc4_enc_obj='crypto\rc4\asm\r4-win32.obj';
|
||||
$rc4_enc_src='crypto\rc4\asm\r4-win32.asm';
|
||||
$rc5_enc_obj='crypto\rc5\asm\r5-win32.obj';
|
||||
$rc5_enc_src='crypto\rc5\asm\r5-win32.asm';
|
||||
$md5_asm_obj='crypto\md5\asm\m5-win32.obj';
|
||||
$md5_asm_src='crypto\md5\asm\m5-win32.asm';
|
||||
$sha1_asm_obj='crypto\sha\asm\s1-win32.obj';
|
||||
$sha1_asm_src='crypto\sha\asm\s1-win32.asm';
|
||||
$rmd160_asm_obj='crypto\ripemd\asm\rm-win32.obj';
|
||||
$rmd160_asm_src='crypto\ripemd\asm\rm-win32.asm';
|
||||
$bn_mulw_obj='crypto\bn\asm\bn_win32.obj';
|
||||
$bn_mulw_src='crypto\bn\asm\bn_win32.asm';
|
||||
$des_enc_obj='crypto\des\asm\d_win32.obj crypto\des\asm\y_win32.obj';
|
||||
$des_enc_src='crypto\des\asm\d_win32.asm crypto\des\asm\y_win32.asm';
|
||||
$bf_enc_obj='crypto\bf\asm\b_win32.obj';
|
||||
$bf_enc_src='crypto\bf\asm\b_win32.asm';
|
||||
$cast_enc_obj='crypto\cast\asm\c_win32.obj';
|
||||
$cast_enc_src='crypto\cast\asm\c_win32.asm';
|
||||
$rc4_enc_obj='crypto\rc4\asm\r4_win32.obj';
|
||||
$rc4_enc_src='crypto\rc4\asm\r4_win32.asm';
|
||||
$rc5_enc_obj='crypto\rc5\asm\r5_win32.obj';
|
||||
$rc5_enc_src='crypto\rc5\asm\r5_win32.asm';
|
||||
$md5_asm_obj='crypto\md5\asm\m5_win32.obj';
|
||||
$md5_asm_src='crypto\md5\asm\m5_win32.asm';
|
||||
$sha1_asm_obj='crypto\sha\asm\s1_win32.obj';
|
||||
$sha1_asm_src='crypto\sha\asm\s1_win32.asm';
|
||||
$rmd160_asm_obj='crypto\ripemd\asm\rm_win32.obj';
|
||||
$rmd160_asm_src='crypto\ripemd\asm\rm_win32.asm';
|
||||
$cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM";
|
||||
}
|
||||
|
||||
|
@ -67,24 +67,24 @@ $bf_enc_src='';
|
||||
|
||||
if (!$no_asm)
|
||||
{
|
||||
$bn_asm_obj='crypto\bn\asm\bn-win32.obj';
|
||||
$bn_asm_src='crypto\bn\asm\bn-win32.asm';
|
||||
$des_enc_obj='crypto\des\asm\d-win32.obj crypto\des\asm\y-win32.obj';
|
||||
$des_enc_src='crypto\des\asm\d-win32.asm crypto\des\asm\y-win32.asm';
|
||||
$bf_enc_obj='crypto\bf\asm\b-win32.obj';
|
||||
$bf_enc_src='crypto\bf\asm\b-win32.asm';
|
||||
$cast_enc_obj='crypto\cast\asm\c-win32.obj';
|
||||
$cast_enc_src='crypto\cast\asm\c-win32.asm';
|
||||
$rc4_enc_obj='crypto\rc4\asm\r4-win32.obj';
|
||||
$rc4_enc_src='crypto\rc4\asm\r4-win32.asm';
|
||||
$rc5_enc_obj='crypto\rc5\asm\r5-win32.obj';
|
||||
$rc5_enc_src='crypto\rc5\asm\r5-win32.asm';
|
||||
$md5_asm_obj='crypto\md5\asm\m5-win32.obj';
|
||||
$md5_asm_src='crypto\md5\asm\m5-win32.asm';
|
||||
$sha1_asm_obj='crypto\sha\asm\s1-win32.obj';
|
||||
$sha1_asm_src='crypto\sha\asm\s1-win32.asm';
|
||||
$rmd160_asm_obj='crypto\ripemd\asm\rm-win32.obj';
|
||||
$rmd160_asm_src='crypto\ripemd\asm\rm-win32.asm';
|
||||
$bn_asm_obj='crypto\bn\asm\bn_win32.obj';
|
||||
$bn_asm_src='crypto\bn\asm\bn_win32.asm';
|
||||
$des_enc_obj='crypto\des\asm\d_win32.obj crypto\des\asm\y_win32.obj';
|
||||
$des_enc_src='crypto\des\asm\d_win32.asm crypto\des\asm\y_win32.asm';
|
||||
$bf_enc_obj='crypto\bf\asm\b_win32.obj';
|
||||
$bf_enc_src='crypto\bf\asm\b_win32.asm';
|
||||
$cast_enc_obj='crypto\cast\asm\c_win32.obj';
|
||||
$cast_enc_src='crypto\cast\asm\c_win32.asm';
|
||||
$rc4_enc_obj='crypto\rc4\asm\r4_win32.obj';
|
||||
$rc4_enc_src='crypto\rc4\asm\r4_win32.asm';
|
||||
$rc5_enc_obj='crypto\rc5\asm\r5_win32.obj';
|
||||
$rc5_enc_src='crypto\rc5\asm\r5_win32.asm';
|
||||
$md5_asm_obj='crypto\md5\asm\m5_win32.obj';
|
||||
$md5_asm_src='crypto\md5\asm\m5_win32.asm';
|
||||
$sha1_asm_obj='crypto\sha\asm\s1_win32.obj';
|
||||
$sha1_asm_src='crypto\sha\asm\s1_win32.asm';
|
||||
$rmd160_asm_obj='crypto\ripemd\asm\rm_win32.obj';
|
||||
$rmd160_asm_src='crypto\ripemd\asm\rm_win32.asm';
|
||||
$cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM";
|
||||
}
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user