Merge in recent changes from OpenSSL_0_9_6-stable.
This commit is contained in:
Richard Levitte
parent
6c2650a6fc
commit
b5b000d77e
@ -664,7 +664,7 @@ install: all install_docs
|
||||
( echo installing $$i; \
|
||||
if [ "$(PLATFORM)" != "Cygwin" ]; then \
|
||||
cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib; \
|
||||
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i; \
|
||||
chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i; \
|
||||
else \
|
||||
c=`echo $$i | sed 's/^lib/cyg/'`; \
|
||||
cp $$c $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c; \
|
||||
|
||||
4
TABLE
4
TABLE
@ -1106,7 +1106,7 @@ $ranlib =
|
||||
|
||||
*** darwin-ppc-cc
|
||||
$cc = cc
|
||||
$cflags = -O3 -D_DARWIN -DB_ENDIAN
|
||||
$cflags = -O3 -D_DARWIN -DB_ENDIAN -fno-common
|
||||
$unistd =
|
||||
$thread_cflag = -D_REENTRANT
|
||||
$lflags =
|
||||
@ -3124,7 +3124,7 @@ $rc5_obj =
|
||||
$dso_scheme = dlfcn
|
||||
$shared_target= solaris-shared
|
||||
$shared_cflag = -fPIC
|
||||
$shared_ldflag =
|
||||
$shared_ldflag = -m64
|
||||
$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
|
||||
$ranlib =
|
||||
|
||||
|
||||
@ -764,7 +764,7 @@ int set_name_ex(unsigned long *flags, const char *arg)
|
||||
|
||||
void print_name(BIO *out, char *title, X509_NAME *nm, unsigned long lflags)
|
||||
{
|
||||
char buf[256];
|
||||
char *buf;
|
||||
char mline = 0;
|
||||
int indent = 0;
|
||||
if(title) BIO_puts(out, title);
|
||||
@ -773,9 +773,10 @@ void print_name(BIO *out, char *title, X509_NAME *nm, unsigned long lflags)
|
||||
indent = 4;
|
||||
}
|
||||
if(lflags == XN_FLAG_COMPAT) {
|
||||
X509_NAME_oneline(nm,buf,256);
|
||||
BIO_puts(out,buf);
|
||||
buf = X509_NAME_oneline(nm, 0, 0);
|
||||
BIO_puts(out, buf);
|
||||
BIO_puts(out, "\n");
|
||||
OPENSSL_free(buf);
|
||||
} else {
|
||||
if(mline) BIO_puts(out, "\n");
|
||||
X509_NAME_print_ex(out, nm, indent, lflags);
|
||||
|
||||
@ -37,25 +37,6 @@ and public exponent elements populated. It performs integrity checks on all
|
||||
the RSA key material, so the RSA key structure must contain all the private
|
||||
key data too.
|
||||
|
||||
Unlike most other RSA functions, this function does B<not> work
|
||||
transparently with any underlying ENGINE implementation because it uses the
|
||||
key data in the RSA structure directly. An ENGINE implementation can
|
||||
override the way key data is stored and handled, and can even provide
|
||||
support for HSM keys - in which case the RSA structure may contain B<no>
|
||||
key data at all! If the ENGINE in question is only being used for
|
||||
acceleration or analysis purposes, then in all likelihood the RSA key data
|
||||
is complete and untouched, but this can't be assumed in the general case.
|
||||
|
||||
=head1 BUGS
|
||||
|
||||
A method of verifying the RSA key using opaque RSA API functions might need
|
||||
to be considered. Right now RSA_check_key() simply uses the RSA structure
|
||||
elements directly, bypassing the RSA_METHOD table altogether (and
|
||||
completely violating encapsulation and object-orientation in the process).
|
||||
The best fix will probably be to introduce a "check_key()" handler to the
|
||||
RSA_METHOD function table so that alternative implementations can also
|
||||
provide their own verifiers.
|
||||
|
||||
=head1 SEE ALSO
|
||||
|
||||
L<rsa(3)|rsa(3)>, L<err(3)|err(3)>
|
||||
|
||||
@ -69,6 +69,7 @@ to find out the reason.
|
||||
L<SSL_get_error(3)|SSL_get_error(3)>, L<SSL_connect(3)|SSL_connect(3)>,
|
||||
L<SSL_shutdown(3)|SSL_shutdown(3)>, L<ssl(3)|ssl(3)>, L<bio(3)|bio(3)>,
|
||||
L<SSL_set_connect_state(3)|SSL_set_connect_state(3)>,
|
||||
L<SSL_do_handshake(3)|SSL_do_handshake(3)>,
|
||||
L<SSL_CTX_new(3)|SSL_CTX_new(3)>
|
||||
|
||||
=cut
|
||||
|
||||
@ -66,6 +66,7 @@ to find out the reason.
|
||||
L<SSL_get_error(3)|SSL_get_error(3)>, L<SSL_accept(3)|SSL_accept(3)>,
|
||||
L<SSL_shutdown(3)|SSL_shutdown(3)>, L<ssl(3)|ssl(3)>, L<bio(3)|bio(3)>,
|
||||
L<SSL_set_connect_state(3)|SSL_set_connect_state(3)>,
|
||||
L<SSL_do_handshake(3)|SSL_do_handshake(3)>,
|
||||
L<SSL_CTX_new(3)|SSL_CTX_new(3)>
|
||||
|
||||
=cut
|
||||
|
||||
@ -49,6 +49,7 @@ information.
|
||||
L<ssl(3)|ssl(3)>, L<SSL_new(3)|SSL_new(3)>, L<SSL_CTX_new(3)|SSL_CTX_new(3)>,
|
||||
L<SSL_connect(3)|SSL_connect(3)>, L<SSL_accept(3)|SSL_accept(3)>,
|
||||
L<SSL_write(3)|SSL_write(3)>, L<SSL_read(3)|SSL_read(3)>,
|
||||
L<SSL_do_handshake(3)|SSL_do_handshake(3)>,
|
||||
L<SSL_CTX_set_ssl_version(3)|SSL_CTX_set_ssl_version(3)>
|
||||
|
||||
=cut
|
||||
|
||||
@ -65,6 +65,9 @@ When an SSL_write() operation has to be repeated because of
|
||||
B<SSL_ERROR_WANT_READ> or B<SSL_ERROR_WANT_WRITE>, it must be repeated
|
||||
with the same arguments.
|
||||
|
||||
When calling SSL_write() with num=0 bytes to be sent the behaviour is
|
||||
undefined.
|
||||
|
||||
=head1 RETURN VALUES
|
||||
|
||||
The following return values can occur:
|
||||
|
||||
@ -682,6 +682,7 @@ L<SSL_CTX_set_tmp_dh_callback(3)|SSL_CTX_set_tmp_dh_callback(3)>,
|
||||
L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>,
|
||||
L<SSL_CTX_use_certificate(3)|SSL_CTX_use_certificate(3)>,
|
||||
L<SSL_alert_type_string(3)|SSL_alert_type_string(3)>,
|
||||
L<SSL_do_handshake(3)|SSL_do_handshake(3)>,
|
||||
L<SSL_get_SSL_CTX(3)|SSL_get_SSL_CTX(3)>,
|
||||
L<SSL_get_ciphers(3)|SSL_get_ciphers(3)>,
|
||||
L<SSL_get_client_CA_list(3)|SSL_get_client_CA_list(3)>,
|
||||
|
||||
@ -372,8 +372,6 @@ typedef struct ssl_session_st
|
||||
/* SSL_OP_ALL: various bug workarounds that should be rather harmless */
|
||||
#define SSL_OP_ALL 0x000FFFFFL
|
||||
|
||||
/* As server, disallow session resumption on renegotiation */
|
||||
#define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0x00010000L
|
||||
/* If set, always create a new key when using tmp_dh parameters */
|
||||
#define SSL_OP_SINGLE_DH_USE 0x00100000L
|
||||
/* Set to also use the tmp_rsa key when doing RSA operations. */
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user