Many security improvements (CHATS) and a warning fix.
This commit is contained in:
85
CHANGES
85
CHANGES
@@ -4,6 +4,91 @@
|
|||||||
|
|
||||||
Changes between 0.9.6h and 0.9.7 [XX xxx 2002]
|
Changes between 0.9.6h and 0.9.7 [XX xxx 2002]
|
||||||
|
|
||||||
|
*) Introduce safe string copy and catenation functions
|
||||||
|
(BUF_strlcpy() and BUF_strlcat()).
|
||||||
|
[Ben Laurie (CHATS) and Richard Levitte]
|
||||||
|
|
||||||
|
*) Avoid using fixed-size buffers for one-line DNs.
|
||||||
|
[Ben Laurie (CHATS)]
|
||||||
|
|
||||||
|
*) Add BUF_MEM_grow_clean() to avoid information leakage when
|
||||||
|
resizing buffers containing secrets, and use where appropriate.
|
||||||
|
[Ben Laurie (CHATS)]
|
||||||
|
|
||||||
|
*) Avoid using fixed size buffers for configuration file location.
|
||||||
|
[Ben Laurie (CHATS)]
|
||||||
|
|
||||||
|
*) Avoid filename truncation for various CA files.
|
||||||
|
[Ben Laurie (CHATS)]
|
||||||
|
|
||||||
|
*) Use sizeof in preference to magic numbers.
|
||||||
|
[Ben Laurie (CHATS)]
|
||||||
|
|
||||||
|
*) Avoid filename truncation in cert requests.
|
||||||
|
[Ben Laurie (CHATS)]
|
||||||
|
|
||||||
|
*) New OPENSSL_assert() macro (similar to assert(), but enabled
|
||||||
|
unconditionally).
|
||||||
|
[Ben Laurie (CHATS)]
|
||||||
|
|
||||||
|
*) Add assertions to check for (supposedly impossible) buffer
|
||||||
|
overflows.
|
||||||
|
[Ben Laurie (CHATS)]
|
||||||
|
|
||||||
|
*) Don't cache truncated DNS entries in the local cache (this could
|
||||||
|
potentially lead to a spoofing attack).
|
||||||
|
[Ben Laurie (CHATS)]
|
||||||
|
|
||||||
|
*) Fix various buffers to be large enough for hex/decimal
|
||||||
|
representations in a platform independent manner.
|
||||||
|
[Ben Laurie (CHATS)]
|
||||||
|
|
||||||
|
*) Add CRYPTO_realloc_clean() to avoid information leakage when
|
||||||
|
resizing buffers containing secrets, and use where appropriate.
|
||||||
|
[Ben Laurie (CHATS)]
|
||||||
|
|
||||||
|
*) Add BIO_indent() to avoid much slightly worrying code to do
|
||||||
|
indents.
|
||||||
|
[Ben Laurie (CHATS)]
|
||||||
|
|
||||||
|
*) Convert sprintf()/BIO_puts() to BIO_printf().
|
||||||
|
[Ben Laurie (CHATS)]
|
||||||
|
|
||||||
|
*) buffer_gets() could terminate with the buffer only half
|
||||||
|
full. Fixed.
|
||||||
|
[Ben Laurie (CHATS)]
|
||||||
|
|
||||||
|
*) Add assertions to prevent crypto functions from overflowing
|
||||||
|
internal buffers by having large block sizes, etc.
|
||||||
|
[Ben Laurie (CHATS)]
|
||||||
|
|
||||||
|
*) Eliminate unused copy of key in RC4.
|
||||||
|
[Ben Laurie (CHATS)]
|
||||||
|
|
||||||
|
*) Eliminate unused and incorrectly sized buffers for IV in pem.h.
|
||||||
|
[Ben Laurie (CHATS)]
|
||||||
|
|
||||||
|
*) Fix off-by-one error in EGD path.
|
||||||
|
[Ben Laurie (CHATS)]
|
||||||
|
|
||||||
|
*) If RANDFILE path is too long, ignore instead of truncating.
|
||||||
|
[Ben Laurie (CHATS)]
|
||||||
|
|
||||||
|
*) Eliminate unused and incorrectly sized X.509 structure
|
||||||
|
CBCParameter.
|
||||||
|
[Ben Laurie (CHATS)]
|
||||||
|
|
||||||
|
*) Eliminate unused and dangerous function knumber().
|
||||||
|
[Ben Laurie (CHATS)]
|
||||||
|
|
||||||
|
*) Eliminate unused and dangerous structure, KSSL_ERR.
|
||||||
|
[Ben Laurie (CHATS)]
|
||||||
|
|
||||||
|
*) Protect against overlong session ID context length in an encoded
|
||||||
|
session object. Since these are local, this does not appear to be
|
||||||
|
exploitable.
|
||||||
|
[Ben Laurie (CHATS)]
|
||||||
|
|
||||||
*) Change from security patch (see 0.9.6e below) that did not affect
|
*) Change from security patch (see 0.9.6e below) that did not affect
|
||||||
the 0.9.6 release series:
|
the 0.9.6 release series:
|
||||||
|
|
||||||
|
@@ -762,30 +762,30 @@ rand.o: ../include/openssl/sha.h ../include/openssl/stack.h
|
|||||||
rand.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
|
rand.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
|
||||||
rand.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
|
rand.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
|
||||||
rand.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h rand.c
|
rand.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h rand.c
|
||||||
req.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
|
req.o: ../crypto/cryptlib.h ../e_os.h ../include/openssl/aes.h
|
||||||
req.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
|
req.o: ../include/openssl/asn1.h ../include/openssl/bio.h
|
||||||
req.o: ../include/openssl/bn.h ../include/openssl/buffer.h
|
req.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
|
||||||
req.o: ../include/openssl/cast.h ../include/openssl/conf.h
|
req.o: ../include/openssl/buffer.h ../include/openssl/cast.h
|
||||||
req.o: ../include/openssl/crypto.h ../include/openssl/des.h
|
req.o: ../include/openssl/conf.h ../include/openssl/crypto.h
|
||||||
req.o: ../include/openssl/des_old.h ../include/openssl/dh.h
|
req.o: ../include/openssl/des.h ../include/openssl/des_old.h
|
||||||
req.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
|
req.o: ../include/openssl/dh.h ../include/openssl/dsa.h
|
||||||
req.o: ../include/openssl/engine.h ../include/openssl/err.h
|
req.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
|
||||||
req.o: ../include/openssl/evp.h ../include/openssl/idea.h
|
req.o: ../include/openssl/err.h ../include/openssl/evp.h
|
||||||
req.o: ../include/openssl/lhash.h ../include/openssl/md2.h
|
req.o: ../include/openssl/idea.h ../include/openssl/lhash.h
|
||||||
req.o: ../include/openssl/md4.h ../include/openssl/md5.h
|
req.o: ../include/openssl/md2.h ../include/openssl/md4.h
|
||||||
req.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
|
req.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
|
||||||
req.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
|
req.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
|
||||||
req.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
|
req.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
|
||||||
req.o: ../include/openssl/pem.h ../include/openssl/pem2.h
|
req.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
|
||||||
req.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
|
req.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
|
||||||
req.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
|
req.o: ../include/openssl/rand.h ../include/openssl/rc2.h
|
||||||
req.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
|
req.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
|
||||||
req.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
|
req.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
|
||||||
req.o: ../include/openssl/sha.h ../include/openssl/stack.h
|
req.o: ../include/openssl/safestack.h ../include/openssl/sha.h
|
||||||
req.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
|
req.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
|
||||||
req.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
|
req.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
|
||||||
req.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
|
req.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
|
||||||
req.o: ../include/openssl/x509v3.h apps.h req.c
|
req.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h req.c
|
||||||
rsa.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
|
rsa.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
|
||||||
rsa.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
|
rsa.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
|
||||||
rsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h
|
rsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h
|
||||||
|
41
apps/apps.c
41
apps/apps.c
@@ -337,8 +337,7 @@ void program_name(char *in, char *out, int size)
|
|||||||
p++;
|
p++;
|
||||||
else
|
else
|
||||||
p=in;
|
p=in;
|
||||||
strncpy(out,p,size-1);
|
BUF_strlcpy(out,p,size);
|
||||||
out[size-1]='\0';
|
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
#endif
|
#endif
|
||||||
@@ -447,16 +446,20 @@ int app_init(long mesgwin)
|
|||||||
|
|
||||||
int dump_cert_text (BIO *out, X509 *x)
|
int dump_cert_text (BIO *out, X509 *x)
|
||||||
{
|
{
|
||||||
char buf[256];
|
char *p;
|
||||||
X509_NAME_oneline(X509_get_subject_name(x),buf,256);
|
|
||||||
BIO_puts(out,"subject=");
|
|
||||||
BIO_puts(out,buf);
|
|
||||||
|
|
||||||
X509_NAME_oneline(X509_get_issuer_name(x),buf,256);
|
p=X509_NAME_oneline(X509_get_subject_name(x),NULL,0);
|
||||||
BIO_puts(out,"\nissuer= ");
|
BIO_puts(out,"subject=");
|
||||||
BIO_puts(out,buf);
|
BIO_puts(out,p);
|
||||||
|
OPENSSL_free(p);
|
||||||
|
|
||||||
|
p=X509_NAME_oneline(X509_get_issuer_name(x),NULL,0);
|
||||||
|
BIO_puts(out,"\nissuer=");
|
||||||
|
BIO_puts(out,p);
|
||||||
BIO_puts(out,"\n");
|
BIO_puts(out,"\n");
|
||||||
return 0;
|
OPENSSL_free(p);
|
||||||
|
|
||||||
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int ui_open(UI *ui)
|
static int ui_open(UI *ui)
|
||||||
@@ -978,7 +981,7 @@ load_netscape_key(BIO *err, BIO *key, const char *file,
|
|||||||
goto error;
|
goto error;
|
||||||
for (;;)
|
for (;;)
|
||||||
{
|
{
|
||||||
if (!BUF_MEM_grow(buf,size+1024*10))
|
if (!BUF_MEM_grow_clean(buf,size+1024*10))
|
||||||
goto error;
|
goto error;
|
||||||
i = BIO_read(key, &(buf->data[size]), 1024*10);
|
i = BIO_read(key, &(buf->data[size]), 1024*10);
|
||||||
size += i;
|
size += i;
|
||||||
@@ -1253,6 +1256,7 @@ void print_name(BIO *out, char *title, X509_NAME *nm, unsigned long lflags)
|
|||||||
char *buf;
|
char *buf;
|
||||||
char mline = 0;
|
char mline = 0;
|
||||||
int indent = 0;
|
int indent = 0;
|
||||||
|
|
||||||
if(title) BIO_puts(out, title);
|
if(title) BIO_puts(out, title);
|
||||||
if((lflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) {
|
if((lflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) {
|
||||||
mline = 1;
|
mline = 1;
|
||||||
@@ -1374,3 +1378,18 @@ int load_config(BIO *err, CONF *cnf)
|
|||||||
}
|
}
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
char *make_config_name()
|
||||||
|
{
|
||||||
|
const char *t=X509_get_default_cert_area();
|
||||||
|
char *p;
|
||||||
|
|
||||||
|
p=OPENSSL_malloc(strlen(t)+strlen(OPENSSL_CONF)+2);
|
||||||
|
strcpy(p,t);
|
||||||
|
#ifndef OPENSSL_SYS_VMS
|
||||||
|
strcat(p,"/");
|
||||||
|
#endif
|
||||||
|
strcat(p,OPENSSL_CONF);
|
||||||
|
|
||||||
|
return p;
|
||||||
|
}
|
||||||
|
@@ -251,6 +251,7 @@ X509_STORE *setup_verify(BIO *bp, char *CAfile, char *CApath);
|
|||||||
ENGINE *setup_engine(BIO *err, const char *engine, int debug);
|
ENGINE *setup_engine(BIO *err, const char *engine, int debug);
|
||||||
|
|
||||||
int load_config(BIO *err, CONF *cnf);
|
int load_config(BIO *err, CONF *cnf);
|
||||||
|
char *make_config_name(void);
|
||||||
|
|
||||||
/* Functions defined in ca.c and also used in ocsp.c */
|
/* Functions defined in ca.c and also used in ocsp.c */
|
||||||
int unpack_revinfo(ASN1_TIME **prevtm, int *preason, ASN1_OBJECT **phold,
|
int unpack_revinfo(ASN1_TIME **prevtm, int *preason, ASN1_OBJECT **phold,
|
||||||
|
56
apps/ca.c
56
apps/ca.c
@@ -334,6 +334,7 @@ int MAIN(int argc, char **argv)
|
|||||||
MS_STATIC char buf[3][BSIZE];
|
MS_STATIC char buf[3][BSIZE];
|
||||||
char *randfile=NULL;
|
char *randfile=NULL;
|
||||||
char *engine = NULL;
|
char *engine = NULL;
|
||||||
|
char *tofree=NULL;
|
||||||
|
|
||||||
#ifdef EFENCE
|
#ifdef EFENCE
|
||||||
EF_PROTECT_FREE=1;
|
EF_PROTECT_FREE=1;
|
||||||
@@ -561,25 +562,26 @@ bad:
|
|||||||
|
|
||||||
ERR_load_crypto_strings();
|
ERR_load_crypto_strings();
|
||||||
|
|
||||||
e = setup_engine(bio_err, engine, 0);
|
e = setup_engine(bio_err, engine, 0);
|
||||||
|
|
||||||
/*****************************************************************/
|
/*****************************************************************/
|
||||||
|
tofree=NULL;
|
||||||
if (configfile == NULL) configfile = getenv("OPENSSL_CONF");
|
if (configfile == NULL) configfile = getenv("OPENSSL_CONF");
|
||||||
if (configfile == NULL) configfile = getenv("SSLEAY_CONF");
|
if (configfile == NULL) configfile = getenv("SSLEAY_CONF");
|
||||||
if (configfile == NULL)
|
if (configfile == NULL)
|
||||||
{
|
{
|
||||||
/* We will just use 'buf[0]' as a temporary buffer. */
|
const char *s=X509_get_default_cert_area();
|
||||||
|
|
||||||
#ifdef OPENSSL_SYS_VMS
|
#ifdef OPENSSL_SYS_VMS
|
||||||
strncpy(buf[0],X509_get_default_cert_area(),
|
tofree=OPENSSL_malloc(strlen(s)+sizeof(CONFIG_FILE));
|
||||||
sizeof(buf[0])-1-sizeof(CONFIG_FILE));
|
strcpy(tofree,s);
|
||||||
#else
|
#else
|
||||||
strncpy(buf[0],X509_get_default_cert_area(),
|
tofree=OPENSSL_malloc(strlen(s)+sizeof(CONFIG_FILE)+1);
|
||||||
sizeof(buf[0])-2-sizeof(CONFIG_FILE));
|
strcpy(tofree,s);
|
||||||
buf[0][sizeof(buf[0])-2-sizeof(CONFIG_FILE)]='\0';
|
strcat(tofree,"/");
|
||||||
strcat(buf[0],"/");
|
|
||||||
#endif
|
#endif
|
||||||
strcat(buf[0],CONFIG_FILE);
|
strcat(tofree,CONFIG_FILE);
|
||||||
configfile=buf[0];
|
configfile=tofree;
|
||||||
}
|
}
|
||||||
|
|
||||||
BIO_printf(bio_err,"Using configuration from %s\n",configfile);
|
BIO_printf(bio_err,"Using configuration from %s\n",configfile);
|
||||||
@@ -594,6 +596,8 @@ bad:
|
|||||||
,errorline,configfile);
|
,errorline,configfile);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
if(tofree)
|
||||||
|
OPENSSL_free(tofree);
|
||||||
|
|
||||||
if (!load_config(bio_err, conf))
|
if (!load_config(bio_err, conf))
|
||||||
goto err;
|
goto err;
|
||||||
@@ -1286,8 +1290,13 @@ bad:
|
|||||||
|
|
||||||
BIO_printf(bio_err,"Write out database with %d new entries\n",sk_X509_num(cert_sk));
|
BIO_printf(bio_err,"Write out database with %d new entries\n",sk_X509_num(cert_sk));
|
||||||
|
|
||||||
strncpy(buf[0],serialfile,BSIZE-4);
|
if(strlen(serialfile) > BSIZE-5 || strlen(dbfile) > BSIZE-5)
|
||||||
buf[0][BSIZE-4]='\0';
|
{
|
||||||
|
BIO_printf(bio_err,"file name too long\n");
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
|
||||||
|
strcpy(buf[0],serialfile);
|
||||||
|
|
||||||
#ifdef OPENSSL_SYS_VMS
|
#ifdef OPENSSL_SYS_VMS
|
||||||
strcat(buf[0],"-new");
|
strcat(buf[0],"-new");
|
||||||
@@ -1297,8 +1306,7 @@ bad:
|
|||||||
|
|
||||||
if (!save_serial(buf[0],serial)) goto err;
|
if (!save_serial(buf[0],serial)) goto err;
|
||||||
|
|
||||||
strncpy(buf[1],dbfile,BSIZE-4);
|
strcpy(buf[1],dbfile);
|
||||||
buf[1][BSIZE-4]='\0';
|
|
||||||
|
|
||||||
#ifdef OPENSSL_SYS_VMS
|
#ifdef OPENSSL_SYS_VMS
|
||||||
strcat(buf[1],"-new");
|
strcat(buf[1],"-new");
|
||||||
@@ -1328,8 +1336,13 @@ bad:
|
|||||||
j=x->cert_info->serialNumber->length;
|
j=x->cert_info->serialNumber->length;
|
||||||
p=(char *)x->cert_info->serialNumber->data;
|
p=(char *)x->cert_info->serialNumber->data;
|
||||||
|
|
||||||
strncpy(buf[2],outdir,BSIZE-(j*2)-6);
|
if(strlen(outdir) >= (j ? BSIZE-j*2-6 : BSIZE-8))
|
||||||
buf[2][BSIZE-(j*2)-6]='\0';
|
{
|
||||||
|
BIO_printf(bio_err,"certificate file name too long\n");
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
|
||||||
|
strcpy(buf[2],outdir);
|
||||||
|
|
||||||
#ifndef OPENSSL_SYS_VMS
|
#ifndef OPENSSL_SYS_VMS
|
||||||
strcat(buf[2],"/");
|
strcat(buf[2],"/");
|
||||||
@@ -1563,8 +1576,13 @@ bad:
|
|||||||
if (j <= 0) goto err;
|
if (j <= 0) goto err;
|
||||||
X509_free(revcert);
|
X509_free(revcert);
|
||||||
|
|
||||||
strncpy(buf[0],dbfile,BSIZE-4);
|
if(strlen(dbfile) > BSIZE-5)
|
||||||
buf[0][BSIZE-4]='\0';
|
{
|
||||||
|
BIO_printf(bio_err,"filename too long\n");
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
|
||||||
|
strcpy(buf[0],dbfile);
|
||||||
#ifndef OPENSSL_SYS_VMS
|
#ifndef OPENSSL_SYS_VMS
|
||||||
strcat(buf[0],".new");
|
strcat(buf[0],".new");
|
||||||
#else
|
#else
|
||||||
@@ -1608,6 +1626,8 @@ bad:
|
|||||||
/*****************************************************************/
|
/*****************************************************************/
|
||||||
ret=0;
|
ret=0;
|
||||||
err:
|
err:
|
||||||
|
if(tofree)
|
||||||
|
OPENSSL_free(tofree);
|
||||||
BIO_free_all(Cout);
|
BIO_free_all(Cout);
|
||||||
BIO_free_all(Sout);
|
BIO_free_all(Sout);
|
||||||
BIO_free_all(out);
|
BIO_free_all(out);
|
||||||
|
@@ -187,7 +187,7 @@ int MAIN(int argc, char **argv)
|
|||||||
{
|
{
|
||||||
BIO_puts(STDout,SSL_CIPHER_description(
|
BIO_puts(STDout,SSL_CIPHER_description(
|
||||||
sk_SSL_CIPHER_value(sk,i),
|
sk_SSL_CIPHER_value(sk,i),
|
||||||
buf,512));
|
buf,sizeof buf));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@@ -117,7 +117,7 @@ int MAIN(int argc, char **argv)
|
|||||||
goto end;
|
goto end;
|
||||||
|
|
||||||
/* first check the program name */
|
/* first check the program name */
|
||||||
program_name(argv[0],pname,PROG_NAME_SIZE);
|
program_name(argv[0],pname,sizeof pname);
|
||||||
|
|
||||||
md=EVP_get_digestbyname(pname);
|
md=EVP_get_digestbyname(pname);
|
||||||
|
|
||||||
|
16
apps/enc.c
16
apps/enc.c
@@ -102,7 +102,7 @@ int MAIN(int argc, char **argv)
|
|||||||
{
|
{
|
||||||
ENGINE *e = NULL;
|
ENGINE *e = NULL;
|
||||||
static const char magic[]="Salted__";
|
static const char magic[]="Salted__";
|
||||||
char mbuf[8]; /* should be 1 smaller than magic */
|
char mbuf[sizeof magic-1];
|
||||||
char *strbuf=NULL;
|
char *strbuf=NULL;
|
||||||
unsigned char *buff=NULL,*bufsize=NULL;
|
unsigned char *buff=NULL,*bufsize=NULL;
|
||||||
int bsize=BSIZE,verbose=0;
|
int bsize=BSIZE,verbose=0;
|
||||||
@@ -131,7 +131,7 @@ int MAIN(int argc, char **argv)
|
|||||||
goto end;
|
goto end;
|
||||||
|
|
||||||
/* first check the program name */
|
/* first check the program name */
|
||||||
program_name(argv[0],pname,PROG_NAME_SIZE);
|
program_name(argv[0],pname,sizeof pname);
|
||||||
if (strcmp(pname,"base64") == 0)
|
if (strcmp(pname,"base64") == 0)
|
||||||
base64=1;
|
base64=1;
|
||||||
|
|
||||||
@@ -216,7 +216,7 @@ int MAIN(int argc, char **argv)
|
|||||||
goto bad;
|
goto bad;
|
||||||
}
|
}
|
||||||
buf[0]='\0';
|
buf[0]='\0';
|
||||||
fgets(buf,128,infile);
|
fgets(buf,sizeof buf,infile);
|
||||||
fclose(infile);
|
fclose(infile);
|
||||||
i=strlen(buf);
|
i=strlen(buf);
|
||||||
if ((i > 0) &&
|
if ((i > 0) &&
|
||||||
@@ -442,12 +442,12 @@ bad:
|
|||||||
else {
|
else {
|
||||||
if(enc) {
|
if(enc) {
|
||||||
if(hsalt) {
|
if(hsalt) {
|
||||||
if(!set_hex(hsalt,salt,PKCS5_SALT_LEN)) {
|
if(!set_hex(hsalt,salt,sizeof salt)) {
|
||||||
BIO_printf(bio_err,
|
BIO_printf(bio_err,
|
||||||
"invalid hex salt value\n");
|
"invalid hex salt value\n");
|
||||||
goto end;
|
goto end;
|
||||||
}
|
}
|
||||||
} else if (RAND_pseudo_bytes(salt, PKCS5_SALT_LEN) < 0)
|
} else if (RAND_pseudo_bytes(salt, sizeof salt) < 0)
|
||||||
goto end;
|
goto end;
|
||||||
/* If -P option then don't bother writing */
|
/* If -P option then don't bother writing */
|
||||||
if((printkey != 2)
|
if((printkey != 2)
|
||||||
@@ -455,14 +455,14 @@ bad:
|
|||||||
sizeof magic-1) != sizeof magic-1
|
sizeof magic-1) != sizeof magic-1
|
||||||
|| BIO_write(wbio,
|
|| BIO_write(wbio,
|
||||||
(char *)salt,
|
(char *)salt,
|
||||||
PKCS5_SALT_LEN) != PKCS5_SALT_LEN)) {
|
sizeof salt) != sizeof salt)) {
|
||||||
BIO_printf(bio_err,"error writing output file\n");
|
BIO_printf(bio_err,"error writing output file\n");
|
||||||
goto end;
|
goto end;
|
||||||
}
|
}
|
||||||
} else if(BIO_read(rbio,mbuf,sizeof mbuf) != sizeof mbuf
|
} else if(BIO_read(rbio,mbuf,sizeof mbuf) != sizeof mbuf
|
||||||
|| BIO_read(rbio,
|
|| BIO_read(rbio,
|
||||||
(unsigned char *)salt,
|
(unsigned char *)salt,
|
||||||
PKCS5_SALT_LEN) != PKCS5_SALT_LEN) {
|
sizeof salt) != sizeof salt) {
|
||||||
BIO_printf(bio_err,"error reading input file\n");
|
BIO_printf(bio_err,"error reading input file\n");
|
||||||
goto end;
|
goto end;
|
||||||
} else if(memcmp(mbuf,magic,sizeof magic-1)) {
|
} else if(memcmp(mbuf,magic,sizeof magic-1)) {
|
||||||
@@ -524,7 +524,7 @@ bad:
|
|||||||
if (!nosalt)
|
if (!nosalt)
|
||||||
{
|
{
|
||||||
printf("salt=");
|
printf("salt=");
|
||||||
for (i=0; i<PKCS5_SALT_LEN; i++)
|
for (i=0; i<sizeof salt; i++)
|
||||||
printf("%02X",salt[i]);
|
printf("%02X",salt[i]);
|
||||||
printf("\n");
|
printf("\n");
|
||||||
}
|
}
|
||||||
|
@@ -1179,7 +1179,7 @@ static int do_responder(OCSP_REQUEST **preq, BIO **pcbio, BIO *acbio, char *port
|
|||||||
|
|
||||||
for(;;)
|
for(;;)
|
||||||
{
|
{
|
||||||
len = BIO_gets(cbio, inbuf, 1024);
|
len = BIO_gets(cbio, inbuf, sizeof inbuf);
|
||||||
if (len <= 0)
|
if (len <= 0)
|
||||||
return 1;
|
return 1;
|
||||||
/* Look for "POST" signalling start of query */
|
/* Look for "POST" signalling start of query */
|
||||||
|
@@ -218,7 +218,8 @@ int main(int Argc, char *Argv[])
|
|||||||
#define PROG_NAME_SIZE 39
|
#define PROG_NAME_SIZE 39
|
||||||
char pname[PROG_NAME_SIZE+1];
|
char pname[PROG_NAME_SIZE+1];
|
||||||
FUNCTION f,*fp;
|
FUNCTION f,*fp;
|
||||||
MS_STATIC char *prompt,buf[1024],config_name[256];
|
MS_STATIC char *prompt,buf[1024];
|
||||||
|
char *to_free=NULL;
|
||||||
int n,i,ret=0;
|
int n,i,ret=0;
|
||||||
int argc;
|
int argc;
|
||||||
char **argv,*p;
|
char **argv,*p;
|
||||||
@@ -261,14 +262,7 @@ int main(int Argc, char *Argv[])
|
|||||||
if (p == NULL)
|
if (p == NULL)
|
||||||
p=getenv("SSLEAY_CONF");
|
p=getenv("SSLEAY_CONF");
|
||||||
if (p == NULL)
|
if (p == NULL)
|
||||||
{
|
p=to_free=make_config_name();
|
||||||
strcpy(config_name,X509_get_default_cert_area());
|
|
||||||
#ifndef OPENSSL_SYS_VMS
|
|
||||||
strcat(config_name,"/");
|
|
||||||
#endif
|
|
||||||
strcat(config_name,OPENSSL_CONF);
|
|
||||||
p=config_name;
|
|
||||||
}
|
|
||||||
|
|
||||||
default_config_file=p;
|
default_config_file=p;
|
||||||
|
|
||||||
@@ -284,7 +278,7 @@ int main(int Argc, char *Argv[])
|
|||||||
prog=prog_init();
|
prog=prog_init();
|
||||||
|
|
||||||
/* first check the program name */
|
/* first check the program name */
|
||||||
program_name(Argv[0],pname,PROG_NAME_SIZE);
|
program_name(Argv[0],pname,sizeof pname);
|
||||||
|
|
||||||
f.name=pname;
|
f.name=pname;
|
||||||
fp=(FUNCTION *)lh_retrieve(prog,&f);
|
fp=(FUNCTION *)lh_retrieve(prog,&f);
|
||||||
@@ -312,7 +306,7 @@ int main(int Argc, char *Argv[])
|
|||||||
{
|
{
|
||||||
ret=0;
|
ret=0;
|
||||||
p=buf;
|
p=buf;
|
||||||
n=1024;
|
n=sizeof buf;
|
||||||
i=0;
|
i=0;
|
||||||
for (;;)
|
for (;;)
|
||||||
{
|
{
|
||||||
@@ -346,6 +340,8 @@ int main(int Argc, char *Argv[])
|
|||||||
BIO_printf(bio_err,"bad exit\n");
|
BIO_printf(bio_err,"bad exit\n");
|
||||||
ret=1;
|
ret=1;
|
||||||
end:
|
end:
|
||||||
|
if (to_free)
|
||||||
|
OPENSSL_free(to_free);
|
||||||
if (config != NULL)
|
if (config != NULL)
|
||||||
{
|
{
|
||||||
NCONF_free(config);
|
NCONF_free(config);
|
||||||
|
@@ -399,7 +399,7 @@ int MAIN(int argc, char **argv)
|
|||||||
#ifdef CRYPTO_MDEBUG
|
#ifdef CRYPTO_MDEBUG
|
||||||
CRYPTO_push_info("read MAC password");
|
CRYPTO_push_info("read MAC password");
|
||||||
#endif
|
#endif
|
||||||
if(EVP_read_pw_string (macpass, 50, "Enter MAC Password:", export_cert))
|
if(EVP_read_pw_string (macpass, sizeof macpass, "Enter MAC Password:", export_cert))
|
||||||
{
|
{
|
||||||
BIO_printf (bio_err, "Can't read Password\n");
|
BIO_printf (bio_err, "Can't read Password\n");
|
||||||
goto end;
|
goto end;
|
||||||
@@ -545,7 +545,7 @@ int MAIN(int argc, char **argv)
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
if(!noprompt &&
|
if(!noprompt &&
|
||||||
EVP_read_pw_string(pass, 50, "Enter Export Password:", 1)) {
|
EVP_read_pw_string(pass, sizeof pass, "Enter Export Password:", 1)) {
|
||||||
BIO_printf (bio_err, "Can't read Password\n");
|
BIO_printf (bio_err, "Can't read Password\n");
|
||||||
goto export_end;
|
goto export_end;
|
||||||
}
|
}
|
||||||
@@ -642,7 +642,7 @@ int MAIN(int argc, char **argv)
|
|||||||
#ifdef CRYPTO_MDEBUG
|
#ifdef CRYPTO_MDEBUG
|
||||||
CRYPTO_push_info("read import password");
|
CRYPTO_push_info("read import password");
|
||||||
#endif
|
#endif
|
||||||
if(!noprompt && EVP_read_pw_string(pass, 50, "Enter Import Password:", 0)) {
|
if(!noprompt && EVP_read_pw_string(pass, sizeof pass, "Enter Import Password:", 0)) {
|
||||||
BIO_printf (bio_err, "Can't read Password\n");
|
BIO_printf (bio_err, "Can't read Password\n");
|
||||||
goto end;
|
goto end;
|
||||||
}
|
}
|
||||||
|
@@ -244,7 +244,7 @@ int MAIN(int argc, char **argv)
|
|||||||
if(passout) p8pass = passout;
|
if(passout) p8pass = passout;
|
||||||
else {
|
else {
|
||||||
p8pass = pass;
|
p8pass = pass;
|
||||||
if (EVP_read_pw_string(pass, 50, "Enter Encryption Password:", 1))
|
if (EVP_read_pw_string(pass, sizeof pass, "Enter Encryption Password:", 1))
|
||||||
return (1);
|
return (1);
|
||||||
}
|
}
|
||||||
app_RAND_load_file(NULL, bio_err, 0);
|
app_RAND_load_file(NULL, bio_err, 0);
|
||||||
@@ -302,7 +302,7 @@ int MAIN(int argc, char **argv)
|
|||||||
if(passin) p8pass = passin;
|
if(passin) p8pass = passin;
|
||||||
else {
|
else {
|
||||||
p8pass = pass;
|
p8pass = pass;
|
||||||
EVP_read_pw_string(pass, 50, "Enter Password:", 0);
|
EVP_read_pw_string(pass, sizeof pass, "Enter Password:", 0);
|
||||||
}
|
}
|
||||||
p8inf = PKCS8_decrypt(p8, p8pass, strlen(p8pass));
|
p8inf = PKCS8_decrypt(p8, p8pass, strlen(p8pass));
|
||||||
X509_SIG_free(p8);
|
X509_SIG_free(p8);
|
||||||
|
36
apps/req.c
36
apps/req.c
@@ -73,6 +73,7 @@
|
|||||||
#include <openssl/x509v3.h>
|
#include <openssl/x509v3.h>
|
||||||
#include <openssl/objects.h>
|
#include <openssl/objects.h>
|
||||||
#include <openssl/pem.h>
|
#include <openssl/pem.h>
|
||||||
|
#include "../crypto/cryptlib.h"
|
||||||
|
|
||||||
#define SECTION "req"
|
#define SECTION "req"
|
||||||
|
|
||||||
@@ -176,7 +177,7 @@ int MAIN(int argc, char **argv)
|
|||||||
const EVP_MD *md_alg=NULL,*digest=EVP_md5();
|
const EVP_MD *md_alg=NULL,*digest=EVP_md5();
|
||||||
unsigned long chtype = MBSTRING_ASC;
|
unsigned long chtype = MBSTRING_ASC;
|
||||||
#ifndef MONOLITH
|
#ifndef MONOLITH
|
||||||
MS_STATIC char config_name[256];
|
char *to_free;
|
||||||
long errline;
|
long errline;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
@@ -470,14 +471,7 @@ bad:
|
|||||||
if (p == NULL)
|
if (p == NULL)
|
||||||
p=getenv("SSLEAY_CONF");
|
p=getenv("SSLEAY_CONF");
|
||||||
if (p == NULL)
|
if (p == NULL)
|
||||||
{
|
p=to_free=make_config_name();
|
||||||
strcpy(config_name,X509_get_default_cert_area());
|
|
||||||
#ifndef OPENSSL_SYS_VMS
|
|
||||||
strcat(config_name,"/");
|
|
||||||
#endif
|
|
||||||
strcat(config_name,OPENSSL_CONF);
|
|
||||||
p=config_name;
|
|
||||||
}
|
|
||||||
default_config_file=p;
|
default_config_file=p;
|
||||||
config=NCONF_new(NULL);
|
config=NCONF_new(NULL);
|
||||||
i=NCONF_load(config, p, &errline);
|
i=NCONF_load(config, p, &errline);
|
||||||
@@ -1059,6 +1053,10 @@ loop:
|
|||||||
}
|
}
|
||||||
ex=0;
|
ex=0;
|
||||||
end:
|
end:
|
||||||
|
#ifndef MONOLITH
|
||||||
|
if(to_free)
|
||||||
|
OPENSSL_free(to_free);
|
||||||
|
#endif
|
||||||
if (ex)
|
if (ex)
|
||||||
{
|
{
|
||||||
ERR_print_errors(bio_err);
|
ERR_print_errors(bio_err);
|
||||||
@@ -1218,13 +1216,19 @@ start: for (;;)
|
|||||||
}
|
}
|
||||||
/* If OBJ not recognised ignore it */
|
/* If OBJ not recognised ignore it */
|
||||||
if ((nid=OBJ_txt2nid(type)) == NID_undef) goto start;
|
if ((nid=OBJ_txt2nid(type)) == NID_undef) goto start;
|
||||||
|
|
||||||
|
if(strlen(v->name) > sizeof buf-9)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"Name '%s' too long\n",v->name);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
sprintf(buf,"%s_default",v->name);
|
sprintf(buf,"%s_default",v->name);
|
||||||
if ((def=NCONF_get_string(req_conf,dn_sect,buf)) == NULL)
|
if ((def=NCONF_get_string(req_conf,dn_sect,buf)) == NULL)
|
||||||
{
|
{
|
||||||
ERR_clear_error();
|
ERR_clear_error();
|
||||||
def="";
|
def="";
|
||||||
}
|
}
|
||||||
|
|
||||||
sprintf(buf,"%s_value",v->name);
|
sprintf(buf,"%s_value",v->name);
|
||||||
if ((value=NCONF_get_string(req_conf,dn_sect,buf)) == NULL)
|
if ((value=NCONF_get_string(req_conf,dn_sect,buf)) == NULL)
|
||||||
{
|
{
|
||||||
@@ -1271,6 +1275,12 @@ start2: for (;;)
|
|||||||
if ((nid=OBJ_txt2nid(type)) == NID_undef)
|
if ((nid=OBJ_txt2nid(type)) == NID_undef)
|
||||||
goto start2;
|
goto start2;
|
||||||
|
|
||||||
|
if(strlen(v->name) > sizeof buf-9)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"Name '%s' too long\n",v->name);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
sprintf(buf,"%s_default",type);
|
sprintf(buf,"%s_default",type);
|
||||||
if ((def=NCONF_get_string(req_conf,attr_sect,buf))
|
if ((def=NCONF_get_string(req_conf,attr_sect,buf))
|
||||||
== NULL)
|
== NULL)
|
||||||
@@ -1374,6 +1384,7 @@ start:
|
|||||||
(void)BIO_flush(bio_err);
|
(void)BIO_flush(bio_err);
|
||||||
if(value != NULL)
|
if(value != NULL)
|
||||||
{
|
{
|
||||||
|
OPENSSL_assert(strlen(value) < sizeof buf-2);
|
||||||
strcpy(buf,value);
|
strcpy(buf,value);
|
||||||
strcat(buf,"\n");
|
strcat(buf,"\n");
|
||||||
BIO_printf(bio_err,"%s\n",value);
|
BIO_printf(bio_err,"%s\n",value);
|
||||||
@@ -1383,7 +1394,7 @@ start:
|
|||||||
buf[0]='\0';
|
buf[0]='\0';
|
||||||
if (!batch)
|
if (!batch)
|
||||||
{
|
{
|
||||||
fgets(buf,1024,stdin);
|
fgets(buf,sizeof buf,stdin);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
@@ -1432,6 +1443,7 @@ start:
|
|||||||
(void)BIO_flush(bio_err);
|
(void)BIO_flush(bio_err);
|
||||||
if (value != NULL)
|
if (value != NULL)
|
||||||
{
|
{
|
||||||
|
OPENSSL_assert(strlen(value) < sizeof buf-2);
|
||||||
strcpy(buf,value);
|
strcpy(buf,value);
|
||||||
strcat(buf,"\n");
|
strcat(buf,"\n");
|
||||||
BIO_printf(bio_err,"%s\n",value);
|
BIO_printf(bio_err,"%s\n",value);
|
||||||
@@ -1441,7 +1453,7 @@ start:
|
|||||||
buf[0]='\0';
|
buf[0]='\0';
|
||||||
if (!batch)
|
if (!batch)
|
||||||
{
|
{
|
||||||
fgets(buf,1024,stdin);
|
fgets(buf,sizeof buf,stdin);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
|
@@ -134,7 +134,7 @@ int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
|
|||||||
err= X509_STORE_CTX_get_error(ctx);
|
err= X509_STORE_CTX_get_error(ctx);
|
||||||
depth= X509_STORE_CTX_get_error_depth(ctx);
|
depth= X509_STORE_CTX_get_error_depth(ctx);
|
||||||
|
|
||||||
X509_NAME_oneline(X509_get_subject_name(err_cert),buf,256);
|
X509_NAME_oneline(X509_get_subject_name(err_cert),buf,sizeof buf);
|
||||||
BIO_printf(bio_err,"depth=%d %s\n",depth,buf);
|
BIO_printf(bio_err,"depth=%d %s\n",depth,buf);
|
||||||
if (!ok)
|
if (!ok)
|
||||||
{
|
{
|
||||||
@@ -154,7 +154,7 @@ int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
|
|||||||
switch (ctx->error)
|
switch (ctx->error)
|
||||||
{
|
{
|
||||||
case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
|
case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
|
||||||
X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert),buf,256);
|
X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert),buf,sizeof buf);
|
||||||
BIO_printf(bio_err,"issuer= %s\n",buf);
|
BIO_printf(bio_err,"issuer= %s\n",buf);
|
||||||
break;
|
break;
|
||||||
case X509_V_ERR_CERT_NOT_YET_VALID:
|
case X509_V_ERR_CERT_NOT_YET_VALID:
|
||||||
|
@@ -930,10 +930,10 @@ static void print_stuff(BIO *bio, SSL *s, int full)
|
|||||||
for (i=0; i<sk_X509_num(sk); i++)
|
for (i=0; i<sk_X509_num(sk); i++)
|
||||||
{
|
{
|
||||||
X509_NAME_oneline(X509_get_subject_name(
|
X509_NAME_oneline(X509_get_subject_name(
|
||||||
sk_X509_value(sk,i)),buf,BUFSIZ);
|
sk_X509_value(sk,i)),buf,sizeof buf);
|
||||||
BIO_printf(bio,"%2d s:%s\n",i,buf);
|
BIO_printf(bio,"%2d s:%s\n",i,buf);
|
||||||
X509_NAME_oneline(X509_get_issuer_name(
|
X509_NAME_oneline(X509_get_issuer_name(
|
||||||
sk_X509_value(sk,i)),buf,BUFSIZ);
|
sk_X509_value(sk,i)),buf,sizeof buf);
|
||||||
BIO_printf(bio," i:%s\n",buf);
|
BIO_printf(bio," i:%s\n",buf);
|
||||||
if (c_showcerts)
|
if (c_showcerts)
|
||||||
PEM_write_bio_X509(bio,sk_X509_value(sk,i));
|
PEM_write_bio_X509(bio,sk_X509_value(sk,i));
|
||||||
@@ -948,10 +948,10 @@ static void print_stuff(BIO *bio, SSL *s, int full)
|
|||||||
if (!(c_showcerts && got_a_chain)) /* Redundant if we showed the whole chain */
|
if (!(c_showcerts && got_a_chain)) /* Redundant if we showed the whole chain */
|
||||||
PEM_write_bio_X509(bio,peer);
|
PEM_write_bio_X509(bio,peer);
|
||||||
X509_NAME_oneline(X509_get_subject_name(peer),
|
X509_NAME_oneline(X509_get_subject_name(peer),
|
||||||
buf,BUFSIZ);
|
buf,sizeof buf);
|
||||||
BIO_printf(bio,"subject=%s\n",buf);
|
BIO_printf(bio,"subject=%s\n",buf);
|
||||||
X509_NAME_oneline(X509_get_issuer_name(peer),
|
X509_NAME_oneline(X509_get_issuer_name(peer),
|
||||||
buf,BUFSIZ);
|
buf,sizeof buf);
|
||||||
BIO_printf(bio,"issuer=%s\n",buf);
|
BIO_printf(bio,"issuer=%s\n",buf);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
@@ -973,7 +973,7 @@ static void print_stuff(BIO *bio, SSL *s, int full)
|
|||||||
{
|
{
|
||||||
BIO_printf(bio,"---\nNo client certificate CA names sent\n");
|
BIO_printf(bio,"---\nNo client certificate CA names sent\n");
|
||||||
}
|
}
|
||||||
p=SSL_get_shared_ciphers(s,buf,BUFSIZ);
|
p=SSL_get_shared_ciphers(s,buf,sizeof buf);
|
||||||
if (p != NULL)
|
if (p != NULL)
|
||||||
{
|
{
|
||||||
/* This works only for SSL 2. In later protocol
|
/* This works only for SSL 2. In later protocol
|
||||||
|
@@ -1228,14 +1228,14 @@ static int init_ssl_connection(SSL *con)
|
|||||||
{
|
{
|
||||||
BIO_printf(bio_s_out,"Client certificate\n");
|
BIO_printf(bio_s_out,"Client certificate\n");
|
||||||
PEM_write_bio_X509(bio_s_out,peer);
|
PEM_write_bio_X509(bio_s_out,peer);
|
||||||
X509_NAME_oneline(X509_get_subject_name(peer),buf,BUFSIZ);
|
X509_NAME_oneline(X509_get_subject_name(peer),buf,sizeof buf);
|
||||||
BIO_printf(bio_s_out,"subject=%s\n",buf);
|
BIO_printf(bio_s_out,"subject=%s\n",buf);
|
||||||
X509_NAME_oneline(X509_get_issuer_name(peer),buf,BUFSIZ);
|
X509_NAME_oneline(X509_get_issuer_name(peer),buf,sizeof buf);
|
||||||
BIO_printf(bio_s_out,"issuer=%s\n",buf);
|
BIO_printf(bio_s_out,"issuer=%s\n",buf);
|
||||||
X509_free(peer);
|
X509_free(peer);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (SSL_get_shared_ciphers(con,buf,BUFSIZ) != NULL)
|
if (SSL_get_shared_ciphers(con,buf,sizeof buf) != NULL)
|
||||||
BIO_printf(bio_s_out,"Shared ciphers:%s\n",buf);
|
BIO_printf(bio_s_out,"Shared ciphers:%s\n",buf);
|
||||||
str=SSL_CIPHER_get_name(SSL_get_current_cipher(con));
|
str=SSL_CIPHER_get_name(SSL_get_current_cipher(con));
|
||||||
BIO_printf(bio_s_out,"CIPHER is %s\n",(str != NULL)?str:"(NONE)");
|
BIO_printf(bio_s_out,"CIPHER is %s\n",(str != NULL)?str:"(NONE)");
|
||||||
|
@@ -529,9 +529,12 @@ static struct hostent *GetHostByName(char *name)
|
|||||||
ret=gethostbyname(name);
|
ret=gethostbyname(name);
|
||||||
if (ret == NULL) return(NULL);
|
if (ret == NULL) return(NULL);
|
||||||
/* else add to cache */
|
/* else add to cache */
|
||||||
strncpy(ghbn_cache[lowi].name,name,128);
|
if(strlen(name) < sizeof ghbn_cache[0].name)
|
||||||
memcpy((char *)&(ghbn_cache[lowi].ent),ret,sizeof(struct hostent));
|
{
|
||||||
ghbn_cache[lowi].order=ghbn_miss+ghbn_hits;
|
strcpy(ghbn_cache[lowi].name,name);
|
||||||
|
memcpy((char *)&(ghbn_cache[lowi].ent),ret,sizeof(struct hostent));
|
||||||
|
ghbn_cache[lowi].order=ghbn_miss+ghbn_hits;
|
||||||
|
}
|
||||||
return(ret);
|
return(ret);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
|
@@ -146,6 +146,8 @@
|
|||||||
#undef BUFSIZZ
|
#undef BUFSIZZ
|
||||||
#define BUFSIZZ 1024*10
|
#define BUFSIZZ 1024*10
|
||||||
|
|
||||||
|
#define MYBUFSIZ 1024*8
|
||||||
|
|
||||||
#undef min
|
#undef min
|
||||||
#undef max
|
#undef max
|
||||||
#define min(a,b) (((a) < (b)) ? (a) : (b))
|
#define min(a,b) (((a) < (b)) ? (a) : (b))
|
||||||
@@ -320,6 +322,11 @@ static int parseArgs(int argc, char **argv)
|
|||||||
{
|
{
|
||||||
if (--argc < 1) goto bad;
|
if (--argc < 1) goto bad;
|
||||||
s_www_path= *(++argv);
|
s_www_path= *(++argv);
|
||||||
|
if(strlen(s_www_path) > MYBUFSIZ-100)
|
||||||
|
{
|
||||||
|
BIO_printf(bio_err,"-www option too long\n");
|
||||||
|
badop=1;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
else if(strcmp(*argv,"-bugs") == 0)
|
else if(strcmp(*argv,"-bugs") == 0)
|
||||||
st_bugs=1;
|
st_bugs=1;
|
||||||
|
@@ -1781,7 +1781,7 @@ static char *sstrsep(char **string, const char *delim)
|
|||||||
if (**string == 0)
|
if (**string == 0)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
memset(isdelim, 0, 256);
|
memset(isdelim, 0, sizeof isdelim);
|
||||||
isdelim[0] = 1;
|
isdelim[0] = 1;
|
||||||
|
|
||||||
while (*delim)
|
while (*delim)
|
||||||
|
@@ -330,7 +330,8 @@ static int MS_CALLBACK cb(int ok, X509_STORE_CTX *ctx)
|
|||||||
if (!ok)
|
if (!ok)
|
||||||
{
|
{
|
||||||
X509_NAME_oneline(
|
X509_NAME_oneline(
|
||||||
X509_get_subject_name(ctx->current_cert),buf,256);
|
X509_get_subject_name(ctx->current_cert),buf,
|
||||||
|
sizeof buf);
|
||||||
printf("%s\n",buf);
|
printf("%s\n",buf);
|
||||||
printf("error %d at %d depth lookup:%s\n",ctx->error,
|
printf("error %d at %d depth lookup:%s\n",ctx->error,
|
||||||
ctx->error_depth,
|
ctx->error_depth,
|
||||||
|
@@ -118,7 +118,6 @@ LRESULT CALLBACK WndProc(HWND hwnd, UINT iMsg, WPARAM wParam, LPARAM lParam)
|
|||||||
HDC hdc;
|
HDC hdc;
|
||||||
PAINTSTRUCT ps;
|
PAINTSTRUCT ps;
|
||||||
RECT rect;
|
RECT rect;
|
||||||
char buffer[200];
|
|
||||||
static int seeded = 0;
|
static int seeded = 0;
|
||||||
|
|
||||||
switch (iMsg)
|
switch (iMsg)
|
||||||
|
@@ -770,10 +770,11 @@ bad:
|
|||||||
int y,z;
|
int y,z;
|
||||||
|
|
||||||
X509_NAME_oneline(X509_get_subject_name(x),
|
X509_NAME_oneline(X509_get_subject_name(x),
|
||||||
buf,256);
|
buf,sizeof buf);
|
||||||
BIO_printf(STDout,"/* subject:%s */\n",buf);
|
BIO_printf(STDout,"/* subject:%s */\n",buf);
|
||||||
m=X509_NAME_oneline(
|
m=X509_NAME_oneline(
|
||||||
X509_get_issuer_name(x),buf,256);
|
X509_get_issuer_name(x),buf,
|
||||||
|
sizeof buf);
|
||||||
BIO_printf(STDout,"/* issuer :%s */\n",buf);
|
BIO_printf(STDout,"/* issuer :%s */\n",buf);
|
||||||
|
|
||||||
z=i2d_X509(x,NULL);
|
z=i2d_X509(x,NULL);
|
||||||
@@ -1074,7 +1075,7 @@ static ASN1_INTEGER *load_serial(char *CAfile, char *serialfile, int create)
|
|||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
if (!a2i_ASN1_INTEGER(io,bs,buf2,1024))
|
if (!a2i_ASN1_INTEGER(io,bs,buf2,sizeof buf2))
|
||||||
{
|
{
|
||||||
BIO_printf(bio_err,"unable to load serial number from %s\n",buf);
|
BIO_printf(bio_err,"unable to load serial number from %s\n",buf);
|
||||||
ERR_print_errors(bio_err);
|
ERR_print_errors(bio_err);
|
||||||
|
@@ -59,20 +59,20 @@ void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
|
|||||||
|
|
||||||
int n;
|
int n;
|
||||||
unsigned long len = length;
|
unsigned long len = length;
|
||||||
unsigned char tmp[16];
|
unsigned char tmp[AES_BLOCK_SIZE];
|
||||||
|
|
||||||
assert(in && out && key && ivec);
|
assert(in && out && key && ivec);
|
||||||
assert((AES_ENCRYPT == enc)||(AES_DECRYPT == enc));
|
assert((AES_ENCRYPT == enc)||(AES_DECRYPT == enc));
|
||||||
|
|
||||||
if (AES_ENCRYPT == enc) {
|
if (AES_ENCRYPT == enc) {
|
||||||
while (len >= AES_BLOCK_SIZE) {
|
while (len >= AES_BLOCK_SIZE) {
|
||||||
for(n=0; n < 16; ++n)
|
for(n=0; n < sizeof tmp; ++n)
|
||||||
tmp[n] = in[n] ^ ivec[n];
|
tmp[n] = in[n] ^ ivec[n];
|
||||||
AES_encrypt(tmp, out, key);
|
AES_encrypt(tmp, out, key);
|
||||||
memcpy(ivec, out, 16);
|
memcpy(ivec, out, AES_BLOCK_SIZE);
|
||||||
len -= 16;
|
len -= AES_BLOCK_SIZE;
|
||||||
in += 16;
|
in += AES_BLOCK_SIZE;
|
||||||
out += 16;
|
out += AES_BLOCK_SIZE;
|
||||||
}
|
}
|
||||||
if (len) {
|
if (len) {
|
||||||
for(n=0; n < len; ++n)
|
for(n=0; n < len; ++n)
|
||||||
@@ -81,25 +81,25 @@ void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
|
|||||||
tmp[n] = ivec[n];
|
tmp[n] = ivec[n];
|
||||||
AES_encrypt(tmp, tmp, key);
|
AES_encrypt(tmp, tmp, key);
|
||||||
memcpy(out, tmp, len);
|
memcpy(out, tmp, len);
|
||||||
memcpy(ivec, tmp, 16);
|
memcpy(ivec, tmp, sizeof tmp);
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
while (len >= AES_BLOCK_SIZE) {
|
while (len >= AES_BLOCK_SIZE) {
|
||||||
memcpy(tmp, in, 16);
|
memcpy(tmp, in, sizeof tmp);
|
||||||
AES_decrypt(in, out, key);
|
AES_decrypt(in, out, key);
|
||||||
for(n=0; n < 16; ++n)
|
for(n=0; n < AES_BLOCK_SIZE; ++n)
|
||||||
out[n] ^= ivec[n];
|
out[n] ^= ivec[n];
|
||||||
memcpy(ivec, tmp, 16);
|
memcpy(ivec, tmp, AES_BLOCK_SIZE);
|
||||||
len -= 16;
|
len -= AES_BLOCK_SIZE;
|
||||||
in += 16;
|
in += AES_BLOCK_SIZE;
|
||||||
out += 16;
|
out += AES_BLOCK_SIZE;
|
||||||
}
|
}
|
||||||
if (len) {
|
if (len) {
|
||||||
memcpy(tmp, in, 16);
|
memcpy(tmp, in, sizeof tmp);
|
||||||
AES_decrypt(tmp, tmp, key);
|
AES_decrypt(tmp, tmp, key);
|
||||||
for(n=0; n < len; ++n)
|
for(n=0; n < len; ++n)
|
||||||
out[n] ^= ivec[n];
|
out[n] ^= ivec[n];
|
||||||
memcpy(ivec, tmp, 16);
|
memcpy(ivec, tmp, sizeof tmp);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@@ -286,13 +286,14 @@ a_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
|
|||||||
a_sign.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
|
a_sign.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
|
||||||
a_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
|
a_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
|
||||||
a_sign.o: ../cryptlib.h a_sign.c
|
a_sign.o: ../cryptlib.h a_sign.c
|
||||||
a_strex.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
|
a_strex.o: ../../e_os.h ../../include/openssl/aes.h
|
||||||
a_strex.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
|
a_strex.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
|
||||||
a_strex.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
|
a_strex.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
|
||||||
a_strex.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
|
a_strex.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
|
||||||
a_strex.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
|
a_strex.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
|
||||||
a_strex.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
|
a_strex.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
|
||||||
a_strex.o: ../../include/openssl/e_os2.h ../../include/openssl/evp.h
|
a_strex.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
|
||||||
|
a_strex.o: ../../include/openssl/err.h ../../include/openssl/evp.h
|
||||||
a_strex.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
|
a_strex.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
|
||||||
a_strex.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
|
a_strex.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
|
||||||
a_strex.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
|
a_strex.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
|
||||||
@@ -305,7 +306,7 @@ a_strex.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
|
|||||||
a_strex.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
|
a_strex.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
|
||||||
a_strex.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
|
a_strex.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
|
||||||
a_strex.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
|
a_strex.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
|
||||||
a_strex.o: ../../include/openssl/x509_vfy.h a_strex.c charmap.h
|
a_strex.o: ../../include/openssl/x509_vfy.h ../cryptlib.h a_strex.c charmap.h
|
||||||
a_strnid.o: ../../e_os.h ../../include/openssl/asn1.h
|
a_strnid.o: ../../e_os.h ../../include/openssl/asn1.h
|
||||||
a_strnid.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
|
a_strnid.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
|
||||||
a_strnid.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
|
a_strnid.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
|
||||||
|
@@ -191,7 +191,9 @@ int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value)
|
|||||||
if (a->data == NULL)
|
if (a->data == NULL)
|
||||||
c=(unsigned char *)OPENSSL_malloc(w+1);
|
c=(unsigned char *)OPENSSL_malloc(w+1);
|
||||||
else
|
else
|
||||||
c=(unsigned char *)OPENSSL_realloc(a->data,w+1);
|
c=(unsigned char *)OPENSSL_realloc_clean(a->data,
|
||||||
|
a->length,
|
||||||
|
w+1);
|
||||||
if (c == NULL) return(0);
|
if (c == NULL) return(0);
|
||||||
if (w+1-a->length > 0) memset(c+a->length, 0, w+1-a->length);
|
if (w+1-a->length > 0) memset(c+a->length, 0, w+1-a->length);
|
||||||
a->data=c;
|
a->data=c;
|
||||||
|
@@ -285,7 +285,7 @@ static int asn1_collate_primitive(ASN1_STRING *a, ASN1_CTX *c)
|
|||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!BUF_MEM_grow(&b,num+os->length))
|
if (!BUF_MEM_grow_clean(&b,num+os->length))
|
||||||
{
|
{
|
||||||
c->error=ERR_R_BUF_LIB;
|
c->error=ERR_R_BUF_LIB;
|
||||||
goto err;
|
goto err;
|
||||||
|
@@ -166,7 +166,7 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb)
|
|||||||
{
|
{
|
||||||
want-=(len-off);
|
want-=(len-off);
|
||||||
|
|
||||||
if (!BUF_MEM_grow(b,len+want))
|
if (!BUF_MEM_grow_clean(b,len+want))
|
||||||
{
|
{
|
||||||
ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE);
|
ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE);
|
||||||
goto err;
|
goto err;
|
||||||
@@ -221,7 +221,7 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb)
|
|||||||
if (want > (len-off))
|
if (want > (len-off))
|
||||||
{
|
{
|
||||||
want-=(len-off);
|
want-=(len-off);
|
||||||
if (!BUF_MEM_grow(b,len+want))
|
if (!BUF_MEM_grow_clean(b,len+want))
|
||||||
{
|
{
|
||||||
ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE);
|
ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE);
|
||||||
goto err;
|
goto err;
|
||||||
|
@@ -183,8 +183,8 @@ int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a)
|
|||||||
|
|
||||||
if ((a == NULL) || (a->data == NULL))
|
if ((a == NULL) || (a->data == NULL))
|
||||||
return(BIO_write(bp,"NULL",4));
|
return(BIO_write(bp,"NULL",4));
|
||||||
i=i2t_ASN1_OBJECT(buf,80,a);
|
i=i2t_ASN1_OBJECT(buf,sizeof buf,a);
|
||||||
if (i > 80) i=80;
|
if (i > sizeof buf) i=sizeof buf;
|
||||||
BIO_write(bp,buf,i);
|
BIO_write(bp,buf,i);
|
||||||
return(i);
|
return(i);
|
||||||
}
|
}
|
||||||
|
@@ -63,6 +63,7 @@
|
|||||||
#include <openssl/asn1.h>
|
#include <openssl/asn1.h>
|
||||||
|
|
||||||
#include "charmap.h"
|
#include "charmap.h"
|
||||||
|
#include "cryptlib.h"
|
||||||
|
|
||||||
/* ASN1_STRING_print_ex() and X509_NAME_print_ex().
|
/* ASN1_STRING_print_ex() and X509_NAME_print_ex().
|
||||||
* Enhanced string and name printing routines handling
|
* Enhanced string and name printing routines handling
|
||||||
@@ -114,14 +115,17 @@ typedef int char_io(void *arg, const void *buf, int len);
|
|||||||
static int do_esc_char(unsigned long c, unsigned char flags, char *do_quotes, char_io *io_ch, void *arg)
|
static int do_esc_char(unsigned long c, unsigned char flags, char *do_quotes, char_io *io_ch, void *arg)
|
||||||
{
|
{
|
||||||
unsigned char chflgs, chtmp;
|
unsigned char chflgs, chtmp;
|
||||||
char tmphex[11];
|
char tmphex[HEX_SIZE(long)+3];
|
||||||
|
|
||||||
|
if(c > 0xffffffffL)
|
||||||
|
return -1;
|
||||||
if(c > 0xffff) {
|
if(c > 0xffff) {
|
||||||
BIO_snprintf(tmphex, 11, "\\W%08lX", c);
|
BIO_snprintf(tmphex, sizeof tmphex, "\\W%08lX", c);
|
||||||
if(!io_ch(arg, tmphex, 10)) return -1;
|
if(!io_ch(arg, tmphex, 10)) return -1;
|
||||||
return 10;
|
return 10;
|
||||||
}
|
}
|
||||||
if(c > 0xff) {
|
if(c > 0xff) {
|
||||||
BIO_snprintf(tmphex, 11, "\\U%04lX", c);
|
BIO_snprintf(tmphex, sizeof tmphex, "\\U%04lX", c);
|
||||||
if(!io_ch(arg, tmphex, 6)) return -1;
|
if(!io_ch(arg, tmphex, 6)) return -1;
|
||||||
return 6;
|
return 6;
|
||||||
}
|
}
|
||||||
@@ -195,7 +199,7 @@ static int do_buf(unsigned char *buf, int buflen,
|
|||||||
if(type & BUF_TYPE_CONVUTF8) {
|
if(type & BUF_TYPE_CONVUTF8) {
|
||||||
unsigned char utfbuf[6];
|
unsigned char utfbuf[6];
|
||||||
int utflen;
|
int utflen;
|
||||||
utflen = UTF8_putc(utfbuf, 6, c);
|
utflen = UTF8_putc(utfbuf, sizeof utfbuf, c);
|
||||||
for(i = 0; i < utflen; i++) {
|
for(i = 0; i < utflen; i++) {
|
||||||
/* We don't need to worry about setting orflags correctly
|
/* We don't need to worry about setting orflags correctly
|
||||||
* because if utflen==1 its value will be correct anyway
|
* because if utflen==1 its value will be correct anyway
|
||||||
@@ -461,7 +465,7 @@ static int do_name_ex(char_io *io_ch, void *arg, X509_NAME *n,
|
|||||||
if(fn_opt != XN_FLAG_FN_NONE) {
|
if(fn_opt != XN_FLAG_FN_NONE) {
|
||||||
int objlen, fld_len;
|
int objlen, fld_len;
|
||||||
if((fn_opt == XN_FLAG_FN_OID) || (fn_nid==NID_undef) ) {
|
if((fn_opt == XN_FLAG_FN_OID) || (fn_nid==NID_undef) ) {
|
||||||
OBJ_obj2txt(objtmp, 80, fn, 1);
|
OBJ_obj2txt(objtmp, sizeof objtmp, fn, 1);
|
||||||
fld_len = 0; /* XXX: what should this be? */
|
fld_len = 0; /* XXX: what should this be? */
|
||||||
objbuf = objtmp;
|
objbuf = objtmp;
|
||||||
} else {
|
} else {
|
||||||
|
@@ -152,7 +152,7 @@ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZE
|
|||||||
if (t->data[0] >= '5') strcpy(str, "19");
|
if (t->data[0] >= '5') strcpy(str, "19");
|
||||||
else strcpy(str, "20");
|
else strcpy(str, "20");
|
||||||
|
|
||||||
strcat(str, (char *)t->data);
|
BUF_strlcat(str, (char *)t->data, t->length+2);
|
||||||
|
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
@@ -79,12 +79,7 @@ static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed,
|
|||||||
else
|
else
|
||||||
p="prim: ";
|
p="prim: ";
|
||||||
if (BIO_write(bp,p,6) < 6) goto err;
|
if (BIO_write(bp,p,6) < 6) goto err;
|
||||||
if (indent)
|
BIO_indent(bp,indent,128);
|
||||||
{
|
|
||||||
if (indent > 128) indent=128;
|
|
||||||
memset(str,' ',indent);
|
|
||||||
if (BIO_write(bp,str,indent) < indent) goto err;
|
|
||||||
}
|
|
||||||
|
|
||||||
p=str;
|
p=str;
|
||||||
if ((xclass & V_ASN1_PRIVATE) == V_ASN1_PRIVATE)
|
if ((xclass & V_ASN1_PRIVATE) == V_ASN1_PRIVATE)
|
||||||
|
@@ -169,8 +169,7 @@ int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size)
|
|||||||
sp=(unsigned char *)OPENSSL_malloc(
|
sp=(unsigned char *)OPENSSL_malloc(
|
||||||
(unsigned int)num+i*2);
|
(unsigned int)num+i*2);
|
||||||
else
|
else
|
||||||
sp=(unsigned char *)OPENSSL_realloc(s,
|
sp=OPENSSL_realloc_clean(s,slen,num+i*2);
|
||||||
(unsigned int)num+i*2);
|
|
||||||
if (sp == NULL)
|
if (sp == NULL)
|
||||||
{
|
{
|
||||||
ASN1err(ASN1_F_A2I_ASN1_INTEGER,ERR_R_MALLOC_FAILURE);
|
ASN1err(ASN1_F_A2I_ASN1_INTEGER,ERR_R_MALLOC_FAILURE);
|
||||||
|
@@ -84,11 +84,11 @@ int X509_CRL_print_fp(FILE *fp, X509_CRL *x)
|
|||||||
|
|
||||||
int X509_CRL_print(BIO *out, X509_CRL *x)
|
int X509_CRL_print(BIO *out, X509_CRL *x)
|
||||||
{
|
{
|
||||||
char buf[256];
|
|
||||||
STACK_OF(X509_REVOKED) *rev;
|
STACK_OF(X509_REVOKED) *rev;
|
||||||
X509_REVOKED *r;
|
X509_REVOKED *r;
|
||||||
long l;
|
long l;
|
||||||
int i, n;
|
int i, n;
|
||||||
|
char *p;
|
||||||
|
|
||||||
BIO_printf(out, "Certificate Revocation List (CRL):\n");
|
BIO_printf(out, "Certificate Revocation List (CRL):\n");
|
||||||
l = X509_CRL_get_version(x);
|
l = X509_CRL_get_version(x);
|
||||||
@@ -96,8 +96,9 @@ int X509_CRL_print(BIO *out, X509_CRL *x)
|
|||||||
i = OBJ_obj2nid(x->sig_alg->algorithm);
|
i = OBJ_obj2nid(x->sig_alg->algorithm);
|
||||||
BIO_printf(out, "%8sSignature Algorithm: %s\n", "",
|
BIO_printf(out, "%8sSignature Algorithm: %s\n", "",
|
||||||
(i == NID_undef) ? "NONE" : OBJ_nid2ln(i));
|
(i == NID_undef) ? "NONE" : OBJ_nid2ln(i));
|
||||||
X509_NAME_oneline(X509_CRL_get_issuer(x),buf,256);
|
p=X509_NAME_oneline(X509_CRL_get_issuer(x),NULL,0);
|
||||||
BIO_printf(out,"%8sIssuer: %s\n","",buf);
|
BIO_printf(out,"%8sIssuer: %s\n","",p);
|
||||||
|
OPENSSL_free(p);
|
||||||
BIO_printf(out,"%8sLast Update: ","");
|
BIO_printf(out,"%8sLast Update: ","");
|
||||||
ASN1_TIME_print(out,X509_CRL_get_lastUpdate(x));
|
ASN1_TIME_print(out,X509_CRL_get_lastUpdate(x));
|
||||||
BIO_printf(out,"\n%8sNext Update: ","");
|
BIO_printf(out,"\n%8sNext Update: ","");
|
||||||
|
@@ -130,14 +130,10 @@ int RSA_print(BIO *bp, const RSA *x, int off)
|
|||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (off)
|
|
||||||
{
|
|
||||||
if (off > 128) off=128;
|
|
||||||
memset(str,' ',off);
|
|
||||||
}
|
|
||||||
if (x->d != NULL)
|
if (x->d != NULL)
|
||||||
{
|
{
|
||||||
if (off && (BIO_write(bp,str,off) <= 0)) goto err;
|
if(!BIO_indent(bp,off,128))
|
||||||
|
goto err;
|
||||||
if (BIO_printf(bp,"Private-Key: (%d bit)\n",BN_num_bits(x->n))
|
if (BIO_printf(bp,"Private-Key: (%d bit)\n",BN_num_bits(x->n))
|
||||||
<= 0) goto err;
|
<= 0) goto err;
|
||||||
}
|
}
|
||||||
@@ -183,7 +179,6 @@ int DSA_print_fp(FILE *fp, const DSA *x, int off)
|
|||||||
|
|
||||||
int DSA_print(BIO *bp, const DSA *x, int off)
|
int DSA_print(BIO *bp, const DSA *x, int off)
|
||||||
{
|
{
|
||||||
char str[128];
|
|
||||||
unsigned char *m=NULL;
|
unsigned char *m=NULL;
|
||||||
int ret=0;
|
int ret=0;
|
||||||
size_t buf_len=0,i;
|
size_t buf_len=0,i;
|
||||||
@@ -210,14 +205,10 @@ int DSA_print(BIO *bp, const DSA *x, int off)
|
|||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (off)
|
|
||||||
{
|
|
||||||
if (off > 128) off=128;
|
|
||||||
memset(str,' ',off);
|
|
||||||
}
|
|
||||||
if (x->priv_key != NULL)
|
if (x->priv_key != NULL)
|
||||||
{
|
{
|
||||||
if (off && (BIO_write(bp,str,off) <= 0)) goto err;
|
if(!BIO_indent(bp,off,128))
|
||||||
|
goto err;
|
||||||
if (BIO_printf(bp,"Private-Key: (%d bit)\n",BN_num_bits(x->p))
|
if (BIO_printf(bp,"Private-Key: (%d bit)\n",BN_num_bits(x->p))
|
||||||
<= 0) goto err;
|
<= 0) goto err;
|
||||||
}
|
}
|
||||||
@@ -240,17 +231,12 @@ static int print(BIO *bp, const char *number, BIGNUM *num, unsigned char *buf,
|
|||||||
int off)
|
int off)
|
||||||
{
|
{
|
||||||
int n,i;
|
int n,i;
|
||||||
char str[128];
|
|
||||||
const char *neg;
|
const char *neg;
|
||||||
|
|
||||||
if (num == NULL) return(1);
|
if (num == NULL) return(1);
|
||||||
neg=(num->neg)?"-":"";
|
neg=(num->neg)?"-":"";
|
||||||
if (off)
|
if(!BIO_indent(bp,off,128))
|
||||||
{
|
return 0;
|
||||||
if (off > 128) off=128;
|
|
||||||
memset(str,' ',off);
|
|
||||||
if (BIO_write(bp,str,off) <= 0) return(0);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (BN_num_bytes(num) <= BN_BYTES)
|
if (BN_num_bytes(num) <= BN_BYTES)
|
||||||
{
|
{
|
||||||
@@ -274,9 +260,9 @@ static int print(BIO *bp, const char *number, BIGNUM *num, unsigned char *buf,
|
|||||||
{
|
{
|
||||||
if ((i%15) == 0)
|
if ((i%15) == 0)
|
||||||
{
|
{
|
||||||
str[0]='\n';
|
if(BIO_puts(bp,"\n") <= 0
|
||||||
memset(&(str[1]),' ',off+4);
|
|| !BIO_indent(bp,off+4,128))
|
||||||
if (BIO_write(bp,str,off+1+4) <= 0) return(0);
|
return 0;
|
||||||
}
|
}
|
||||||
if (BIO_printf(bp,"%02x%s",buf[i],((i+1) == n)?"":":")
|
if (BIO_printf(bp,"%02x%s",buf[i],((i+1) == n)?"":":")
|
||||||
<= 0) return(0);
|
<= 0) return(0);
|
||||||
|
@@ -91,7 +91,6 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags, unsigned long
|
|||||||
EVP_PKEY *pkey;
|
EVP_PKEY *pkey;
|
||||||
STACK_OF(X509_ATTRIBUTE) *sk;
|
STACK_OF(X509_ATTRIBUTE) *sk;
|
||||||
STACK_OF(X509_EXTENSION) *exts;
|
STACK_OF(X509_EXTENSION) *exts;
|
||||||
char str[128];
|
|
||||||
char mlch = ' ';
|
char mlch = ' ';
|
||||||
int nmindent = 0;
|
int nmindent = 0;
|
||||||
|
|
||||||
@@ -116,8 +115,9 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags, unsigned long
|
|||||||
l=0;
|
l=0;
|
||||||
for (i=0; i<ri->version->length; i++)
|
for (i=0; i<ri->version->length; i++)
|
||||||
{ l<<=8; l+=ri->version->data[i]; }
|
{ l<<=8; l+=ri->version->data[i]; }
|
||||||
sprintf(str,"%8sVersion: %s%lu (%s0x%lx)\n","",neg,l,neg,l);
|
if(BIO_printf(bp,"%8sVersion: %s%lu (%s0x%lx)\n","",neg,l,neg,
|
||||||
if (BIO_puts(bp,str) <= 0) goto err;
|
l) <= 0)
|
||||||
|
goto err;
|
||||||
}
|
}
|
||||||
if(!(cflag & X509_FLAG_NO_SUBJECT))
|
if(!(cflag & X509_FLAG_NO_SUBJECT))
|
||||||
{
|
{
|
||||||
@@ -168,14 +168,14 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags, unsigned long
|
|||||||
if(!(cflag & X509_FLAG_NO_ATTRIBUTES))
|
if(!(cflag & X509_FLAG_NO_ATTRIBUTES))
|
||||||
{
|
{
|
||||||
/* may not be */
|
/* may not be */
|
||||||
sprintf(str,"%8sAttributes:\n","");
|
if(BIO_printf(bp,"%8sAttributes:\n","") <= 0)
|
||||||
if (BIO_puts(bp,str) <= 0) goto err;
|
goto err;
|
||||||
|
|
||||||
sk=x->req_info->attributes;
|
sk=x->req_info->attributes;
|
||||||
if (sk_X509_ATTRIBUTE_num(sk) == 0)
|
if (sk_X509_ATTRIBUTE_num(sk) == 0)
|
||||||
{
|
{
|
||||||
sprintf(str,"%12sa0:00\n","");
|
if(BIO_printf(bp,"%12sa0:00\n","") <= 0)
|
||||||
if (BIO_puts(bp,str) <= 0) goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
@@ -190,8 +190,8 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags, unsigned long
|
|||||||
a=sk_X509_ATTRIBUTE_value(sk,i);
|
a=sk_X509_ATTRIBUTE_value(sk,i);
|
||||||
if(X509_REQ_extension_nid(OBJ_obj2nid(a->object)))
|
if(X509_REQ_extension_nid(OBJ_obj2nid(a->object)))
|
||||||
continue;
|
continue;
|
||||||
sprintf(str,"%12s","");
|
if(BIO_printf(bp,"%12s","") <= 0)
|
||||||
if (BIO_puts(bp,str) <= 0) goto err;
|
goto err;
|
||||||
if ((j=i2a_ASN1_OBJECT(bp,a->object)) > 0)
|
if ((j=i2a_ASN1_OBJECT(bp,a->object)) > 0)
|
||||||
{
|
{
|
||||||
if (a->single)
|
if (a->single)
|
||||||
|
@@ -433,15 +433,17 @@ err:
|
|||||||
|
|
||||||
int X509_NAME_print(BIO *bp, X509_NAME *name, int obase)
|
int X509_NAME_print(BIO *bp, X509_NAME *name, int obase)
|
||||||
{
|
{
|
||||||
char *s,*c;
|
char *s,*c,*b;
|
||||||
int ret=0,l,ll,i,first=1;
|
int ret=0,l,ll,i,first=1;
|
||||||
char buf[256];
|
|
||||||
|
|
||||||
ll=80-2-obase;
|
ll=80-2-obase;
|
||||||
|
|
||||||
s=X509_NAME_oneline(name,buf,256);
|
b=s=X509_NAME_oneline(name,NULL,0);
|
||||||
if (!*s)
|
if (!*s)
|
||||||
|
{
|
||||||
|
free(b);
|
||||||
return 1;
|
return 1;
|
||||||
|
}
|
||||||
s++; /* skip the first slash */
|
s++; /* skip the first slash */
|
||||||
|
|
||||||
l=ll;
|
l=ll;
|
||||||
@@ -497,6 +499,7 @@ int X509_NAME_print(BIO *bp, X509_NAME *name, int obase)
|
|||||||
err:
|
err:
|
||||||
X509err(X509_F_X509_NAME_PRINT,ERR_R_BUF_LIB);
|
X509err(X509_F_X509_NAME_PRINT,ERR_R_BUF_LIB);
|
||||||
}
|
}
|
||||||
|
free(b);
|
||||||
return(ret);
|
return(ret);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@@ -77,7 +77,7 @@ int X509_CERT_AUX_print(BIO *out, X509_CERT_AUX *aux, int indent)
|
|||||||
for(i = 0; i < sk_ASN1_OBJECT_num(aux->trust); i++) {
|
for(i = 0; i < sk_ASN1_OBJECT_num(aux->trust); i++) {
|
||||||
if(!first) BIO_puts(out, ", ");
|
if(!first) BIO_puts(out, ", ");
|
||||||
else first = 0;
|
else first = 0;
|
||||||
OBJ_obj2txt(oidstr, 80,
|
OBJ_obj2txt(oidstr, sizeof oidstr,
|
||||||
sk_ASN1_OBJECT_value(aux->trust, i), 0);
|
sk_ASN1_OBJECT_value(aux->trust, i), 0);
|
||||||
BIO_puts(out, oidstr);
|
BIO_puts(out, oidstr);
|
||||||
}
|
}
|
||||||
@@ -90,7 +90,7 @@ int X509_CERT_AUX_print(BIO *out, X509_CERT_AUX *aux, int indent)
|
|||||||
for(i = 0; i < sk_ASN1_OBJECT_num(aux->reject); i++) {
|
for(i = 0; i < sk_ASN1_OBJECT_num(aux->reject); i++) {
|
||||||
if(!first) BIO_puts(out, ", ");
|
if(!first) BIO_puts(out, ", ");
|
||||||
else first = 0;
|
else first = 0;
|
||||||
OBJ_obj2txt(oidstr, 80,
|
OBJ_obj2txt(oidstr, sizeof oidstr,
|
||||||
sk_ASN1_OBJECT_value(aux->reject, i), 0);
|
sk_ASN1_OBJECT_value(aux->reject, i), 0);
|
||||||
BIO_puts(out, oidstr);
|
BIO_puts(out, oidstr);
|
||||||
}
|
}
|
||||||
|
@@ -664,7 +664,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, unsigned char **in, long inl
|
|||||||
if(!asn1_collect(&buf, &p, plen, inf, -1, V_ASN1_UNIVERSAL)) goto err;
|
if(!asn1_collect(&buf, &p, plen, inf, -1, V_ASN1_UNIVERSAL)) goto err;
|
||||||
len = buf.length;
|
len = buf.length;
|
||||||
/* Append a final null to string */
|
/* Append a final null to string */
|
||||||
if(!BUF_MEM_grow(&buf, len + 1)) {
|
if(!BUF_MEM_grow_clean(&buf, len + 1)) {
|
||||||
ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_MALLOC_FAILURE);
|
ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_MALLOC_FAILURE);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@@ -857,7 +857,7 @@ static int collect_data(BUF_MEM *buf, unsigned char **p, long plen)
|
|||||||
int len;
|
int len;
|
||||||
if(buf) {
|
if(buf) {
|
||||||
len = buf->length;
|
len = buf->length;
|
||||||
if(!BUF_MEM_grow(buf, len + plen)) {
|
if(!BUF_MEM_grow_clean(buf, len + plen)) {
|
||||||
ASN1err(ASN1_F_COLLECT_DATA, ERR_R_MALLOC_FAILURE);
|
ASN1err(ASN1_F_COLLECT_DATA, ERR_R_MALLOC_FAILURE);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@@ -186,7 +186,7 @@ if(*bool == -1) printf("BOOL MISSING\n");
|
|||||||
char objbuf[80], *ln;
|
char objbuf[80], *ln;
|
||||||
ln = OBJ_nid2ln(OBJ_obj2nid(fld));
|
ln = OBJ_nid2ln(OBJ_obj2nid(fld));
|
||||||
if(!ln) ln = "";
|
if(!ln) ln = "";
|
||||||
OBJ_obj2txt(objbuf, 80, fld, 1);
|
OBJ_obj2txt(objbuf, sizeof objbuf, fld, 1);
|
||||||
BIO_printf(out, "%*s%s:%s (%s)", indent, "", "OBJECT", ln, objbuf);
|
BIO_printf(out, "%*s%s:%s (%s)", indent, "", "OBJECT", ln, objbuf);
|
||||||
} else {
|
} else {
|
||||||
BIO_printf(out, "%*s%s:", indent, "", name);
|
BIO_printf(out, "%*s%s:", indent, "", name);
|
||||||
|
@@ -454,9 +454,9 @@ static int test(void)
|
|||||||
len=strlen(cbc_data)+1;
|
len=strlen(cbc_data)+1;
|
||||||
|
|
||||||
BF_set_key(&key,16,cbc_key);
|
BF_set_key(&key,16,cbc_key);
|
||||||
memset(cbc_in,0,40);
|
memset(cbc_in,0,sizeof cbc_in);
|
||||||
memset(cbc_out,0,40);
|
memset(cbc_out,0,sizeof cbc_out);
|
||||||
memcpy(iv,cbc_iv,8);
|
memcpy(iv,cbc_iv,sizeof iv);
|
||||||
BF_cbc_encrypt((unsigned char *)cbc_data,cbc_out,len,
|
BF_cbc_encrypt((unsigned char *)cbc_data,cbc_out,len,
|
||||||
&key,iv,BF_ENCRYPT);
|
&key,iv,BF_ENCRYPT);
|
||||||
if (memcmp(cbc_out,cbc_ok,32) != 0)
|
if (memcmp(cbc_out,cbc_ok,32) != 0)
|
||||||
|
@@ -483,7 +483,7 @@ fmtint(
|
|||||||
{
|
{
|
||||||
int signvalue = 0;
|
int signvalue = 0;
|
||||||
unsigned LLONG uvalue;
|
unsigned LLONG uvalue;
|
||||||
char convert[20];
|
char convert[DECIMAL_SIZE(value)+1];
|
||||||
int place = 0;
|
int place = 0;
|
||||||
int spadlen = 0;
|
int spadlen = 0;
|
||||||
int zpadlen = 0;
|
int zpadlen = 0;
|
||||||
@@ -508,8 +508,8 @@ fmtint(
|
|||||||
(caps ? "0123456789ABCDEF" : "0123456789abcdef")
|
(caps ? "0123456789ABCDEF" : "0123456789abcdef")
|
||||||
[uvalue % (unsigned) base];
|
[uvalue % (unsigned) base];
|
||||||
uvalue = (uvalue / (unsigned) base);
|
uvalue = (uvalue / (unsigned) base);
|
||||||
} while (uvalue && (place < 20));
|
} while (uvalue && (place < sizeof convert));
|
||||||
if (place == 20)
|
if (place == sizeof convert)
|
||||||
place--;
|
place--;
|
||||||
convert[place] = 0;
|
convert[place] = 0;
|
||||||
|
|
||||||
@@ -641,8 +641,8 @@ fmtfp(
|
|||||||
(caps ? "0123456789ABCDEF"
|
(caps ? "0123456789ABCDEF"
|
||||||
: "0123456789abcdef")[intpart % 10];
|
: "0123456789abcdef")[intpart % 10];
|
||||||
intpart = (intpart / 10);
|
intpart = (intpart / 10);
|
||||||
} while (intpart && (iplace < 20));
|
} while (intpart && (iplace < sizeof iplace));
|
||||||
if (iplace == 20)
|
if (iplace == sizeof iplace)
|
||||||
iplace--;
|
iplace--;
|
||||||
iconvert[iplace] = 0;
|
iconvert[iplace] = 0;
|
||||||
|
|
||||||
@@ -653,7 +653,7 @@ fmtfp(
|
|||||||
: "0123456789abcdef")[fracpart % 10];
|
: "0123456789abcdef")[fracpart % 10];
|
||||||
fracpart = (fracpart / 10);
|
fracpart = (fracpart / 10);
|
||||||
} while (fplace < max);
|
} while (fplace < max);
|
||||||
if (fplace == 20)
|
if (fplace == sizeof fplace)
|
||||||
fplace--;
|
fplace--;
|
||||||
fconvert[fplace] = 0;
|
fconvert[fplace] = 0;
|
||||||
|
|
||||||
|
@@ -83,6 +83,7 @@
|
|||||||
static int wsa_init_done=0;
|
static int wsa_init_done=0;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#if 0
|
||||||
static unsigned long BIO_ghbn_hits=0L;
|
static unsigned long BIO_ghbn_hits=0L;
|
||||||
static unsigned long BIO_ghbn_miss=0L;
|
static unsigned long BIO_ghbn_miss=0L;
|
||||||
|
|
||||||
@@ -93,6 +94,7 @@ static struct ghbn_cache_st
|
|||||||
struct hostent *ent;
|
struct hostent *ent;
|
||||||
unsigned long order;
|
unsigned long order;
|
||||||
} ghbn_cache[GHBN_NUM];
|
} ghbn_cache[GHBN_NUM];
|
||||||
|
#endif
|
||||||
|
|
||||||
static int get_ip(const char *str,unsigned char *ip);
|
static int get_ip(const char *str,unsigned char *ip);
|
||||||
#if 0
|
#if 0
|
||||||
@@ -230,6 +232,7 @@ int BIO_sock_error(int sock)
|
|||||||
return(j);
|
return(j);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#if 0
|
||||||
long BIO_ghbn_ctrl(int cmd, int iarg, char *parg)
|
long BIO_ghbn_ctrl(int cmd, int iarg, char *parg)
|
||||||
{
|
{
|
||||||
int i;
|
int i;
|
||||||
@@ -267,6 +270,7 @@ long BIO_ghbn_ctrl(int cmd, int iarg, char *parg)
|
|||||||
}
|
}
|
||||||
return(1);
|
return(1);
|
||||||
}
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
#if 0
|
#if 0
|
||||||
static struct hostent *ghbn_dup(struct hostent *a)
|
static struct hostent *ghbn_dup(struct hostent *a)
|
||||||
|
@@ -482,7 +482,7 @@ static int buffer_gets(BIO *b, char *buf, int size)
|
|||||||
size-=i;
|
size-=i;
|
||||||
ctx->ibuf_len-=i;
|
ctx->ibuf_len-=i;
|
||||||
ctx->ibuf_off+=i;
|
ctx->ibuf_off+=i;
|
||||||
if ((flag) || (i == size))
|
if (flag || size == 0)
|
||||||
{
|
{
|
||||||
*buf='\0';
|
*buf='\0';
|
||||||
return(num);
|
return(num);
|
||||||
|
@@ -522,6 +522,7 @@ int BIO_read(BIO *b, void *data, int len);
|
|||||||
int BIO_gets(BIO *bp,char *buf, int size);
|
int BIO_gets(BIO *bp,char *buf, int size);
|
||||||
int BIO_write(BIO *b, const void *data, int len);
|
int BIO_write(BIO *b, const void *data, int len);
|
||||||
int BIO_puts(BIO *bp,const char *buf);
|
int BIO_puts(BIO *bp,const char *buf);
|
||||||
|
int BIO_indent(BIO *b,int indent,int max);
|
||||||
long BIO_ctrl(BIO *bp,int cmd,long larg,void *parg);
|
long BIO_ctrl(BIO *bp,int cmd,long larg,void *parg);
|
||||||
long BIO_callback_ctrl(BIO *b, int cmd, void (*fp)(struct bio_st *, int, const char *, int, long, long));
|
long BIO_callback_ctrl(BIO *b, int cmd, void (*fp)(struct bio_st *, int, const char *, int, long, long));
|
||||||
char * BIO_ptr_ctrl(BIO *bp,int cmd,long larg);
|
char * BIO_ptr_ctrl(BIO *bp,int cmd,long larg);
|
||||||
@@ -608,7 +609,7 @@ int BIO_new_bio_pair(BIO **bio1, size_t writebuf1,
|
|||||||
|
|
||||||
void BIO_copy_next_retry(BIO *b);
|
void BIO_copy_next_retry(BIO *b);
|
||||||
|
|
||||||
long BIO_ghbn_ctrl(int cmd,int iarg,char *parg);
|
/*long BIO_ghbn_ctrl(int cmd,int iarg,char *parg);*/
|
||||||
|
|
||||||
int BIO_printf(BIO *bio, const char *format, ...);
|
int BIO_printf(BIO *bio, const char *format, ...);
|
||||||
int BIO_vprintf(BIO *bio, const char *format, va_list args);
|
int BIO_vprintf(BIO *bio, const char *format, va_list args);
|
||||||
|
@@ -272,6 +272,18 @@ int BIO_gets(BIO *b, char *in, int inl)
|
|||||||
return(i);
|
return(i);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
int BIO_indent(BIO *b,int indent,int max)
|
||||||
|
{
|
||||||
|
if(indent < 0)
|
||||||
|
indent=0;
|
||||||
|
if(indent > max)
|
||||||
|
indent=max;
|
||||||
|
while(indent--)
|
||||||
|
if(BIO_puts(b," ") != 1)
|
||||||
|
return 0;
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
long BIO_int_ctrl(BIO *b, int cmd, long larg, int iarg)
|
long BIO_int_ctrl(BIO *b, int cmd, long larg, int iarg)
|
||||||
{
|
{
|
||||||
int i;
|
int i;
|
||||||
|
@@ -519,7 +519,7 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
|
|||||||
else if (num == 2)
|
else if (num == 2)
|
||||||
{
|
{
|
||||||
char buf[16];
|
char buf[16];
|
||||||
char *p = ptr;
|
unsigned char *p = ptr;
|
||||||
|
|
||||||
sprintf(buf,"%d.%d.%d.%d",
|
sprintf(buf,"%d.%d.%d.%d",
|
||||||
p[0],p[1],p[2],p[3]);
|
p[0],p[1],p[2],p[3]);
|
||||||
@@ -530,7 +530,7 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
|
|||||||
}
|
}
|
||||||
else if (num == 3)
|
else if (num == 3)
|
||||||
{
|
{
|
||||||
char buf[16];
|
char buf[DECIMAL_SIZE(int)+1];
|
||||||
|
|
||||||
sprintf(buf,"%d",*(int *)ptr);
|
sprintf(buf,"%d",*(int *)ptr);
|
||||||
if (data->param_port != NULL)
|
if (data->param_port != NULL)
|
||||||
|
@@ -274,7 +274,7 @@ static void xsyslog(BIO *bp, int priority, const char *string)
|
|||||||
LPCSTR lpszStrings[2];
|
LPCSTR lpszStrings[2];
|
||||||
WORD evtype= EVENTLOG_ERROR_TYPE;
|
WORD evtype= EVENTLOG_ERROR_TYPE;
|
||||||
int pid = _getpid();
|
int pid = _getpid();
|
||||||
char pidbuf[20];
|
char pidbuf[DECIMAL_SIZE(pid)+4];
|
||||||
|
|
||||||
switch (priority)
|
switch (priority)
|
||||||
{
|
{
|
||||||
|
@@ -190,7 +190,7 @@ static int mem_write(BIO *b, const char *in, int inl)
|
|||||||
|
|
||||||
BIO_clear_retry_flags(b);
|
BIO_clear_retry_flags(b);
|
||||||
blen=bm->length;
|
blen=bm->length;
|
||||||
if (BUF_MEM_grow(bm,blen+inl) != (blen+inl))
|
if (BUF_MEM_grow_clean(bm,blen+inl) != (blen+inl))
|
||||||
goto end;
|
goto end;
|
||||||
memcpy(&(bm->data[blen]),in,inl);
|
memcpy(&(bm->data[blen]),in,inl);
|
||||||
ret=inl;
|
ret=inl;
|
||||||
@@ -284,7 +284,11 @@ static int mem_gets(BIO *bp, char *buf, int size)
|
|||||||
|
|
||||||
BIO_clear_retry_flags(bp);
|
BIO_clear_retry_flags(bp);
|
||||||
j=bm->length;
|
j=bm->length;
|
||||||
if (j <= 0) return(0);
|
if (j <= 0)
|
||||||
|
{
|
||||||
|
*buf='\0';
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
p=bm->data;
|
p=bm->data;
|
||||||
for (i=0; i<j; i++)
|
for (i=0; i<j; i++)
|
||||||
{
|
{
|
||||||
|
@@ -125,6 +125,43 @@ int BUF_MEM_grow(BUF_MEM *str, int len)
|
|||||||
return(len);
|
return(len);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
int BUF_MEM_grow_clean(BUF_MEM *str, int len)
|
||||||
|
{
|
||||||
|
char *ret;
|
||||||
|
unsigned int n;
|
||||||
|
|
||||||
|
if (str->length >= len)
|
||||||
|
{
|
||||||
|
memset(&str->data[len],0,str->length-len);
|
||||||
|
str->length=len;
|
||||||
|
return(len);
|
||||||
|
}
|
||||||
|
if (str->max >= len)
|
||||||
|
{
|
||||||
|
memset(&str->data[str->length],0,len-str->length);
|
||||||
|
str->length=len;
|
||||||
|
return(len);
|
||||||
|
}
|
||||||
|
n=(len+3)/3*4;
|
||||||
|
if (str->data == NULL)
|
||||||
|
ret=OPENSSL_malloc(n);
|
||||||
|
else
|
||||||
|
ret=OPENSSL_realloc_clean(str->data,str->max,n);
|
||||||
|
if (ret == NULL)
|
||||||
|
{
|
||||||
|
BUFerr(BUF_F_BUF_MEM_GROW,ERR_R_MALLOC_FAILURE);
|
||||||
|
len=0;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
str->data=ret;
|
||||||
|
str->max=n;
|
||||||
|
memset(&str->data[str->length],0,len-str->length);
|
||||||
|
str->length=len;
|
||||||
|
}
|
||||||
|
return(len);
|
||||||
|
}
|
||||||
|
|
||||||
char *BUF_strdup(const char *str)
|
char *BUF_strdup(const char *str)
|
||||||
{
|
{
|
||||||
char *ret;
|
char *ret;
|
||||||
@@ -143,3 +180,23 @@ char *BUF_strdup(const char *str)
|
|||||||
return(ret);
|
return(ret);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
size_t BUF_strlcpy(char *dst, const char *src, size_t size)
|
||||||
|
{
|
||||||
|
size_t l = 0;
|
||||||
|
for(; size > 1 && *src; size--)
|
||||||
|
{
|
||||||
|
*dst++ = *src++;
|
||||||
|
l++;
|
||||||
|
}
|
||||||
|
if (size)
|
||||||
|
*dst = '\0';
|
||||||
|
return l + strlen(src);
|
||||||
|
}
|
||||||
|
|
||||||
|
size_t BUF_strlcat(char *dst, const char *src, size_t size)
|
||||||
|
{
|
||||||
|
size_t l = 0;
|
||||||
|
for(; size > 0 && *dst; size--, dst++)
|
||||||
|
l++;
|
||||||
|
return l + BUF_strlcpy(dst, src, size);
|
||||||
|
}
|
||||||
|
@@ -63,6 +63,8 @@
|
|||||||
extern "C" {
|
extern "C" {
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#include <sys/types.h>
|
||||||
|
|
||||||
typedef struct buf_mem_st
|
typedef struct buf_mem_st
|
||||||
{
|
{
|
||||||
int length; /* current number of bytes */
|
int length; /* current number of bytes */
|
||||||
@@ -73,8 +75,14 @@ typedef struct buf_mem_st
|
|||||||
BUF_MEM *BUF_MEM_new(void);
|
BUF_MEM *BUF_MEM_new(void);
|
||||||
void BUF_MEM_free(BUF_MEM *a);
|
void BUF_MEM_free(BUF_MEM *a);
|
||||||
int BUF_MEM_grow(BUF_MEM *str, int len);
|
int BUF_MEM_grow(BUF_MEM *str, int len);
|
||||||
|
int BUF_MEM_grow_clean(BUF_MEM *str, int len);
|
||||||
char * BUF_strdup(const char *str);
|
char * BUF_strdup(const char *str);
|
||||||
|
|
||||||
|
/* safe string functions */
|
||||||
|
size_t BUF_strlcpy(char *dst,const char *src,size_t siz);
|
||||||
|
size_t BUF_strlcat(char *dst,const char *src,size_t siz);
|
||||||
|
|
||||||
|
|
||||||
/* BEGIN ERROR CODES */
|
/* BEGIN ERROR CODES */
|
||||||
/* The following lines are auto generated by the script mkerr.pl. Any changes
|
/* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||||
* made after this point may be overwritten when the script is next run.
|
* made after this point may be overwritten when the script is next run.
|
||||||
|
@@ -628,7 +628,7 @@ static int str_copy(CONF *conf, char *section, char **pto, char *from)
|
|||||||
CONFerr(CONF_F_STR_COPY,CONF_R_VARIABLE_HAS_NO_VALUE);
|
CONFerr(CONF_F_STR_COPY,CONF_R_VARIABLE_HAS_NO_VALUE);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
BUF_MEM_grow(buf,(strlen(p)+len-(e-from)));
|
BUF_MEM_grow_clean(buf,(strlen(p)+len-(e-from)));
|
||||||
while (*p)
|
while (*p)
|
||||||
buf->data[to++]= *(p++);
|
buf->data[to++]= *(p++);
|
||||||
from=e;
|
from=e;
|
||||||
|
@@ -493,3 +493,11 @@ BOOL WINAPI DLLEntryPoint(HINSTANCE hinstDLL, DWORD fdwReason,
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
void OpenSSLDie(const char *file,int line,const char *assertion)
|
||||||
|
{
|
||||||
|
fprintf(stderr,
|
||||||
|
"%s(%d): OpenSSL internal error, assertion failed: %s\n",
|
||||||
|
file,line,assertion);
|
||||||
|
abort();
|
||||||
|
}
|
||||||
|
@@ -89,9 +89,13 @@ extern "C" {
|
|||||||
#define X509_CERT_DIR_EVP "SSL_CERT_DIR"
|
#define X509_CERT_DIR_EVP "SSL_CERT_DIR"
|
||||||
#define X509_CERT_FILE_EVP "SSL_CERT_FILE"
|
#define X509_CERT_FILE_EVP "SSL_CERT_FILE"
|
||||||
|
|
||||||
/* size of string represenations */
|
/* size of string representations */
|
||||||
#define DECIMAL_SIZE(type) ((sizeof(type)*8+2)/3+1)
|
#define DECIMAL_SIZE(type) ((sizeof(type)*8+2)/3+1)
|
||||||
#define HEX_SIZE(type) ((sizeof(type)*2)
|
#define HEX_SIZE(type) (sizeof(type)*2)
|
||||||
|
|
||||||
|
/* die if we have to */
|
||||||
|
void OpenSSLDie(const char *file,int line,const char *assertion);
|
||||||
|
#define OPENSSL_assert(e) ((e) ? (void)0 : OpenSSLDie(__FILE__, __LINE__, #e))
|
||||||
|
|
||||||
#ifdef __cplusplus
|
#ifdef __cplusplus
|
||||||
}
|
}
|
||||||
|
@@ -279,6 +279,8 @@ int CRYPTO_is_mem_check_on(void);
|
|||||||
#define OPENSSL_malloc(num) CRYPTO_malloc((int)num,__FILE__,__LINE__)
|
#define OPENSSL_malloc(num) CRYPTO_malloc((int)num,__FILE__,__LINE__)
|
||||||
#define OPENSSL_realloc(addr,num) \
|
#define OPENSSL_realloc(addr,num) \
|
||||||
CRYPTO_realloc((char *)addr,(int)num,__FILE__,__LINE__)
|
CRYPTO_realloc((char *)addr,(int)num,__FILE__,__LINE__)
|
||||||
|
#define OPENSSL_realloc_clean(addr,old_num,num) \
|
||||||
|
CRYPTO_realloc_clean(addr,old_num,num,__FILE__,__LINE__)
|
||||||
#define OPENSSL_remalloc(addr,num) \
|
#define OPENSSL_remalloc(addr,num) \
|
||||||
CRYPTO_remalloc((char **)addr,(int)num,__FILE__,__LINE__)
|
CRYPTO_remalloc((char **)addr,(int)num,__FILE__,__LINE__)
|
||||||
#define OPENSSL_freeFunc CRYPTO_free
|
#define OPENSSL_freeFunc CRYPTO_free
|
||||||
@@ -381,6 +383,8 @@ void CRYPTO_free_locked(void *);
|
|||||||
void *CRYPTO_malloc(int num, const char *file, int line);
|
void *CRYPTO_malloc(int num, const char *file, int line);
|
||||||
void CRYPTO_free(void *);
|
void CRYPTO_free(void *);
|
||||||
void *CRYPTO_realloc(void *addr,int num, const char *file, int line);
|
void *CRYPTO_realloc(void *addr,int num, const char *file, int line);
|
||||||
|
void *CRYPTO_realloc_clean(void *addr,int old_num,int num,const char *file,
|
||||||
|
int line);
|
||||||
void *CRYPTO_remalloc(void *addr,int num, const char *file, int line);
|
void *CRYPTO_remalloc(void *addr,int num, const char *file, int line);
|
||||||
|
|
||||||
void CRYPTO_set_mem_debug_options(long bits);
|
void CRYPTO_set_mem_debug_options(long bits);
|
||||||
@@ -423,7 +427,6 @@ void CRYPTO_mem_leaks(struct bio_st *bio);
|
|||||||
typedef void *CRYPTO_MEM_LEAK_CB(unsigned long, const char *, int, int, void *);
|
typedef void *CRYPTO_MEM_LEAK_CB(unsigned long, const char *, int, int, void *);
|
||||||
void CRYPTO_mem_leaks_cb(CRYPTO_MEM_LEAK_CB *cb);
|
void CRYPTO_mem_leaks_cb(CRYPTO_MEM_LEAK_CB *cb);
|
||||||
|
|
||||||
|
|
||||||
/* BEGIN ERROR CODES */
|
/* BEGIN ERROR CODES */
|
||||||
/* The following lines are auto generated by the script mkerr.pl. Any changes
|
/* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||||
* made after this point may be overwritten when the script is next run.
|
* made after this point may be overwritten when the script is next run.
|
||||||
|
@@ -228,6 +228,7 @@ int DSA_size(const DSA *r)
|
|||||||
|
|
||||||
i=BN_num_bits(r->q);
|
i=BN_num_bits(r->q);
|
||||||
bs.length=(i+7)/8;
|
bs.length=(i+7)/8;
|
||||||
|
OPENSSL_assert(bs.length <= sizeof buf);
|
||||||
bs.data=buf;
|
bs.data=buf;
|
||||||
bs.type=V_ASN1_INTEGER;
|
bs.type=V_ASN1_INTEGER;
|
||||||
/* If the top bit is set the asn1 encoding is 1 larger. */
|
/* If the top bit is set the asn1 encoding is 1 larger. */
|
||||||
|
@@ -165,6 +165,7 @@ static int b64_read(BIO *b, char *out, int outl)
|
|||||||
{
|
{
|
||||||
i=ctx->buf_len-ctx->buf_off;
|
i=ctx->buf_len-ctx->buf_off;
|
||||||
if (i > outl) i=outl;
|
if (i > outl) i=outl;
|
||||||
|
OPENSSL_assert(ctx->buf_off+i < sizeof ctx->buf);
|
||||||
memcpy(out,&(ctx->buf[ctx->buf_off]),i);
|
memcpy(out,&(ctx->buf[ctx->buf_off]),i);
|
||||||
ret=i;
|
ret=i;
|
||||||
out+=i;
|
out+=i;
|
||||||
|
@@ -219,6 +219,8 @@ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
|
|||||||
int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
|
int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
|
||||||
{
|
{
|
||||||
int ret;
|
int ret;
|
||||||
|
|
||||||
|
OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE);
|
||||||
ret=ctx->digest->final(ctx,md);
|
ret=ctx->digest->final(ctx,md);
|
||||||
if (size != NULL)
|
if (size != NULL)
|
||||||
*size=ctx->digest->md_size;
|
*size=ctx->digest->md_size;
|
||||||
|
@@ -174,6 +174,7 @@ static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
|
|||||||
if (type != NULL)
|
if (type != NULL)
|
||||||
{
|
{
|
||||||
l=EVP_CIPHER_CTX_iv_length(c);
|
l=EVP_CIPHER_CTX_iv_length(c);
|
||||||
|
OPENSSL_assert(l <= sizeof iv);
|
||||||
i=ASN1_TYPE_get_int_octetstring(type,&num,iv,l);
|
i=ASN1_TYPE_get_int_octetstring(type,&num,iv,l);
|
||||||
if (i != l)
|
if (i != l)
|
||||||
return(-1);
|
return(-1);
|
||||||
|
@@ -69,8 +69,6 @@
|
|||||||
|
|
||||||
typedef struct
|
typedef struct
|
||||||
{
|
{
|
||||||
/* FIXME: what is the key for? */
|
|
||||||
unsigned char key[EVP_RC4_KEY_SIZE];
|
|
||||||
RC4_KEY ks; /* working key */
|
RC4_KEY ks; /* working key */
|
||||||
} EVP_RC4_KEY;
|
} EVP_RC4_KEY;
|
||||||
|
|
||||||
@@ -121,9 +119,8 @@ const EVP_CIPHER *EVP_rc4_40(void)
|
|||||||
static int rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
static int rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
||||||
const unsigned char *iv, int enc)
|
const unsigned char *iv, int enc)
|
||||||
{
|
{
|
||||||
memcpy(&data(ctx)->key[0],key,EVP_CIPHER_CTX_key_length(ctx));
|
|
||||||
RC4_set_key(&data(ctx)->ks,EVP_CIPHER_CTX_key_length(ctx),
|
RC4_set_key(&data(ctx)->ks,EVP_CIPHER_CTX_key_length(ctx),
|
||||||
data(ctx)->key);
|
key);
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@@ -136,6 +136,7 @@ void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
|
|||||||
|
|
||||||
*outl=0;
|
*outl=0;
|
||||||
if (inl == 0) return;
|
if (inl == 0) return;
|
||||||
|
OPENSSL_assert(ctx->length <= sizeof ctx->enc_data);
|
||||||
if ((ctx->num+inl) < ctx->length)
|
if ((ctx->num+inl) < ctx->length)
|
||||||
{
|
{
|
||||||
memcpy(&(ctx->enc_data[ctx->num]),in,inl);
|
memcpy(&(ctx->enc_data[ctx->num]),in,inl);
|
||||||
@@ -258,6 +259,7 @@ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
|
|||||||
/* only save the good data :-) */
|
/* only save the good data :-) */
|
||||||
if (!B64_NOT_BASE64(v))
|
if (!B64_NOT_BASE64(v))
|
||||||
{
|
{
|
||||||
|
OPENSSL_assert(n < sizeof ctx->enc_data);
|
||||||
d[n++]=tmp;
|
d[n++]=tmp;
|
||||||
ln++;
|
ln++;
|
||||||
}
|
}
|
||||||
|
@@ -63,8 +63,6 @@
|
|||||||
#include <openssl/engine.h>
|
#include <openssl/engine.h>
|
||||||
#include "evp_locl.h"
|
#include "evp_locl.h"
|
||||||
|
|
||||||
#include <assert.h>
|
|
||||||
|
|
||||||
const char *EVP_version="EVP" OPENSSL_VERSION_PTEXT;
|
const char *EVP_version="EVP" OPENSSL_VERSION_PTEXT;
|
||||||
|
|
||||||
void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx)
|
void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx)
|
||||||
@@ -163,9 +161,9 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp
|
|||||||
}
|
}
|
||||||
skip_to_init:
|
skip_to_init:
|
||||||
/* we assume block size is a power of 2 in *cryptUpdate */
|
/* we assume block size is a power of 2 in *cryptUpdate */
|
||||||
assert(ctx->cipher->block_size == 1
|
OPENSSL_assert(ctx->cipher->block_size == 1
|
||||||
|| ctx->cipher->block_size == 8
|
|| ctx->cipher->block_size == 8
|
||||||
|| ctx->cipher->block_size == 16);
|
|| ctx->cipher->block_size == 16);
|
||||||
|
|
||||||
if(!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) {
|
if(!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) {
|
||||||
switch(EVP_CIPHER_CTX_mode(ctx)) {
|
switch(EVP_CIPHER_CTX_mode(ctx)) {
|
||||||
@@ -181,6 +179,7 @@ skip_to_init:
|
|||||||
|
|
||||||
case EVP_CIPH_CBC_MODE:
|
case EVP_CIPH_CBC_MODE:
|
||||||
|
|
||||||
|
OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) <= sizeof ctx->iv);
|
||||||
if(iv) memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
|
if(iv) memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
|
||||||
memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
|
memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
|
||||||
break;
|
break;
|
||||||
@@ -251,6 +250,7 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
|
|||||||
{
|
{
|
||||||
int i,j,bl;
|
int i,j,bl;
|
||||||
|
|
||||||
|
OPENSSL_assert(inl > 0);
|
||||||
if(ctx->buf_len == 0 && (inl&(ctx->block_mask)) == 0)
|
if(ctx->buf_len == 0 && (inl&(ctx->block_mask)) == 0)
|
||||||
{
|
{
|
||||||
if(ctx->cipher->do_cipher(ctx,out,in,inl))
|
if(ctx->cipher->do_cipher(ctx,out,in,inl))
|
||||||
@@ -266,6 +266,7 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
|
|||||||
}
|
}
|
||||||
i=ctx->buf_len;
|
i=ctx->buf_len;
|
||||||
bl=ctx->cipher->block_size;
|
bl=ctx->cipher->block_size;
|
||||||
|
OPENSSL_assert(bl <= sizeof ctx->buf);
|
||||||
if (i != 0)
|
if (i != 0)
|
||||||
{
|
{
|
||||||
if (i+inl < bl)
|
if (i+inl < bl)
|
||||||
@@ -314,6 +315,7 @@ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
|
|||||||
int i,n,b,bl,ret;
|
int i,n,b,bl,ret;
|
||||||
|
|
||||||
b=ctx->cipher->block_size;
|
b=ctx->cipher->block_size;
|
||||||
|
OPENSSL_assert(b <= sizeof ctx->buf);
|
||||||
if (b == 1)
|
if (b == 1)
|
||||||
{
|
{
|
||||||
*outl=0;
|
*outl=0;
|
||||||
@@ -358,6 +360,7 @@ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
|
|||||||
return EVP_EncryptUpdate(ctx, out, outl, in, inl);
|
return EVP_EncryptUpdate(ctx, out, outl, in, inl);
|
||||||
|
|
||||||
b=ctx->cipher->block_size;
|
b=ctx->cipher->block_size;
|
||||||
|
OPENSSL_assert(b <= sizeof ctx->final);
|
||||||
|
|
||||||
if(ctx->final_used)
|
if(ctx->final_used)
|
||||||
{
|
{
|
||||||
@@ -420,6 +423,7 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
|
|||||||
EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_WRONG_FINAL_BLOCK_LENGTH);
|
EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_WRONG_FINAL_BLOCK_LENGTH);
|
||||||
return(0);
|
return(0);
|
||||||
}
|
}
|
||||||
|
OPENSSL_assert(b <= sizeof ctx->final);
|
||||||
n=ctx->final[b-1];
|
n=ctx->final[b-1];
|
||||||
if (n > b)
|
if (n > b)
|
||||||
{
|
{
|
||||||
|
@@ -118,6 +118,8 @@ int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
|
|||||||
|
|
||||||
nkey=type->key_len;
|
nkey=type->key_len;
|
||||||
niv=type->iv_len;
|
niv=type->iv_len;
|
||||||
|
OPENSSL_assert(nkey <= EVP_MAX_KEY_LENGTH);
|
||||||
|
OPENSSL_assert(niv <= EVP_MAX_IV_LENGTH);
|
||||||
|
|
||||||
if (data == NULL) return(nkey);
|
if (data == NULL) return(nkey);
|
||||||
|
|
||||||
|
@@ -90,6 +90,7 @@ int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
|
|||||||
if (type != NULL)
|
if (type != NULL)
|
||||||
{
|
{
|
||||||
l=EVP_CIPHER_CTX_iv_length(c);
|
l=EVP_CIPHER_CTX_iv_length(c);
|
||||||
|
OPENSSL_assert(l <= sizeof c->iv);
|
||||||
i=ASN1_TYPE_get_octetstring(type,c->oiv,l);
|
i=ASN1_TYPE_get_octetstring(type,c->oiv,l);
|
||||||
if (i != l)
|
if (i != l)
|
||||||
return(-1);
|
return(-1);
|
||||||
@@ -106,6 +107,7 @@ int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
|
|||||||
if (type != NULL)
|
if (type != NULL)
|
||||||
{
|
{
|
||||||
j=EVP_CIPHER_CTX_iv_length(c);
|
j=EVP_CIPHER_CTX_iv_length(c);
|
||||||
|
OPENSSL_assert(j <= sizeof c->iv);
|
||||||
i=ASN1_TYPE_set_octetstring(type,c->oiv,j);
|
i=ASN1_TYPE_set_octetstring(type,c->oiv,j);
|
||||||
}
|
}
|
||||||
return(i);
|
return(i);
|
||||||
|
@@ -88,7 +88,7 @@ int EVP_PBE_CipherInit (ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
|
|||||||
char obj_tmp[80];
|
char obj_tmp[80];
|
||||||
EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_UNKNOWN_PBE_ALGORITHM);
|
EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_UNKNOWN_PBE_ALGORITHM);
|
||||||
if (!pbe_obj) strcpy (obj_tmp, "NULL");
|
if (!pbe_obj) strcpy (obj_tmp, "NULL");
|
||||||
else i2t_ASN1_OBJECT(obj_tmp, 80, pbe_obj);
|
else i2t_ASN1_OBJECT(obj_tmp, sizeof obj_tmp, pbe_obj);
|
||||||
ERR_add_error_data(2, "TYPE=", obj_tmp);
|
ERR_add_error_data(2, "TYPE=", obj_tmp);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@@ -140,7 +140,9 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
|
|||||||
EVP_DigestFinal_ex (&ctx, md_tmp, NULL);
|
EVP_DigestFinal_ex (&ctx, md_tmp, NULL);
|
||||||
}
|
}
|
||||||
EVP_MD_CTX_cleanup(&ctx);
|
EVP_MD_CTX_cleanup(&ctx);
|
||||||
|
OPENSSL_assert(EVP_CIPHER_key_length(cipher) <= sizeof md_tmp);
|
||||||
memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher));
|
memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher));
|
||||||
|
OPENSSL_assert(EVP_CIPHER_iv_length(cipher) <= 16);
|
||||||
memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)),
|
memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)),
|
||||||
EVP_CIPHER_iv_length(cipher));
|
EVP_CIPHER_iv_length(cipher));
|
||||||
EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de);
|
EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de);
|
||||||
|
@@ -190,6 +190,7 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
|
|||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
keylen = EVP_CIPHER_CTX_key_length(ctx);
|
keylen = EVP_CIPHER_CTX_key_length(ctx);
|
||||||
|
OPENSSL_assert(keylen <= sizeof key);
|
||||||
|
|
||||||
/* Now decode key derivation function */
|
/* Now decode key derivation function */
|
||||||
|
|
||||||
|
@@ -79,21 +79,23 @@ clean:
|
|||||||
|
|
||||||
# DO NOT DELETE THIS LINE -- make depend depends on it.
|
# DO NOT DELETE THIS LINE -- make depend depends on it.
|
||||||
|
|
||||||
hmac.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
|
hmac.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
|
||||||
hmac.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
|
hmac.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
|
||||||
hmac.o: ../../include/openssl/bn.h ../../include/openssl/cast.h
|
hmac.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
|
||||||
hmac.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
|
hmac.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
|
||||||
hmac.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
|
hmac.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
|
||||||
hmac.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
|
hmac.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
|
||||||
|
hmac.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
|
||||||
hmac.o: ../../include/openssl/evp.h ../../include/openssl/hmac.h
|
hmac.o: ../../include/openssl/evp.h ../../include/openssl/hmac.h
|
||||||
hmac.o: ../../include/openssl/idea.h ../../include/openssl/md2.h
|
hmac.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
|
||||||
hmac.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
|
hmac.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
|
||||||
hmac.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
|
hmac.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
|
||||||
hmac.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
|
hmac.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
|
||||||
hmac.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
|
hmac.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
|
||||||
hmac.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
|
hmac.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h
|
||||||
hmac.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
|
hmac.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
|
||||||
hmac.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
|
hmac.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
|
||||||
hmac.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
|
hmac.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
|
||||||
hmac.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
|
hmac.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
|
||||||
hmac.o: ../../include/openssl/ui_compat.h hmac.c
|
hmac.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
|
||||||
|
hmac.o: ../cryptlib.h hmac.c
|
||||||
|
@@ -59,6 +59,7 @@
|
|||||||
#include <stdlib.h>
|
#include <stdlib.h>
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
#include <openssl/hmac.h>
|
#include <openssl/hmac.h>
|
||||||
|
#include "cryptlib.h"
|
||||||
|
|
||||||
void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
|
void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
|
||||||
const EVP_MD *md, ENGINE *impl)
|
const EVP_MD *md, ENGINE *impl)
|
||||||
@@ -78,6 +79,7 @@ void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
|
|||||||
{
|
{
|
||||||
reset=1;
|
reset=1;
|
||||||
j=EVP_MD_block_size(md);
|
j=EVP_MD_block_size(md);
|
||||||
|
OPENSSL_assert(j <= sizeof ctx->key);
|
||||||
if (j < len)
|
if (j < len)
|
||||||
{
|
{
|
||||||
EVP_DigestInit_ex(&ctx->md_ctx,md, impl);
|
EVP_DigestInit_ex(&ctx->md_ctx,md, impl);
|
||||||
@@ -87,6 +89,7 @@ void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
|
|||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
|
OPENSSL_assert(len <= sizeof ctx->key);
|
||||||
memcpy(ctx->key,key,len);
|
memcpy(ctx->key,key,len);
|
||||||
ctx->key_length=len;
|
ctx->key_length=len;
|
||||||
}
|
}
|
||||||
|
@@ -179,49 +179,29 @@ end:;
|
|||||||
|
|
||||||
void lh_stats_bio(const LHASH *lh, BIO *out)
|
void lh_stats_bio(const LHASH *lh, BIO *out)
|
||||||
{
|
{
|
||||||
char buf[128];
|
BIO_printf(out,"num_items = %lu\n",lh->num_items);
|
||||||
|
BIO_printf(out,"num_nodes = %u\n",lh->num_nodes);
|
||||||
sprintf(buf,"num_items = %lu\n",lh->num_items);
|
BIO_printf(out,"num_alloc_nodes = %u\n",lh->num_alloc_nodes);
|
||||||
BIO_puts(out,buf);
|
BIO_printf(out,"num_expands = %lu\n",lh->num_expands);
|
||||||
sprintf(buf,"num_nodes = %u\n",lh->num_nodes);
|
BIO_printf(out,"num_expand_reallocs = %lu\n",
|
||||||
BIO_puts(out,buf);
|
lh->num_expand_reallocs);
|
||||||
sprintf(buf,"num_alloc_nodes = %u\n",lh->num_alloc_nodes);
|
BIO_printf(out,"num_contracts = %lu\n",lh->num_contracts);
|
||||||
BIO_puts(out,buf);
|
BIO_printf(out,"num_contract_reallocs = %lu\n",
|
||||||
sprintf(buf,"num_expands = %lu\n",lh->num_expands);
|
lh->num_contract_reallocs);
|
||||||
BIO_puts(out,buf);
|
BIO_printf(out,"num_hash_calls = %lu\n",lh->num_hash_calls);
|
||||||
sprintf(buf,"num_expand_reallocs = %lu\n",lh->num_expand_reallocs);
|
BIO_printf(out,"num_comp_calls = %lu\n",lh->num_comp_calls);
|
||||||
BIO_puts(out,buf);
|
BIO_printf(out,"num_insert = %lu\n",lh->num_insert);
|
||||||
sprintf(buf,"num_contracts = %lu\n",lh->num_contracts);
|
BIO_printf(out,"num_replace = %lu\n",lh->num_replace);
|
||||||
BIO_puts(out,buf);
|
BIO_printf(out,"num_delete = %lu\n",lh->num_delete);
|
||||||
sprintf(buf,"num_contract_reallocs = %lu\n",lh->num_contract_reallocs);
|
BIO_printf(out,"num_no_delete = %lu\n",lh->num_no_delete);
|
||||||
BIO_puts(out,buf);
|
BIO_printf(out,"num_retrieve = %lu\n",lh->num_retrieve);
|
||||||
sprintf(buf,"num_hash_calls = %lu\n",lh->num_hash_calls);
|
BIO_printf(out,"num_retrieve_miss = %lu\n",lh->num_retrieve_miss);
|
||||||
BIO_puts(out,buf);
|
BIO_printf(out,"num_hash_comps = %lu\n",lh->num_hash_comps);
|
||||||
sprintf(buf,"num_comp_calls = %lu\n",lh->num_comp_calls);
|
|
||||||
BIO_puts(out,buf);
|
|
||||||
sprintf(buf,"num_insert = %lu\n",lh->num_insert);
|
|
||||||
BIO_puts(out,buf);
|
|
||||||
sprintf(buf,"num_replace = %lu\n",lh->num_replace);
|
|
||||||
BIO_puts(out,buf);
|
|
||||||
sprintf(buf,"num_delete = %lu\n",lh->num_delete);
|
|
||||||
BIO_puts(out,buf);
|
|
||||||
sprintf(buf,"num_no_delete = %lu\n",lh->num_no_delete);
|
|
||||||
BIO_puts(out,buf);
|
|
||||||
sprintf(buf,"num_retrieve = %lu\n",lh->num_retrieve);
|
|
||||||
BIO_puts(out,buf);
|
|
||||||
sprintf(buf,"num_retrieve_miss = %lu\n",lh->num_retrieve_miss);
|
|
||||||
BIO_puts(out,buf);
|
|
||||||
sprintf(buf,"num_hash_comps = %lu\n",lh->num_hash_comps);
|
|
||||||
BIO_puts(out,buf);
|
|
||||||
#if 0
|
#if 0
|
||||||
sprintf(buf,"p = %u\n",lh->p);
|
BIO_printf(out,"p = %u\n",lh->p);
|
||||||
BIO_puts(out,buf);
|
BIO_printf(out,"pmax = %u\n",lh->pmax);
|
||||||
sprintf(buf,"pmax = %u\n",lh->pmax);
|
BIO_printf(out,"up_load = %lu\n",lh->up_load);
|
||||||
BIO_puts(out,buf);
|
BIO_printf(out,"down_load = %lu\n",lh->down_load);
|
||||||
sprintf(buf,"up_load = %lu\n",lh->up_load);
|
|
||||||
BIO_puts(out,buf);
|
|
||||||
sprintf(buf,"down_load = %lu\n",lh->down_load);
|
|
||||||
BIO_puts(out,buf);
|
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -229,14 +209,12 @@ void lh_node_stats_bio(const LHASH *lh, BIO *out)
|
|||||||
{
|
{
|
||||||
LHASH_NODE *n;
|
LHASH_NODE *n;
|
||||||
unsigned int i,num;
|
unsigned int i,num;
|
||||||
char buf[128];
|
|
||||||
|
|
||||||
for (i=0; i<lh->num_nodes; i++)
|
for (i=0; i<lh->num_nodes; i++)
|
||||||
{
|
{
|
||||||
for (n=lh->b[i],num=0; n != NULL; n=n->next)
|
for (n=lh->b[i],num=0; n != NULL; n=n->next)
|
||||||
num++;
|
num++;
|
||||||
sprintf(buf,"node %6u -> %3u\n",i,num);
|
BIO_printf(out,"node %6u -> %3u\n",i,num);
|
||||||
BIO_puts(out,buf);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -246,7 +224,6 @@ void lh_node_usage_stats_bio(const LHASH *lh, BIO *out)
|
|||||||
unsigned long num;
|
unsigned long num;
|
||||||
unsigned int i;
|
unsigned int i;
|
||||||
unsigned long total=0,n_used=0;
|
unsigned long total=0,n_used=0;
|
||||||
char buf[128];
|
|
||||||
|
|
||||||
for (i=0; i<lh->num_nodes; i++)
|
for (i=0; i<lh->num_nodes; i++)
|
||||||
{
|
{
|
||||||
@@ -258,17 +235,14 @@ void lh_node_usage_stats_bio(const LHASH *lh, BIO *out)
|
|||||||
total+=num;
|
total+=num;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
sprintf(buf,"%lu nodes used out of %u\n",n_used,lh->num_nodes);
|
BIO_printf(out,"%lu nodes used out of %u\n",n_used,lh->num_nodes);
|
||||||
BIO_puts(out,buf);
|
BIO_printf(out,"%lu items\n",total);
|
||||||
sprintf(buf,"%lu items\n",total);
|
|
||||||
BIO_puts(out,buf);
|
|
||||||
if (n_used == 0) return;
|
if (n_used == 0) return;
|
||||||
sprintf(buf,"load %d.%02d actual load %d.%02d\n",
|
BIO_printf(out,"load %d.%02d actual load %d.%02d\n",
|
||||||
(int)(total/lh->num_nodes),
|
(int)(total/lh->num_nodes),
|
||||||
(int)((total%lh->num_nodes)*100/lh->num_nodes),
|
(int)((total%lh->num_nodes)*100/lh->num_nodes),
|
||||||
(int)(total/n_used),
|
(int)(total/n_used),
|
||||||
(int)((total%n_used)*100/n_used));
|
(int)((total%n_used)*100/n_used));
|
||||||
BIO_puts(out,buf);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
@@ -118,9 +118,9 @@ const char *MD2_options(void)
|
|||||||
int MD2_Init(MD2_CTX *c)
|
int MD2_Init(MD2_CTX *c)
|
||||||
{
|
{
|
||||||
c->num=0;
|
c->num=0;
|
||||||
memset(c->state,0,MD2_BLOCK*sizeof(MD2_INT));
|
memset(c->state,0,sizeof c->state);
|
||||||
memset(c->cksm,0,MD2_BLOCK*sizeof(MD2_INT));
|
memset(c->cksm,0,sizeof c->cksm);
|
||||||
memset(c->data,0,MD2_BLOCK);
|
memset(c->data,0,sizeof c->data);
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@@ -108,7 +108,7 @@ void do_fp(FILE *f)
|
|||||||
MD4_Init(&c);
|
MD4_Init(&c);
|
||||||
for (;;)
|
for (;;)
|
||||||
{
|
{
|
||||||
i=read(fd,buf,BUFSIZE);
|
i=read(fd,buf,sizeof buf);
|
||||||
if (i <= 0) break;
|
if (i <= 0) break;
|
||||||
MD4_Update(&c,buf,(unsigned long)i);
|
MD4_Update(&c,buf,(unsigned long)i);
|
||||||
}
|
}
|
||||||
|
25
crypto/mem.c
25
crypto/mem.c
@@ -305,7 +305,6 @@ void *CRYPTO_realloc(void *str, int num, const char *file, int line)
|
|||||||
|
|
||||||
if (str == NULL)
|
if (str == NULL)
|
||||||
return CRYPTO_malloc(num, file, line);
|
return CRYPTO_malloc(num, file, line);
|
||||||
|
|
||||||
if (realloc_debug_func != NULL)
|
if (realloc_debug_func != NULL)
|
||||||
realloc_debug_func(str, NULL, num, file, line, 0);
|
realloc_debug_func(str, NULL, num, file, line, 0);
|
||||||
ret = realloc_ex_func(str,num,file,line);
|
ret = realloc_ex_func(str,num,file,line);
|
||||||
@@ -318,6 +317,29 @@ void *CRYPTO_realloc(void *str, int num, const char *file, int line)
|
|||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void *CRYPTO_realloc_clean(void *str, int old_len, int num, const char *file,
|
||||||
|
int line)
|
||||||
|
{
|
||||||
|
void *ret = NULL;
|
||||||
|
|
||||||
|
if (str == NULL)
|
||||||
|
return CRYPTO_malloc(num, file, line);
|
||||||
|
if (realloc_debug_func != NULL)
|
||||||
|
realloc_debug_func(str, NULL, num, file, line, 0);
|
||||||
|
ret=malloc_ex_func(num,file,line);
|
||||||
|
if(ret)
|
||||||
|
memcpy(ret,str,old_len);
|
||||||
|
memset(str,'\0',old_len);
|
||||||
|
free_func(str);
|
||||||
|
#ifdef LEVITTE_DEBUG_MEM
|
||||||
|
fprintf(stderr, "LEVITTE_DEBUG_MEM: | 0x%p -> 0x%p (%d)\n", str, ret, num);
|
||||||
|
#endif
|
||||||
|
if (realloc_debug_func != NULL)
|
||||||
|
realloc_debug_func(str, ret, num, file, line, 1);
|
||||||
|
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
void CRYPTO_free(void *str)
|
void CRYPTO_free(void *str)
|
||||||
{
|
{
|
||||||
if (free_debug_func != NULL)
|
if (free_debug_func != NULL)
|
||||||
@@ -337,7 +359,6 @@ void *CRYPTO_remalloc(void *a, int num, const char *file, int line)
|
|||||||
return(a);
|
return(a);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
void CRYPTO_set_mem_debug_options(long bits)
|
void CRYPTO_set_mem_debug_options(long bits)
|
||||||
{
|
{
|
||||||
if (set_debug_options_func != NULL)
|
if (set_debug_options_func != NULL)
|
||||||
|
@@ -666,7 +666,6 @@ static IMPLEMENT_LHASH_DOALL_ARG_FN(print_leak, const MEM *, MEM_LEAK *)
|
|||||||
void CRYPTO_mem_leaks(BIO *b)
|
void CRYPTO_mem_leaks(BIO *b)
|
||||||
{
|
{
|
||||||
MEM_LEAK ml;
|
MEM_LEAK ml;
|
||||||
char buf[80];
|
|
||||||
|
|
||||||
if (mh == NULL && amih == NULL)
|
if (mh == NULL && amih == NULL)
|
||||||
return;
|
return;
|
||||||
@@ -681,9 +680,8 @@ void CRYPTO_mem_leaks(BIO *b)
|
|||||||
(char *)&ml);
|
(char *)&ml);
|
||||||
if (ml.chunks != 0)
|
if (ml.chunks != 0)
|
||||||
{
|
{
|
||||||
sprintf(buf,"%ld bytes leaked in %d chunks\n",
|
BIO_printf(b,"%ld bytes leaked in %d chunks\n",
|
||||||
ml.bytes,ml.chunks);
|
ml.bytes,ml.chunks);
|
||||||
BIO_puts(b,buf);
|
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
|
@@ -464,7 +464,7 @@ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name)
|
|||||||
|
|
||||||
sprintf(tbuf,"%d.%lu",i,l);
|
sprintf(tbuf,"%d.%lu",i,l);
|
||||||
i=strlen(tbuf);
|
i=strlen(tbuf);
|
||||||
strncpy(buf,tbuf,buf_len);
|
BUF_strlcpy(buf,tbuf,buf_len);
|
||||||
buf_len-=i;
|
buf_len-=i;
|
||||||
buf+=i;
|
buf+=i;
|
||||||
n+=i;
|
n+=i;
|
||||||
@@ -476,7 +476,7 @@ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name)
|
|||||||
sprintf(tbuf,".%lu",l);
|
sprintf(tbuf,".%lu",l);
|
||||||
i=strlen(tbuf);
|
i=strlen(tbuf);
|
||||||
if (buf_len > 0)
|
if (buf_len > 0)
|
||||||
strncpy(buf,tbuf,buf_len);
|
BUF_strlcpy(buf,tbuf,buf_len);
|
||||||
buf_len-=i;
|
buf_len-=i;
|
||||||
buf+=i;
|
buf+=i;
|
||||||
n+=i;
|
n+=i;
|
||||||
@@ -488,10 +488,9 @@ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name)
|
|||||||
s=OBJ_nid2ln(nid);
|
s=OBJ_nid2ln(nid);
|
||||||
if (s == NULL)
|
if (s == NULL)
|
||||||
s=OBJ_nid2sn(nid);
|
s=OBJ_nid2sn(nid);
|
||||||
strncpy(buf,s,buf_len);
|
BUF_strlcpy(buf,s,buf_len);
|
||||||
n=strlen(s);
|
n=strlen(s);
|
||||||
}
|
}
|
||||||
buf[buf_len-1]='\0';
|
|
||||||
return(n);
|
return(n);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@@ -94,7 +94,7 @@ Content-Length: %d\r\n\r\n";
|
|||||||
}
|
}
|
||||||
if(!(mem = BIO_new(BIO_s_mem()))) goto err;
|
if(!(mem = BIO_new(BIO_s_mem()))) goto err;
|
||||||
/* Copy response to a memory BIO: socket bios can't do gets! */
|
/* Copy response to a memory BIO: socket bios can't do gets! */
|
||||||
while ((len = BIO_read(b, tmpbuf, 1024))) {
|
while ((len = BIO_read(b, tmpbuf, sizeof tmpbuf))) {
|
||||||
if(len < 0) {
|
if(len < 0) {
|
||||||
OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_READ_ERROR);
|
OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_READ_ERROR);
|
||||||
goto err;
|
goto err;
|
||||||
|
@@ -149,7 +149,7 @@ typedef struct pem_recip_st
|
|||||||
|
|
||||||
int cipher;
|
int cipher;
|
||||||
int key_enc;
|
int key_enc;
|
||||||
char iv[8];
|
/* char iv[8]; unused and wrong size */
|
||||||
} PEM_USER;
|
} PEM_USER;
|
||||||
|
|
||||||
typedef struct pem_ctx_st
|
typedef struct pem_ctx_st
|
||||||
@@ -165,7 +165,8 @@ typedef struct pem_ctx_st
|
|||||||
|
|
||||||
struct {
|
struct {
|
||||||
int cipher;
|
int cipher;
|
||||||
unsigned char iv[8];
|
/* unused, and wrong size
|
||||||
|
unsigned char iv[8]; */
|
||||||
} DEK_info;
|
} DEK_info;
|
||||||
|
|
||||||
PEM_USER *originator;
|
PEM_USER *originator;
|
||||||
@@ -187,7 +188,8 @@ typedef struct pem_ctx_st
|
|||||||
EVP_CIPHER *dec; /* date encryption cipher */
|
EVP_CIPHER *dec; /* date encryption cipher */
|
||||||
int key_len; /* key length */
|
int key_len; /* key length */
|
||||||
unsigned char *key; /* key */
|
unsigned char *key; /* key */
|
||||||
unsigned char iv[8]; /* the iv */
|
/* unused, and wrong size
|
||||||
|
unsigned char iv[8]; */
|
||||||
|
|
||||||
|
|
||||||
int data_enc; /* is the data encrypted */
|
int data_enc; /* is the data encrypted */
|
||||||
|
@@ -324,6 +324,7 @@ int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* create the right magic header stuff */
|
/* create the right magic header stuff */
|
||||||
|
OPENSSL_assert(strlen(objstr)+23+2*enc->iv_len+13 <= sizeof buf);
|
||||||
buf[0]='\0';
|
buf[0]='\0';
|
||||||
PEM_proc_type(buf,PEM_TYPE_ENCRYPTED);
|
PEM_proc_type(buf,PEM_TYPE_ENCRYPTED);
|
||||||
PEM_dek_info(buf,objstr,enc->iv_len,(char *)iv);
|
PEM_dek_info(buf,objstr,enc->iv_len,(char *)iv);
|
||||||
|
@@ -138,7 +138,7 @@ void PEM_proc_type(char *buf, int type)
|
|||||||
|
|
||||||
void PEM_dek_info(char *buf, const char *type, int len, char *str)
|
void PEM_dek_info(char *buf, const char *type, int len, char *str)
|
||||||
{
|
{
|
||||||
static unsigned char map[17]="0123456789ABCDEF";
|
static const unsigned char map[17]="0123456789ABCDEF";
|
||||||
long i;
|
long i;
|
||||||
int j;
|
int j;
|
||||||
|
|
||||||
@@ -304,6 +304,7 @@ int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x,
|
|||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
/* dzise + 8 bytes are needed */
|
/* dzise + 8 bytes are needed */
|
||||||
|
// actually it needs the cipher block size extra...
|
||||||
data=(unsigned char *)OPENSSL_malloc((unsigned int)dsize+20);
|
data=(unsigned char *)OPENSSL_malloc((unsigned int)dsize+20);
|
||||||
if (data == NULL)
|
if (data == NULL)
|
||||||
{
|
{
|
||||||
@@ -333,6 +334,7 @@ int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x,
|
|||||||
kstr=(unsigned char *)buf;
|
kstr=(unsigned char *)buf;
|
||||||
}
|
}
|
||||||
RAND_add(data,i,0);/* put in the RSA key. */
|
RAND_add(data,i,0);/* put in the RSA key. */
|
||||||
|
OPENSSL_assert(enc->iv_len <= sizeof iv);
|
||||||
if (RAND_pseudo_bytes(iv,enc->iv_len) < 0) /* Generate a salt */
|
if (RAND_pseudo_bytes(iv,enc->iv_len) < 0) /* Generate a salt */
|
||||||
goto err;
|
goto err;
|
||||||
/* The 'iv' is used as the iv and as a salt. It is
|
/* The 'iv' is used as the iv and as a salt. It is
|
||||||
@@ -341,6 +343,8 @@ int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x,
|
|||||||
|
|
||||||
if (kstr == (unsigned char *)buf) memset(buf,0,PEM_BUFSIZE);
|
if (kstr == (unsigned char *)buf) memset(buf,0,PEM_BUFSIZE);
|
||||||
|
|
||||||
|
OPENSSL_assert(strlen(objstr)+23+2*enc->iv_len+13 <= sizeof buf);
|
||||||
|
|
||||||
buf[0]='\0';
|
buf[0]='\0';
|
||||||
PEM_proc_type(buf,PEM_TYPE_ENCRYPTED);
|
PEM_proc_type(buf,PEM_TYPE_ENCRYPTED);
|
||||||
PEM_dek_info(buf,objstr,enc->iv_len,(char *)iv);
|
PEM_dek_info(buf,objstr,enc->iv_len,(char *)iv);
|
||||||
@@ -691,7 +695,7 @@ int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data,
|
|||||||
if (strncmp(buf,"-----END ",9) == 0)
|
if (strncmp(buf,"-----END ",9) == 0)
|
||||||
break;
|
break;
|
||||||
if (i > 65) break;
|
if (i > 65) break;
|
||||||
if (!BUF_MEM_grow(dataB,i+bl+9))
|
if (!BUF_MEM_grow_clean(dataB,i+bl+9))
|
||||||
{
|
{
|
||||||
PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE);
|
PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE);
|
||||||
goto err;
|
goto err;
|
||||||
|
@@ -578,7 +578,7 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
|
|||||||
/* We now have the EVP_MD_CTX, lets do the
|
/* We now have the EVP_MD_CTX, lets do the
|
||||||
* signing. */
|
* signing. */
|
||||||
EVP_MD_CTX_copy_ex(&ctx_tmp,mdc);
|
EVP_MD_CTX_copy_ex(&ctx_tmp,mdc);
|
||||||
if (!BUF_MEM_grow(buf,EVP_PKEY_size(si->pkey)))
|
if (!BUF_MEM_grow_clean(buf,EVP_PKEY_size(si->pkey)))
|
||||||
{
|
{
|
||||||
PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_BIO_LIB);
|
PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_BIO_LIB);
|
||||||
goto err;
|
goto err;
|
||||||
|
@@ -143,7 +143,7 @@ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
|
|||||||
|
|
||||||
memset(&addr, 0, sizeof(addr));
|
memset(&addr, 0, sizeof(addr));
|
||||||
addr.sun_family = AF_UNIX;
|
addr.sun_family = AF_UNIX;
|
||||||
if (strlen(path) > sizeof(addr.sun_path))
|
if (strlen(path) >= sizeof(addr.sun_path))
|
||||||
return (-1);
|
return (-1);
|
||||||
strcpy(addr.sun_path,path);
|
strcpy(addr.sun_path,path);
|
||||||
len = offsetof(struct sockaddr_un, sun_path) + strlen(path);
|
len = offsetof(struct sockaddr_un, sun_path) + strlen(path);
|
||||||
|
@@ -203,8 +203,9 @@ const char *RAND_file_name(char *buf, size_t size)
|
|||||||
s=getenv("RANDFILE");
|
s=getenv("RANDFILE");
|
||||||
if (s != NULL)
|
if (s != NULL)
|
||||||
{
|
{
|
||||||
strncpy(buf,s,size-1);
|
if(strlen(s) >= size)
|
||||||
buf[size-1]='\0';
|
return NULL;
|
||||||
|
strcpy(buf,s);
|
||||||
ret=buf;
|
ret=buf;
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
|
@@ -108,7 +108,7 @@ TXT_DB *TXT_DB_read(BIO *in, int num)
|
|||||||
if (offset != 0)
|
if (offset != 0)
|
||||||
{
|
{
|
||||||
size+=BUFSIZE;
|
size+=BUFSIZE;
|
||||||
if (!BUF_MEM_grow(buf,size)) goto err;
|
if (!BUF_MEM_grow_clean(buf,size)) goto err;
|
||||||
}
|
}
|
||||||
buf->data[offset]='\0';
|
buf->data[offset]='\0';
|
||||||
BIO_gets(in,&(buf->data[offset]),size-offset);
|
BIO_gets(in,&(buf->data[offset]),size-offset);
|
||||||
@@ -268,7 +268,7 @@ long TXT_DB_write(BIO *out, TXT_DB *db)
|
|||||||
if (pp[j] != NULL)
|
if (pp[j] != NULL)
|
||||||
l+=strlen(pp[j]);
|
l+=strlen(pp[j]);
|
||||||
}
|
}
|
||||||
if (!BUF_MEM_grow(buf,(int)(l*2+nn))) goto err;
|
if (!BUF_MEM_grow_clean(buf,(int)(l*2+nn))) goto err;
|
||||||
|
|
||||||
p=buf->data;
|
p=buf->data;
|
||||||
for (j=0; j<nn; j++)
|
for (j=0; j<nn; j++)
|
||||||
|
@@ -95,13 +95,13 @@ ui_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
|
|||||||
ui_err.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
|
ui_err.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
|
||||||
ui_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
|
ui_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
|
||||||
ui_err.o: ../../include/openssl/ui.h ui_err.c
|
ui_err.o: ../../include/openssl/ui.h ui_err.c
|
||||||
ui_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
|
ui_lib.o: ../../e_os.h ../../include/openssl/bio.h
|
||||||
ui_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
|
ui_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
|
||||||
ui_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
|
ui_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
|
||||||
ui_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
|
ui_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
|
||||||
ui_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
|
ui_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
|
||||||
ui_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h ui_lib.c
|
ui_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
|
||||||
ui_lib.o: ui_locl.h
|
ui_lib.o: ../../include/openssl/ui.h ../cryptlib.h ui_lib.c ui_locl.h
|
||||||
ui_openssl.o: ../../e_os.h ../../include/openssl/bio.h
|
ui_openssl.o: ../../e_os.h ../../include/openssl/bio.h
|
||||||
ui_openssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
|
ui_openssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
|
||||||
ui_openssl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
|
ui_openssl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
|
||||||
|
@@ -62,6 +62,7 @@
|
|||||||
#include <openssl/ui.h>
|
#include <openssl/ui.h>
|
||||||
#include <openssl/err.h>
|
#include <openssl/err.h>
|
||||||
#include "ui_locl.h"
|
#include "ui_locl.h"
|
||||||
|
#include "cryptlib.h"
|
||||||
|
|
||||||
IMPLEMENT_STACK_OF(UI_STRING_ST)
|
IMPLEMENT_STACK_OF(UI_STRING_ST)
|
||||||
|
|
||||||
@@ -831,8 +832,8 @@ int UI_set_result(UI *ui, UI_STRING *uis, const char *result)
|
|||||||
case UIT_PROMPT:
|
case UIT_PROMPT:
|
||||||
case UIT_VERIFY:
|
case UIT_VERIFY:
|
||||||
{
|
{
|
||||||
char number1[20];
|
char number1[DECIMAL_SIZE(uis->_.string_data.result_minsize)+1];
|
||||||
char number2[20];
|
char number2[DECIMAL_SIZE(uis->_.string_data.result_maxsize)+1];
|
||||||
|
|
||||||
BIO_snprintf(number1, sizeof(number1), "%d",
|
BIO_snprintf(number1, sizeof(number1), "%d",
|
||||||
uis->_.string_data.result_minsize);
|
uis->_.string_data.result_minsize);
|
||||||
|
@@ -486,10 +486,12 @@ typedef struct Netscape_certificate_sequence
|
|||||||
STACK_OF(X509) *certs;
|
STACK_OF(X509) *certs;
|
||||||
} NETSCAPE_CERT_SEQUENCE;
|
} NETSCAPE_CERT_SEQUENCE;
|
||||||
|
|
||||||
|
/* Unused (and iv length is wrong)
|
||||||
typedef struct CBCParameter_st
|
typedef struct CBCParameter_st
|
||||||
{
|
{
|
||||||
unsigned char iv[8];
|
unsigned char iv[8];
|
||||||
} CBC_PARAM;
|
} CBC_PARAM;
|
||||||
|
*/
|
||||||
|
|
||||||
/* Password based encryption structure */
|
/* Password based encryption structure */
|
||||||
|
|
||||||
|
@@ -57,6 +57,7 @@
|
|||||||
*/
|
*/
|
||||||
|
|
||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
|
#include <ctype.h>
|
||||||
#include "cryptlib.h"
|
#include "cryptlib.h"
|
||||||
#include <openssl/asn1.h>
|
#include <openssl/asn1.h>
|
||||||
#include <openssl/objects.h>
|
#include <openssl/objects.h>
|
||||||
@@ -81,13 +82,14 @@ unsigned long X509_issuer_and_serial_hash(X509 *a)
|
|||||||
unsigned long ret=0;
|
unsigned long ret=0;
|
||||||
EVP_MD_CTX ctx;
|
EVP_MD_CTX ctx;
|
||||||
unsigned char md[16];
|
unsigned char md[16];
|
||||||
char str[256];
|
char *f;
|
||||||
|
|
||||||
EVP_MD_CTX_init(&ctx);
|
EVP_MD_CTX_init(&ctx);
|
||||||
X509_NAME_oneline(a->cert_info->issuer,str,256);
|
f=X509_NAME_oneline(a->cert_info->issuer,NULL,0);
|
||||||
ret=strlen(str);
|
ret=strlen(f);
|
||||||
EVP_DigestInit_ex(&ctx, EVP_md5(), NULL);
|
EVP_DigestInit_ex(&ctx, EVP_md5(), NULL);
|
||||||
EVP_DigestUpdate(&ctx,(unsigned char *)str,ret);
|
EVP_DigestUpdate(&ctx,(unsigned char *)f,ret);
|
||||||
|
OPENSSL_free(f);
|
||||||
EVP_DigestUpdate(&ctx,(unsigned char *)a->cert_info->serialNumber->data,
|
EVP_DigestUpdate(&ctx,(unsigned char *)a->cert_info->serialNumber->data,
|
||||||
(unsigned long)a->cert_info->serialNumber->length);
|
(unsigned long)a->cert_info->serialNumber->length);
|
||||||
EVP_DigestFinal_ex(&ctx,&(md[0]),NULL);
|
EVP_DigestFinal_ex(&ctx,&(md[0]),NULL);
|
||||||
|
@@ -113,7 +113,7 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method
|
|||||||
ret = i2v_GENERAL_NAME(method, desc->location, ret);
|
ret = i2v_GENERAL_NAME(method, desc->location, ret);
|
||||||
if(!ret) break;
|
if(!ret) break;
|
||||||
vtmp = sk_CONF_VALUE_value(ret, i);
|
vtmp = sk_CONF_VALUE_value(ret, i);
|
||||||
i2t_ASN1_OBJECT(objtmp, 80, desc->method);
|
i2t_ASN1_OBJECT(objtmp, sizeof objtmp, desc->method);
|
||||||
ntmp = OPENSSL_malloc(strlen(objtmp) + strlen(vtmp->name) + 5);
|
ntmp = OPENSSL_malloc(strlen(objtmp) + strlen(vtmp->name) + 5);
|
||||||
if(!ntmp) {
|
if(!ntmp) {
|
||||||
X509V3err(X509V3_F_I2V_AUTHORITY_INFO_ACCESS,
|
X509V3err(X509V3_F_I2V_AUTHORITY_INFO_ACCESS,
|
||||||
|
@@ -83,7 +83,6 @@ char **argv;
|
|||||||
unsigned char *buff=NULL,*bufsize=NULL;
|
unsigned char *buff=NULL,*bufsize=NULL;
|
||||||
int bsize=BSIZE,verbose=0;
|
int bsize=BSIZE,verbose=0;
|
||||||
int ret=1,inl;
|
int ret=1,inl;
|
||||||
unsigned char key[24],iv[MD5_DIGEST_LENGTH];
|
|
||||||
char *str=NULL;
|
char *str=NULL;
|
||||||
char *hkey=NULL,*hiv=NULL;
|
char *hkey=NULL,*hiv=NULL;
|
||||||
int enc=1,printkey=0,i,base64=0;
|
int enc=1,printkey=0,i,base64=0;
|
||||||
@@ -92,7 +91,6 @@ char **argv;
|
|||||||
char *inf=NULL,*outf=NULL;
|
char *inf=NULL,*outf=NULL;
|
||||||
BIO *in=NULL,*out=NULL,*b64=NULL,*benc=NULL,*rbio=NULL,*wbio=NULL;
|
BIO *in=NULL,*out=NULL,*b64=NULL,*benc=NULL,*rbio=NULL,*wbio=NULL;
|
||||||
#define PROG_NAME_SIZE 39
|
#define PROG_NAME_SIZE 39
|
||||||
char pname[PROG_NAME_SIZE+1];
|
|
||||||
|
|
||||||
|
|
||||||
apps_startup();
|
apps_startup();
|
||||||
|
@@ -65,7 +65,8 @@ char *argv[];
|
|||||||
|
|
||||||
fprintf(stderr,"please enter challenge string:");
|
fprintf(stderr,"please enter challenge string:");
|
||||||
fflush(stderr);
|
fflush(stderr);
|
||||||
fgets(buf,120,stdin);
|
buf[0]='\0';
|
||||||
|
fgets(buf,sizeof buf,stdin);
|
||||||
i=strlen(buf);
|
i=strlen(buf);
|
||||||
if (i > 0) buf[--i]='\0';
|
if (i > 0) buf[--i]='\0';
|
||||||
if (!ASN1_STRING_set((ASN1_STRING *)spki->spkac->challenge,
|
if (!ASN1_STRING_set((ASN1_STRING *)spki->spkac->challenge,
|
||||||
|
155
ssl/Makefile.ssl
155
ssl/Makefile.ssl
@@ -307,31 +307,32 @@ s2_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
|
|||||||
s2_clnt.o: ../include/openssl/tls1.h ../include/openssl/ui.h
|
s2_clnt.o: ../include/openssl/tls1.h ../include/openssl/ui.h
|
||||||
s2_clnt.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
|
s2_clnt.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
|
||||||
s2_clnt.o: ../include/openssl/x509_vfy.h s2_clnt.c ssl_locl.h
|
s2_clnt.o: ../include/openssl/x509_vfy.h s2_clnt.c ssl_locl.h
|
||||||
s2_enc.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
|
s2_enc.o: ../crypto/cryptlib.h ../e_os.h ../include/openssl/aes.h
|
||||||
s2_enc.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
|
s2_enc.o: ../include/openssl/asn1.h ../include/openssl/bio.h
|
||||||
s2_enc.o: ../include/openssl/bn.h ../include/openssl/buffer.h
|
s2_enc.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
|
||||||
s2_enc.o: ../include/openssl/cast.h ../include/openssl/comp.h
|
s2_enc.o: ../include/openssl/buffer.h ../include/openssl/cast.h
|
||||||
s2_enc.o: ../include/openssl/crypto.h ../include/openssl/des.h
|
s2_enc.o: ../include/openssl/comp.h ../include/openssl/crypto.h
|
||||||
s2_enc.o: ../include/openssl/des_old.h ../include/openssl/dh.h
|
s2_enc.o: ../include/openssl/des.h ../include/openssl/des_old.h
|
||||||
s2_enc.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
|
s2_enc.o: ../include/openssl/dh.h ../include/openssl/dsa.h
|
||||||
s2_enc.o: ../include/openssl/err.h ../include/openssl/evp.h
|
s2_enc.o: ../include/openssl/e_os2.h ../include/openssl/err.h
|
||||||
s2_enc.o: ../include/openssl/idea.h ../include/openssl/kssl.h
|
s2_enc.o: ../include/openssl/evp.h ../include/openssl/idea.h
|
||||||
s2_enc.o: ../include/openssl/lhash.h ../include/openssl/md2.h
|
s2_enc.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
|
||||||
s2_enc.o: ../include/openssl/md4.h ../include/openssl/md5.h
|
s2_enc.o: ../include/openssl/md2.h ../include/openssl/md4.h
|
||||||
s2_enc.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
|
s2_enc.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
|
||||||
s2_enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
|
s2_enc.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
|
||||||
s2_enc.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
|
s2_enc.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
|
||||||
s2_enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h
|
s2_enc.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
|
||||||
s2_enc.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
|
s2_enc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
|
||||||
s2_enc.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
|
s2_enc.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
|
||||||
s2_enc.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
|
s2_enc.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
|
||||||
s2_enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h
|
s2_enc.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
|
||||||
s2_enc.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
|
s2_enc.o: ../include/openssl/sha.h ../include/openssl/ssl.h
|
||||||
s2_enc.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
|
s2_enc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
|
||||||
s2_enc.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
|
s2_enc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
|
||||||
s2_enc.o: ../include/openssl/tls1.h ../include/openssl/ui.h
|
s2_enc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
|
||||||
s2_enc.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
|
s2_enc.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
|
||||||
s2_enc.o: ../include/openssl/x509_vfy.h s2_enc.c ssl_locl.h
|
s2_enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_enc.c
|
||||||
|
s2_enc.o: ssl_locl.h
|
||||||
s2_lib.o: ../crypto/cryptlib.h ../e_os.h ../include/openssl/aes.h
|
s2_lib.o: ../crypto/cryptlib.h ../e_os.h ../include/openssl/aes.h
|
||||||
s2_lib.o: ../include/openssl/asn1.h ../include/openssl/bio.h
|
s2_lib.o: ../include/openssl/asn1.h ../include/openssl/bio.h
|
||||||
s2_lib.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
|
s2_lib.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
|
||||||
@@ -383,31 +384,32 @@ s2_meth.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
|
|||||||
s2_meth.o: ../include/openssl/tls1.h ../include/openssl/ui.h
|
s2_meth.o: ../include/openssl/tls1.h ../include/openssl/ui.h
|
||||||
s2_meth.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
|
s2_meth.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
|
||||||
s2_meth.o: ../include/openssl/x509_vfy.h s2_meth.c ssl_locl.h
|
s2_meth.o: ../include/openssl/x509_vfy.h s2_meth.c ssl_locl.h
|
||||||
s2_pkt.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
|
s2_pkt.o: ../crypto/cryptlib.h ../e_os.h ../include/openssl/aes.h
|
||||||
s2_pkt.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
|
s2_pkt.o: ../include/openssl/asn1.h ../include/openssl/bio.h
|
||||||
s2_pkt.o: ../include/openssl/bn.h ../include/openssl/buffer.h
|
s2_pkt.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
|
||||||
s2_pkt.o: ../include/openssl/cast.h ../include/openssl/comp.h
|
s2_pkt.o: ../include/openssl/buffer.h ../include/openssl/cast.h
|
||||||
s2_pkt.o: ../include/openssl/crypto.h ../include/openssl/des.h
|
s2_pkt.o: ../include/openssl/comp.h ../include/openssl/crypto.h
|
||||||
s2_pkt.o: ../include/openssl/des_old.h ../include/openssl/dh.h
|
s2_pkt.o: ../include/openssl/des.h ../include/openssl/des_old.h
|
||||||
s2_pkt.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
|
s2_pkt.o: ../include/openssl/dh.h ../include/openssl/dsa.h
|
||||||
s2_pkt.o: ../include/openssl/err.h ../include/openssl/evp.h
|
s2_pkt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
|
||||||
s2_pkt.o: ../include/openssl/idea.h ../include/openssl/kssl.h
|
s2_pkt.o: ../include/openssl/evp.h ../include/openssl/idea.h
|
||||||
s2_pkt.o: ../include/openssl/lhash.h ../include/openssl/md2.h
|
s2_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
|
||||||
s2_pkt.o: ../include/openssl/md4.h ../include/openssl/md5.h
|
s2_pkt.o: ../include/openssl/md2.h ../include/openssl/md4.h
|
||||||
s2_pkt.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
|
s2_pkt.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
|
||||||
s2_pkt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
|
s2_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
|
||||||
s2_pkt.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
|
s2_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
|
||||||
s2_pkt.o: ../include/openssl/pem.h ../include/openssl/pem2.h
|
s2_pkt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
|
||||||
s2_pkt.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
|
s2_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
|
||||||
s2_pkt.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
|
s2_pkt.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
|
||||||
s2_pkt.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
|
s2_pkt.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
|
||||||
s2_pkt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
|
s2_pkt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
|
||||||
s2_pkt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
|
s2_pkt.o: ../include/openssl/sha.h ../include/openssl/ssl.h
|
||||||
s2_pkt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
|
s2_pkt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
|
||||||
s2_pkt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
|
s2_pkt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
|
||||||
s2_pkt.o: ../include/openssl/tls1.h ../include/openssl/ui.h
|
s2_pkt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
|
||||||
s2_pkt.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
|
s2_pkt.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
|
||||||
s2_pkt.o: ../include/openssl/x509_vfy.h s2_pkt.c ssl_locl.h
|
s2_pkt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_pkt.c
|
||||||
|
s2_pkt.o: ssl_locl.h
|
||||||
s2_srvr.o: ../crypto/cryptlib.h ../e_os.h ../include/openssl/aes.h
|
s2_srvr.o: ../crypto/cryptlib.h ../e_os.h ../include/openssl/aes.h
|
||||||
s2_srvr.o: ../include/openssl/asn1.h ../include/openssl/bio.h
|
s2_srvr.o: ../include/openssl/asn1.h ../include/openssl/bio.h
|
||||||
s2_srvr.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
|
s2_srvr.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
|
||||||
@@ -765,32 +767,33 @@ ssl_err2.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
|
|||||||
ssl_err2.o: ../include/openssl/tls1.h ../include/openssl/ui.h
|
ssl_err2.o: ../include/openssl/tls1.h ../include/openssl/ui.h
|
||||||
ssl_err2.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
|
ssl_err2.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
|
||||||
ssl_err2.o: ../include/openssl/x509_vfy.h ssl_err2.c
|
ssl_err2.o: ../include/openssl/x509_vfy.h ssl_err2.c
|
||||||
ssl_lib.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
|
ssl_lib.o: ../crypto/cryptlib.h ../e_os.h ../include/openssl/aes.h
|
||||||
ssl_lib.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
|
ssl_lib.o: ../include/openssl/asn1.h ../include/openssl/bio.h
|
||||||
ssl_lib.o: ../include/openssl/bn.h ../include/openssl/buffer.h
|
ssl_lib.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
|
||||||
ssl_lib.o: ../include/openssl/cast.h ../include/openssl/comp.h
|
ssl_lib.o: ../include/openssl/buffer.h ../include/openssl/cast.h
|
||||||
ssl_lib.o: ../include/openssl/conf.h ../include/openssl/crypto.h
|
ssl_lib.o: ../include/openssl/comp.h ../include/openssl/conf.h
|
||||||
ssl_lib.o: ../include/openssl/des.h ../include/openssl/des_old.h
|
ssl_lib.o: ../include/openssl/crypto.h ../include/openssl/des.h
|
||||||
ssl_lib.o: ../include/openssl/dh.h ../include/openssl/dsa.h
|
ssl_lib.o: ../include/openssl/des_old.h ../include/openssl/dh.h
|
||||||
ssl_lib.o: ../include/openssl/e_os2.h ../include/openssl/err.h
|
ssl_lib.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
|
||||||
ssl_lib.o: ../include/openssl/evp.h ../include/openssl/idea.h
|
ssl_lib.o: ../include/openssl/err.h ../include/openssl/evp.h
|
||||||
ssl_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
|
ssl_lib.o: ../include/openssl/idea.h ../include/openssl/kssl.h
|
||||||
ssl_lib.o: ../include/openssl/md2.h ../include/openssl/md4.h
|
ssl_lib.o: ../include/openssl/lhash.h ../include/openssl/md2.h
|
||||||
ssl_lib.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
|
ssl_lib.o: ../include/openssl/md4.h ../include/openssl/md5.h
|
||||||
ssl_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
|
ssl_lib.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
|
||||||
ssl_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
|
ssl_lib.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
|
||||||
ssl_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
|
ssl_lib.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
|
||||||
ssl_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
|
ssl_lib.o: ../include/openssl/pem.h ../include/openssl/pem2.h
|
||||||
ssl_lib.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
|
ssl_lib.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
|
||||||
ssl_lib.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
|
ssl_lib.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
|
||||||
ssl_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
|
ssl_lib.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
|
||||||
ssl_lib.o: ../include/openssl/sha.h ../include/openssl/ssl.h
|
ssl_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h
|
||||||
ssl_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
|
ssl_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
|
||||||
ssl_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
|
ssl_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
|
||||||
ssl_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
|
ssl_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
|
||||||
ssl_lib.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
|
ssl_lib.o: ../include/openssl/tls1.h ../include/openssl/ui.h
|
||||||
ssl_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
|
ssl_lib.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
|
||||||
ssl_lib.o: ../include/openssl/x509v3.h kssl_lcl.h ssl_lib.c ssl_locl.h
|
ssl_lib.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h kssl_lcl.h
|
||||||
|
ssl_lib.o: ssl_lib.c ssl_locl.h
|
||||||
ssl_rsa.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
|
ssl_rsa.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
|
||||||
ssl_rsa.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
|
ssl_rsa.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
|
||||||
ssl_rsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h
|
ssl_rsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h
|
||||||
|
20
ssl/kssl.c
20
ssl/kssl.c
@@ -783,24 +783,6 @@ char
|
|||||||
return ((string == NULL)? null: string);
|
return ((string == NULL)? null: string);
|
||||||
}
|
}
|
||||||
|
|
||||||
#define MAXKNUM 255
|
|
||||||
char
|
|
||||||
*knumber(int len, krb5_octet *contents)
|
|
||||||
{
|
|
||||||
static char buf[MAXKNUM+1];
|
|
||||||
int i;
|
|
||||||
|
|
||||||
BIO_snprintf(buf, MAXKNUM, "[%d] ", len);
|
|
||||||
|
|
||||||
for (i=0; i < len && MAXKNUM > strlen(buf)+3; i++)
|
|
||||||
{
|
|
||||||
BIO_snprintf(&buf[strlen(buf)], 3, "%02x", contents[i]);
|
|
||||||
}
|
|
||||||
|
|
||||||
return (buf);
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
/* Given KRB5 enctype (basically DES or 3DES),
|
/* Given KRB5 enctype (basically DES or 3DES),
|
||||||
** return closest match openssl EVP_ encryption algorithm.
|
** return closest match openssl EVP_ encryption algorithm.
|
||||||
** Return NULL for unknown or problematic (krb5_dk_encrypt) enctypes.
|
** Return NULL for unknown or problematic (krb5_dk_encrypt) enctypes.
|
||||||
@@ -2037,7 +2019,7 @@ krb5_error_code kssl_check_authent(
|
|||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
enc = kssl_map_enc(enctype);
|
enc = kssl_map_enc(enctype);
|
||||||
memset(iv, 0, EVP_MAX_IV_LENGTH); /* per RFC 1510 */
|
memset(iv, 0, sizeof iv); /* per RFC 1510 */
|
||||||
|
|
||||||
if (enc == NULL)
|
if (enc == NULL)
|
||||||
{
|
{
|
||||||
|
@@ -110,12 +110,13 @@ typedef unsigned char krb5_octet;
|
|||||||
#define KSSL_CLOCKSKEW 300;
|
#define KSSL_CLOCKSKEW 300;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
/* Unused
|
||||||
#define KSSL_ERR_MAX 255
|
#define KSSL_ERR_MAX 255
|
||||||
typedef struct kssl_err_st {
|
typedef struct kssl_err_st {
|
||||||
int reason;
|
int reason;
|
||||||
char text[KSSL_ERR_MAX+1];
|
char text[KSSL_ERR_MAX+1];
|
||||||
} KSSL_ERR;
|
} KSSL_ERR;
|
||||||
|
*/
|
||||||
|
|
||||||
/* Context for passing
|
/* Context for passing
|
||||||
** (1) Kerberos session key to SSL, and
|
** (1) Kerberos session key to SSL, and
|
||||||
|
@@ -370,7 +370,7 @@ static int ssl23_get_server_hello(SSL *s)
|
|||||||
|
|
||||||
if (s->s3 != NULL) ssl3_free(s);
|
if (s->s3 != NULL) ssl3_free(s);
|
||||||
|
|
||||||
if (!BUF_MEM_grow(s->init_buf,
|
if (!BUF_MEM_grow_clean(s->init_buf,
|
||||||
SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER))
|
SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER))
|
||||||
{
|
{
|
||||||
SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,ERR_R_BUF_LIB);
|
SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,ERR_R_BUF_LIB);
|
||||||
|
@@ -512,7 +512,7 @@ int ssl23_get_client_hello(SSL *s)
|
|||||||
|
|
||||||
if (s->s3 != NULL) ssl3_free(s);
|
if (s->s3 != NULL) ssl3_free(s);
|
||||||
|
|
||||||
if (!BUF_MEM_grow(s->init_buf,
|
if (!BUF_MEM_grow_clean(s->init_buf,
|
||||||
SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER))
|
SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER))
|
||||||
{
|
{
|
||||||
goto err;
|
goto err;
|
||||||
|
@@ -871,7 +871,7 @@ static int client_certificate(SSL *s)
|
|||||||
EVP_MD_CTX_init(&ctx);
|
EVP_MD_CTX_init(&ctx);
|
||||||
EVP_SignInit_ex(&ctx,s->ctx->rsa_md5, NULL);
|
EVP_SignInit_ex(&ctx,s->ctx->rsa_md5, NULL);
|
||||||
EVP_SignUpdate(&ctx,s->s2->key_material,
|
EVP_SignUpdate(&ctx,s->s2->key_material,
|
||||||
(unsigned int)s->s2->key_material_length);
|
s->s2->key_material_length);
|
||||||
EVP_SignUpdate(&ctx,cert_ch,(unsigned int)cert_ch_len);
|
EVP_SignUpdate(&ctx,cert_ch,(unsigned int)cert_ch_len);
|
||||||
n=i2d_X509(s->session->sess_cert->peer_key->x509,&p);
|
n=i2d_X509(s->session->sess_cert->peer_key->x509,&p);
|
||||||
EVP_SignUpdate(&ctx,buf,(unsigned int)n);
|
EVP_SignUpdate(&ctx,buf,(unsigned int)n);
|
||||||
@@ -945,7 +945,7 @@ static int get_server_verify(SSL *s)
|
|||||||
s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* SERVER-VERIFY */
|
s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* SERVER-VERIFY */
|
||||||
p += 1;
|
p += 1;
|
||||||
|
|
||||||
if (memcmp(p,s->s2->challenge,(unsigned int)s->s2->challenge_length) != 0)
|
if (memcmp(p,s->s2->challenge,s->s2->challenge_length) != 0)
|
||||||
{
|
{
|
||||||
ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
|
ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
|
||||||
SSLerr(SSL_F_GET_SERVER_VERIFY,SSL_R_CHALLENGE_IS_DIFFERENT);
|
SSLerr(SSL_F_GET_SERVER_VERIFY,SSL_R_CHALLENGE_IS_DIFFERENT);
|
||||||
|
@@ -59,6 +59,7 @@
|
|||||||
#include "ssl_locl.h"
|
#include "ssl_locl.h"
|
||||||
#ifndef OPENSSL_NO_SSL2
|
#ifndef OPENSSL_NO_SSL2
|
||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
|
#include "cryptlib.h"
|
||||||
|
|
||||||
int ssl2_enc_init(SSL *s, int client)
|
int ssl2_enc_init(SSL *s, int client)
|
||||||
{
|
{
|
||||||
@@ -95,10 +96,12 @@ int ssl2_enc_init(SSL *s, int client)
|
|||||||
|
|
||||||
num=c->key_len;
|
num=c->key_len;
|
||||||
s->s2->key_material_length=num*2;
|
s->s2->key_material_length=num*2;
|
||||||
|
OPENSSL_assert(s->s2->key_material_length <= sizeof s->s2->key_material);
|
||||||
|
|
||||||
if (ssl2_generate_key_material(s) <= 0)
|
if (ssl2_generate_key_material(s) <= 0)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
|
OPENSSL_assert(c->iv_len <= sizeof s->session->key_arg);
|
||||||
EVP_EncryptInit_ex(ws,c,NULL,&(s->s2->key_material[(client)?num:0]),
|
EVP_EncryptInit_ex(ws,c,NULL,&(s->s2->key_material[(client)?num:0]),
|
||||||
s->session->key_arg);
|
s->session->key_arg);
|
||||||
EVP_DecryptInit_ex(rs,c,NULL,&(s->s2->key_material[(client)?0:num]),
|
EVP_DecryptInit_ex(rs,c,NULL,&(s->s2->key_material[(client)?0:num]),
|
||||||
|
@@ -454,6 +454,9 @@ int ssl2_generate_key_material(SSL *s)
|
|||||||
|
|
||||||
EVP_DigestInit_ex(&ctx, md5, NULL);
|
EVP_DigestInit_ex(&ctx, md5, NULL);
|
||||||
|
|
||||||
|
OPENSSL_assert(s->session->master_key_length >= 0
|
||||||
|
&& s->session->master_key_length
|
||||||
|
< sizeof s->session->master_key);
|
||||||
EVP_DigestUpdate(&ctx,s->session->master_key,s->session->master_key_length);
|
EVP_DigestUpdate(&ctx,s->session->master_key,s->session->master_key_length);
|
||||||
EVP_DigestUpdate(&ctx,&c,1);
|
EVP_DigestUpdate(&ctx,&c,1);
|
||||||
c++;
|
c++;
|
||||||
@@ -492,9 +495,7 @@ void ssl2_write_error(SSL *s)
|
|||||||
|
|
||||||
error=s->error; /* number of bytes left to write */
|
error=s->error; /* number of bytes left to write */
|
||||||
s->error=0;
|
s->error=0;
|
||||||
if (error < 0 || error > sizeof buf) /* can't happen */
|
OPENSSL_assert(error >= 0 && error <= sizeof buf);
|
||||||
return;
|
|
||||||
|
|
||||||
i=ssl2_write(s,&(buf[3-error]),error);
|
i=ssl2_write(s,&(buf[3-error]),error);
|
||||||
|
|
||||||
/* if (i == error) s->rwstate=state; */
|
/* if (i == error) s->rwstate=state; */
|
||||||
|
@@ -113,6 +113,7 @@
|
|||||||
#ifndef OPENSSL_NO_SSL2
|
#ifndef OPENSSL_NO_SSL2
|
||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
#include <errno.h>
|
#include <errno.h>
|
||||||
|
#include "cryptlib.h"
|
||||||
#define USE_SOCKETS
|
#define USE_SOCKETS
|
||||||
|
|
||||||
static int read_n(SSL *s,unsigned int n,unsigned int max,unsigned int extend);
|
static int read_n(SSL *s,unsigned int n,unsigned int max,unsigned int extend);
|
||||||
@@ -247,6 +248,7 @@ static int ssl2_read_internal(SSL *s, void *buf, int len, int peek)
|
|||||||
else
|
else
|
||||||
{
|
{
|
||||||
mac_size=EVP_MD_size(s->read_hash);
|
mac_size=EVP_MD_size(s->read_hash);
|
||||||
|
OPENSSL_assert(mac_size <= MAX_MAC_SIZE);
|
||||||
s->s2->mac_data=p;
|
s->s2->mac_data=p;
|
||||||
s->s2->ract_data= &p[mac_size];
|
s->s2->ract_data= &p[mac_size];
|
||||||
if (s->s2->padding + mac_size > s->s2->rlength)
|
if (s->s2->padding + mac_size > s->s2->rlength)
|
||||||
|
@@ -876,7 +876,7 @@ static int get_client_finished(SSL *s)
|
|||||||
if (s->msg_callback)
|
if (s->msg_callback)
|
||||||
s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* CLIENT-FINISHED */
|
s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* CLIENT-FINISHED */
|
||||||
p += 1;
|
p += 1;
|
||||||
if (memcmp(p,s->s2->conn_id,(unsigned int)s->s2->conn_id_length) != 0)
|
if (memcmp(p,s->s2->conn_id,s->s2->conn_id_length) != 0)
|
||||||
{
|
{
|
||||||
ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
|
ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
|
||||||
SSLerr(SSL_F_GET_CLIENT_FINISHED,SSL_R_CONNECTION_ID_IS_DIFFERENT);
|
SSLerr(SSL_F_GET_CLIENT_FINISHED,SSL_R_CONNECTION_ID_IS_DIFFERENT);
|
||||||
@@ -1076,7 +1076,7 @@ static int request_certificate(SSL *s)
|
|||||||
EVP_MD_CTX_init(&ctx);
|
EVP_MD_CTX_init(&ctx);
|
||||||
EVP_VerifyInit_ex(&ctx,s->ctx->rsa_md5, NULL);
|
EVP_VerifyInit_ex(&ctx,s->ctx->rsa_md5, NULL);
|
||||||
EVP_VerifyUpdate(&ctx,s->s2->key_material,
|
EVP_VerifyUpdate(&ctx,s->s2->key_material,
|
||||||
(unsigned int)s->s2->key_material_length);
|
s->s2->key_material_length);
|
||||||
EVP_VerifyUpdate(&ctx,ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH);
|
EVP_VerifyUpdate(&ctx,ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH);
|
||||||
|
|
||||||
i=i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,NULL);
|
i=i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,NULL);
|
||||||
|
@@ -270,7 +270,7 @@ unsigned long ssl3_output_cert_chain(SSL *s, X509 *x)
|
|||||||
|
|
||||||
/* TLSv1 sends a chain with nothing in it, instead of an alert */
|
/* TLSv1 sends a chain with nothing in it, instead of an alert */
|
||||||
buf=s->init_buf;
|
buf=s->init_buf;
|
||||||
if (!BUF_MEM_grow(buf,(int)(10)))
|
if (!BUF_MEM_grow_clean(buf,10))
|
||||||
{
|
{
|
||||||
SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
|
SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
|
||||||
return(0);
|
return(0);
|
||||||
@@ -286,7 +286,7 @@ unsigned long ssl3_output_cert_chain(SSL *s, X509 *x)
|
|||||||
for (;;)
|
for (;;)
|
||||||
{
|
{
|
||||||
n=i2d_X509(x,NULL);
|
n=i2d_X509(x,NULL);
|
||||||
if (!BUF_MEM_grow(buf,(int)(n+l+3)))
|
if (!BUF_MEM_grow_clean(buf,(int)(n+l+3)))
|
||||||
{
|
{
|
||||||
SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
|
SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
|
||||||
return(0);
|
return(0);
|
||||||
@@ -316,7 +316,7 @@ unsigned long ssl3_output_cert_chain(SSL *s, X509 *x)
|
|||||||
{
|
{
|
||||||
x=sk_X509_value(s->ctx->extra_certs,i);
|
x=sk_X509_value(s->ctx->extra_certs,i);
|
||||||
n=i2d_X509(x,NULL);
|
n=i2d_X509(x,NULL);
|
||||||
if (!BUF_MEM_grow(buf,(int)(n+l+3)))
|
if (!BUF_MEM_grow_clean(buf,(int)(n+l+3)))
|
||||||
{
|
{
|
||||||
SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
|
SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
|
||||||
return(0);
|
return(0);
|
||||||
@@ -439,7 +439,7 @@ long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
|
|||||||
SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_EXCESSIVE_MESSAGE_SIZE);
|
SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_EXCESSIVE_MESSAGE_SIZE);
|
||||||
goto f_err;
|
goto f_err;
|
||||||
}
|
}
|
||||||
if (l && !BUF_MEM_grow(s->init_buf,(int)l+4))
|
if (l && !BUF_MEM_grow_clean(s->init_buf,(int)l+4))
|
||||||
{
|
{
|
||||||
SSLerr(SSL_F_SSL3_GET_MESSAGE,ERR_R_BUF_LIB);
|
SSLerr(SSL_F_SSL3_GET_MESSAGE,ERR_R_BUF_LIB);
|
||||||
goto err;
|
goto err;
|
||||||
|
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user