generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Use new-style system-id macros everywhere possible. I hope I haven't

Browse Source 
missed any.

This compiles and runs on Linux, and external applications have no
problems with it.  The definite test will be to build this on VMS.
This commit is contained in:
Richard Levitte
2001-02-20 08:13:47 +00:00
parent f2bc668429
commit bc36ee6227
118 changed files with 464 additions and 460 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
ssl/kssl.c
View File

@@ -62,7 +62,7 @@
*/
#include <openssl/opensslconf.h>
#ifndef NO_KRB5
#ifndef OPENSSL_NO_KRB5
#include <string.h>
#include <openssl/ssl.h>
@@ -73,7 +73,7 @@
* and we do not link to a .LIB file.
*/
#if defined(WINDOWS) || defined(WIN32)
#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32)
/*
* The purpose of the following pre-processor statements is to provide
* compatibility with different releases of MIT Kerberos for Windows.
@@ -470,7 +470,7 @@ kssl_krb5_cc_get_principal
else
return(krb5_x ((cache)->ops->get_princ,(context, cache, principal)));
}
#endif /* WINDOWS || WIN32 */
#endif /* OPENSSL_SYS_WINDOWS || OPENSSL_SYS_WIN32 */
char
*kstring(char *string)
@@ -1031,11 +1031,11 @@ void kssl_krb5_free_data_contents(krb5_context context, krb5_data *data)
#endif
}
#else /* !NO_KRB5 */
#else /* !OPENSSL_NO_KRB5 */
#ifdef PEDANTIC
static int dummy=(int)&dummy;
#endif
#endif /* !NO_KRB5 */
#endif /* !OPENSSL_NO_KRB5 */

4
ssl/s23_clnt.c
View File

@@ -68,7 +68,7 @@ static int ssl23_client_hello(SSL *s);
static int ssl23_get_server_hello(SSL *s);
static SSL_METHOD *ssl23_get_client_method(int ver)
{
#ifndef NO_SSL2
#ifndef OPENSSL_NO_SSL2
if (ver == SSL2_VERSION)
return(SSLv2_client_method());
#endif
@@ -322,7 +322,7 @@ static int ssl23_get_server_hello(SSL *s)
if ((p[0] & 0x80) && (p[2] == SSL2_MT_SERVER_HELLO) &&
(p[5] == 0x00) && (p[6] == 0x02))
{
#ifdef NO_SSL2
#ifdef OPENSSL_NO_SSL2
SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
goto err;
#else

6
ssl/s23_lib.c
View File

@@ -110,7 +110,7 @@ SSL_METHOD *sslv23_base_method(void)
static int ssl23_num_ciphers(void)
{
return(ssl3_num_ciphers()
#ifndef NO_SSL2
#ifndef OPENSSL_NO_SSL2
+ ssl2_num_ciphers()
#endif
);
@@ -123,7 +123,7 @@ static SSL_CIPHER *ssl23_get_cipher(unsigned int u)
if (u < uu)
return(ssl3_get_cipher(u));
else
#ifndef NO_SSL2
#ifndef OPENSSL_NO_SSL2
return(ssl2_get_cipher(u-uu));
#else
return(NULL);
@@ -143,7 +143,7 @@ static SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p)
((unsigned long)p[1]<<8L)|(unsigned long)p[2];
c.id=id;
cp=ssl3_get_cipher_by_char(p);
#ifndef NO_SSL2
#ifndef OPENSSL_NO_SSL2
if (cp == NULL)
cp=ssl2_get_cipher_by_char(p);
#endif

6
ssl/s23_srvr.c
View File

@@ -67,7 +67,7 @@ static SSL_METHOD *ssl23_get_server_method(int ver);
int ssl23_get_client_hello(SSL *s);
static SSL_METHOD *ssl23_get_server_method(int ver)
{
#ifndef NO_SSL2
#ifndef OPENSSL_NO_SSL2
if (ver == SSL2_VERSION)
return(SSLv2_server_method());
#endif
@@ -208,7 +208,7 @@ int ssl23_get_client_hello(SSL *s)
int n=0,j;
int type=0;
int v[2];
#ifndef NO_RSA
#ifndef OPENSSL_NO_RSA
int use_sslv2_strong=0;
#endif
@@ -474,7 +474,7 @@ int ssl23_get_client_hello(SSL *s)
if (type == 1)
{
#ifdef NO_SSL2
#ifdef OPENSSL_NO_SSL2
SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
goto err;
#else

4
ssl/s2_clnt.c
View File

@@ -57,7 +57,7 @@
*/
#include "ssl_locl.h"
#ifndef NO_SSL2
#ifndef OPENSSL_NO_SSL2
#include <stdio.h>
#include <openssl/rand.h>
#include <openssl/buffer.h>
@@ -1001,7 +1001,7 @@ end:
EVP_PKEY_free(pkey);
return(i);
}
#else /* !NO_SSL2 */
#else /* !OPENSSL_NO_SSL2 */
# if PEDANTIC
static void *dummy=&dummy;

4
ssl/s2_enc.c
View File

@@ -57,7 +57,7 @@
*/
#include "ssl_locl.h"
#ifndef NO_SSL2
#ifndef OPENSSL_NO_SSL2
#include <stdio.h>
int ssl2_enc_init(SSL *s, int client)
@@ -178,7 +178,7 @@ void ssl2_mac(SSL *s, unsigned char *md, int send)
EVP_DigestFinal(&c,md,NULL);
/* some would say I should zero the md context */
}
#else /* !NO_SSL2 */
#else /* !OPENSSL_NO_SSL2 */
# if PEDANTIC
static void *dummy=&dummy;

4
ssl/s2_lib.c
View File

@@ -57,7 +57,7 @@
*/
#include "ssl_locl.h"
#ifndef NO_SSL2
#ifndef OPENSSL_NO_SSL2
#include <stdio.h>
#include <openssl/rsa.h>
#include <openssl/objects.h>
@@ -479,7 +479,7 @@ int ssl2_shutdown(SSL *s)
s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
return(1);
}
#else /* !NO_SSL2 */
#else /* !OPENSSL_NO_SSL2 */
# if PEDANTIC
static void *dummy=&dummy;

4
ssl/s2_meth.c
View File

@@ -57,7 +57,7 @@
*/
#include "ssl_locl.h"
#ifndef NO_SSL2
#ifndef OPENSSL_NO_SSL2
#include <stdio.h>
#include <openssl/objects.h>
@@ -86,7 +86,7 @@ SSL_METHOD *SSLv2_method(void)
}
return(&SSLv2_data);
}
#else /* !NO_SSL2 */
#else /* !OPENSSL_NO_SSL2 */
# if PEDANTIC
static void *dummy=&dummy;

4
ssl/s2_pkt.c
View File

@@ -110,7 +110,7 @@
*/
#include "ssl_locl.h"
#ifndef NO_SSL2
#ifndef OPENSSL_NO_SSL2
#include <stdio.h>
#include <errno.h>
#define USE_SOCKETS
@@ -708,7 +708,7 @@ static int ssl_mt_error(int n)
}
return(ret);
}
#else /* !NO_SSL2 */
#else /* !OPENSSL_NO_SSL2 */
# if PEDANTIC
static void *dummy=&dummy;

4
ssl/s2_srvr.c
View File

@@ -57,7 +57,7 @@
*/
#include "ssl_locl.h"
#ifndef NO_SSL2
#ifndef OPENSSL_NO_SSL2
#include <stdio.h>
#include <openssl/bio.h>
#include <openssl/rand.h>
@@ -983,7 +983,7 @@ static int ssl_rsa_private_decrypt(CERT *c, int len, unsigned char *from,
SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT,ERR_R_RSA_LIB);
return(i);
}
#else /* !NO_SSL2 */
#else /* !OPENSSL_NO_SSL2 */
# if PEDANTIC
static void *dummy=&dummy;

2
ssl/s3_both.c
View File

@@ -158,7 +158,7 @@ int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen)
p+=i;
l=i;
#ifdef WIN16
#ifdef OPENSSL_SYS_WIN16
/* MSVC 1.5 does not clear the top bytes of the word unless
* I do this.
*/

76
ssl/s3_clnt.c
View File

@@ -65,7 +65,7 @@
#include <openssl/evp.h>
#include "ssl_locl.h"
#ifndef NO_KRB5
#ifndef OPENSSL_NO_KRB5
#include "kssl.h"
#endif
@@ -697,7 +697,7 @@ static int ssl3_get_server_certificate(SSL *s)
SSL3_ST_CR_CERT_A,
SSL3_ST_CR_CERT_B,
-1,
#if defined(MSDOS) && !defined(WIN32)
#if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN32)
1024*30, /* 30k max cert list :-) */
#else
1024*100, /* 100k max cert list :-) */
@@ -864,7 +864,7 @@ err:
static int ssl3_get_key_exchange(SSL *s)
{
#ifndef NO_RSA
#ifndef OPENSSL_NO_RSA
unsigned char *q,md_buf[EVP_MAX_MD_SIZE*2];
#endif
EVP_MD_CTX md_ctx;
@@ -872,10 +872,10 @@ static int ssl3_get_key_exchange(SSL *s)
int al,i,j,param_len,ok;
long n,alg;
EVP_PKEY *pkey=NULL;
#ifndef NO_RSA
#ifndef OPENSSL_NO_RSA
RSA *rsa=NULL;
#endif
#ifndef NO_DH
#ifndef OPENSSL_NO_DH
DH *dh=NULL;
#endif
@@ -898,14 +898,14 @@ static int ssl3_get_key_exchange(SSL *s)
if (s->session->sess_cert != NULL)
{
#ifndef NO_RSA
#ifndef OPENSSL_NO_RSA
if (s->session->sess_cert->peer_rsa_tmp != NULL)
{
RSA_free(s->session->sess_cert->peer_rsa_tmp);
s->session->sess_cert->peer_rsa_tmp=NULL;
}
#endif
#ifndef NO_DH
#ifndef OPENSSL_NO_DH
if (s->session->sess_cert->peer_dh_tmp)
{
DH_free(s->session->sess_cert->peer_dh_tmp);
@@ -921,7 +921,7 @@ static int ssl3_get_key_exchange(SSL *s)
param_len=0;
alg=s->s3->tmp.new_cipher->algorithms;
#ifndef NO_RSA
#ifndef OPENSSL_NO_RSA
if (alg & SSL_kRSA)
{
if ((rsa=RSA_new()) == NULL)
@@ -971,11 +971,11 @@ static int ssl3_get_key_exchange(SSL *s)
s->session->sess_cert->peer_rsa_tmp=rsa;
rsa=NULL;
}
#else /* NO_RSA */
#else /* OPENSSL_NO_RSA */
if (0)
;
#endif
#ifndef NO_DH
#ifndef OPENSSL_NO_DH
else if (alg & SSL_kEDH)
{
if ((dh=DH_new()) == NULL)
@@ -1029,14 +1029,14 @@ static int ssl3_get_key_exchange(SSL *s)
p+=i;
n-=param_len;
#ifndef NO_RSA
#ifndef OPENSSL_NO_RSA
if (alg & SSL_aRSA)
pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
#else
if (0)
;
#endif
#ifndef NO_DSA
#ifndef OPENSSL_NO_DSA
else if (alg & SSL_aDSS)
pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_DSA_SIGN].x509);
#endif
@@ -1051,7 +1051,7 @@ static int ssl3_get_key_exchange(SSL *s)
SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER);
goto f_err;
}
#endif /* !NO_DH */
#endif /* !OPENSSL_NO_DH */
if (alg & SSL_aFZA)
{
al=SSL_AD_HANDSHAKE_FAILURE;
@@ -1078,7 +1078,7 @@ static int ssl3_get_key_exchange(SSL *s)
goto f_err;
}
#ifndef NO_RSA
#ifndef OPENSSL_NO_RSA
if (pkey->type == EVP_PKEY_RSA)
{
int num;
@@ -1114,7 +1114,7 @@ static int ssl3_get_key_exchange(SSL *s)
}
else
#endif
#ifndef NO_DSA
#ifndef OPENSSL_NO_DSA
if (pkey->type == EVP_PKEY_DSA)
{
/* lets do DSS */
@@ -1158,11 +1158,11 @@ f_err:
ssl3_send_alert(s,SSL3_AL_FATAL,al);
err:
EVP_PKEY_free(pkey);
#ifndef NO_RSA
#ifndef OPENSSL_NO_RSA
if (rsa != NULL)
RSA_free(rsa);
#endif
#ifndef NO_DH
#ifndef OPENSSL_NO_DH
if (dh != NULL)
DH_free(dh);
#endif
@@ -1182,7 +1182,7 @@ static int ssl3_get_certificate_request(SSL *s)
SSL3_ST_CR_CERT_REQ_A,
SSL3_ST_CR_CERT_REQ_B,
-1,
#if defined(MSDOS) && !defined(WIN32)
#if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN32)
1024*30, /* 30k max cert list :-) */
#else
1024*100, /* 100k max cert list :-) */
@@ -1348,13 +1348,13 @@ static int ssl3_send_client_key_exchange(SSL *s)
unsigned char *p,*d;
int n;
unsigned long l;
#ifndef NO_RSA
#ifndef OPENSSL_NO_RSA
unsigned char *q;
EVP_PKEY *pkey=NULL;
#endif
#ifndef NO_KRB5
#ifndef OPENSSL_NO_KRB5
KSSL_ERR kssl_err;
#endif /* NO_KRB5 */
#endif /* OPENSSL_NO_KRB5 */
if (s->state == SSL3_ST_CW_KEY_EXCH_A)
{
@@ -1365,7 +1365,7 @@ static int ssl3_send_client_key_exchange(SSL *s)
/* Fool emacs indentation */
if (0) {}
#ifndef NO_RSA
#ifndef OPENSSL_NO_RSA
else if (l & SSL_kRSA)
{
RSA *rsa;
@@ -1424,7 +1424,7 @@ static int ssl3_send_client_key_exchange(SSL *s)
memset(tmp_buf,0,SSL_MAX_MASTER_KEY_LENGTH);
}
#endif
#ifndef NO_KRB5
#ifndef OPENSSL_NO_KRB5
else if (l & SSL_kKRB5)
{
krb5_error_code krb5rc;
@@ -1490,7 +1490,7 @@ static int ssl3_send_client_key_exchange(SSL *s)
s->session->master_key, kssl_ctx->key,kssl_ctx->length);
}
#endif
#ifndef NO_DH
#ifndef OPENSSL_NO_DH
else if (l & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
{
DH *dh_srvr,*dh_clnt;
@@ -1573,11 +1573,11 @@ static int ssl3_send_client_verify(SSL *s)
unsigned char *p,*d;
unsigned char data[MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH];
EVP_PKEY *pkey;
#ifndef NO_RSA
#ifndef OPENSSL_NO_RSA
unsigned u=0;
#endif
unsigned long n;
#ifndef NO_DSA
#ifndef OPENSSL_NO_DSA
int j;
#endif
@@ -1590,7 +1590,7 @@ static int ssl3_send_client_verify(SSL *s)
s->method->ssl3_enc->cert_verify_mac(s,&(s->s3->finish_dgst2),
&(data[MD5_DIGEST_LENGTH]));
#ifndef NO_RSA
#ifndef OPENSSL_NO_RSA
if (pkey->type == EVP_PKEY_RSA)
{
s->method->ssl3_enc->cert_verify_mac(s,
@@ -1607,7 +1607,7 @@ static int ssl3_send_client_verify(SSL *s)
}
else
#endif
#ifndef NO_DSA
#ifndef OPENSSL_NO_DSA
if (pkey->type == EVP_PKEY_DSA)
{
if (!DSA_sign(pkey->save_type,
@@ -1723,10 +1723,10 @@ static int ssl3_check_cert_and_algorithm(SSL *s)
long algs;
EVP_PKEY *pkey=NULL;
SESS_CERT *sc;
#ifndef NO_RSA
#ifndef OPENSSL_NO_RSA
RSA *rsa;
#endif
#ifndef NO_DH
#ifndef OPENSSL_NO_DH
DH *dh;
#endif
@@ -1744,10 +1744,10 @@ static int ssl3_check_cert_and_algorithm(SSL *s)
if (algs & (SSL_aDH|SSL_aNULL|SSL_aKRB5))
return(1);
#ifndef NO_RSA
#ifndef OPENSSL_NO_RSA
rsa=s->session->sess_cert->peer_rsa_tmp;
#endif
#ifndef NO_DH
#ifndef OPENSSL_NO_DH
dh=s->session->sess_cert->peer_dh_tmp;
#endif
@@ -1765,14 +1765,14 @@ static int ssl3_check_cert_and_algorithm(SSL *s)
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_RSA_SIGNING_CERT);
goto f_err;
}
#ifndef NO_DSA
#ifndef OPENSSL_NO_DSA
else if ((algs & SSL_aDSS) && !has_bits(i,EVP_PK_DSA|EVP_PKT_SIGN))
{
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DSA_SIGNING_CERT);
goto f_err;
}
#endif
#ifndef NO_RSA
#ifndef OPENSSL_NO_RSA
if ((algs & SSL_kRSA) &&
!(has_bits(i,EVP_PK_RSA|EVP_PKT_ENC) || (rsa != NULL)))
{
@@ -1780,7 +1780,7 @@ static int ssl3_check_cert_and_algorithm(SSL *s)
goto f_err;
}
#endif
#ifndef NO_DH
#ifndef OPENSSL_NO_DH
if ((algs & SSL_kEDH) &&
!(has_bits(i,EVP_PK_DH|EVP_PKT_EXCH) || (dh != NULL)))
{
@@ -1792,7 +1792,7 @@ static int ssl3_check_cert_and_algorithm(SSL *s)
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_RSA_CERT);
goto f_err;
}
#ifndef NO_DSA
#ifndef OPENSSL_NO_DSA
else if ((algs & SSL_kDHd) && !has_bits(i,EVP_PK_DH|EVP_PKS_DSA))
{
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_DSA_CERT);
@@ -1803,7 +1803,7 @@ static int ssl3_check_cert_and_algorithm(SSL *s)
if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && !has_bits(i,EVP_PKT_EXP))
{
#ifndef NO_RSA
#ifndef OPENSSL_NO_RSA
if (algs & SSL_kRSA)
{
if (rsa == NULL
@@ -1815,7 +1815,7 @@ static int ssl3_check_cert_and_algorithm(SSL *s)
}
else
#endif
#ifndef NO_DH
#ifndef OPENSSL_NO_DH
if (algs & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
{
if (dh == NULL

52
ssl/s3_lib.c
View File

@@ -526,7 +526,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_ALL_STRENGTHS,
},
#ifndef NO_KRB5
#ifndef OPENSSL_NO_KRB5
/* The Kerberos ciphers
** 20000107 VRS: And the first shall be last,
** in hopes of avoiding the lynx ssl renegotiation problem.
@@ -614,7 +614,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_ALL_CIPHERS,
SSL_ALL_STRENGTHS,
},
#endif /* NO_KRB5 */
#endif /* OPENSSL_NO_KRB5 */
#if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES
@@ -973,7 +973,7 @@ void ssl3_free(SSL *s)
OPENSSL_free(s->s3->wbuf.buf);
if (s->s3->rrec.comp != NULL)
OPENSSL_free(s->s3->rrec.comp);
#ifndef NO_DH
#ifndef OPENSSL_NO_DH
if (s->s3->tmp.dh != NULL)
DH_free(s->s3->tmp.dh);
#endif
@@ -997,7 +997,7 @@ void ssl3_clear(SSL *s)
OPENSSL_free(s->s3->rrec.comp);
s->s3->rrec.comp=NULL;
}
#ifndef NO_DH
#ifndef OPENSSL_NO_DH
if (s->s3->tmp.dh != NULL)
DH_free(s->s3->tmp.dh);
#endif
@@ -1023,13 +1023,13 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, char *parg)
{
int ret=0;
#if !defined(NO_DSA) || !defined(NO_RSA)
#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
if (
#ifndef NO_RSA
#ifndef OPENSSL_NO_RSA
cmd == SSL_CTRL_SET_TMP_RSA ||
cmd == SSL_CTRL_SET_TMP_RSA_CB ||
#endif
#ifndef NO_DSA
#ifndef OPENSSL_NO_DSA
cmd == SSL_CTRL_SET_TMP_DH ||
cmd == SSL_CTRL_SET_TMP_DH_CB ||
#endif
@@ -1063,7 +1063,7 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, char *parg)
case SSL_CTRL_GET_FLAGS:
ret=(int)(s->s3->flags);
break;
#ifndef NO_RSA
#ifndef OPENSSL_NO_RSA
case SSL_CTRL_NEED_TMP_RSA:
if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) &&
((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
@@ -1096,7 +1096,7 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, char *parg)
}
break;
#endif
#ifndef NO_DH
#ifndef OPENSSL_NO_DH
case SSL_CTRL_SET_TMP_DH:
{
DH *dh = (DH *)parg;
@@ -1142,12 +1142,12 @@ long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)())
{
int ret=0;
#if !defined(NO_DSA) || !defined(NO_RSA)
#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
if (
#ifndef NO_RSA
#ifndef OPENSSL_NO_RSA
cmd == SSL_CTRL_SET_TMP_RSA_CB ||
#endif
#ifndef NO_DSA
#ifndef OPENSSL_NO_DSA
cmd == SSL_CTRL_SET_TMP_DH_CB ||
#endif
0)
@@ -1162,14 +1162,14 @@ long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)())
switch (cmd)
{
#ifndef NO_RSA
#ifndef OPENSSL_NO_RSA
case SSL_CTRL_SET_TMP_RSA_CB:
{
s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
}
break;
#endif
#ifndef NO_DH
#ifndef OPENSSL_NO_DH
case SSL_CTRL_SET_TMP_DH_CB:
{
s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
@@ -1190,7 +1190,7 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, char *parg)
switch (cmd)
{
#ifndef NO_RSA
#ifndef OPENSSL_NO_RSA
case SSL_CTRL_NEED_TMP_RSA:
if ( (cert->rsa_tmp == NULL) &&
((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
@@ -1235,7 +1235,7 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, char *parg)
}
break;
#endif
#ifndef NO_DH
#ifndef OPENSSL_NO_DH
case SSL_CTRL_SET_TMP_DH:
{
DH *new=NULL,*dh;
@@ -1292,14 +1292,14 @@ long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)())
switch (cmd)
{
#ifndef NO_RSA
#ifndef OPENSSL_NO_RSA
case SSL_CTRL_SET_TMP_RSA_CB:
{
cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
}
break;
#endif
#ifndef NO_DH
#ifndef OPENSSL_NO_DH
case SSL_CTRL_SET_TMP_DH_CB:
{
cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
@@ -1461,31 +1461,31 @@ int ssl3_get_req_cert_type(SSL *s, unsigned char *p)
alg=s->s3->tmp.new_cipher->algorithms;
#ifndef NO_DH
#ifndef OPENSSL_NO_DH
if (alg & (SSL_kDHr|SSL_kEDH))
{
# ifndef NO_RSA
# ifndef OPENSSL_NO_RSA
p[ret++]=SSL3_CT_RSA_FIXED_DH;
# endif
# ifndef NO_DSA
# ifndef OPENSSL_NO_DSA
p[ret++]=SSL3_CT_DSS_FIXED_DH;
# endif
}
if ((s->version == SSL3_VERSION) &&
(alg & (SSL_kEDH|SSL_kDHd|SSL_kDHr)))
{
# ifndef NO_RSA
# ifndef OPENSSL_NO_RSA
p[ret++]=SSL3_CT_RSA_EPHEMERAL_DH;
# endif
# ifndef NO_DSA
# ifndef OPENSSL_NO_DSA
p[ret++]=SSL3_CT_DSS_EPHEMERAL_DH;
# endif
}
#endif /* !NO_DH */
#ifndef NO_RSA
#endif /* !OPENSSL_NO_DH */
#ifndef OPENSSL_NO_RSA
p[ret++]=SSL3_CT_RSA_SIGN;
#endif
#ifndef NO_DSA
#ifndef OPENSSL_NO_DSA
p[ret++]=SSL3_CT_DSS_SIGN;
#endif
return(ret);

2
ssl/s3_pkt.c
View File

@@ -1052,7 +1052,7 @@ start:
switch (rr->type)
{
default:
#ifndef NO_TLS
#ifndef OPENSSL_NO_TLS
/* TLS just ignores unknown message types */
if (s->version == TLS1_VERSION)
{

46
ssl/s3_srvr.c
View File

@@ -70,9 +70,9 @@
#include <openssl/x509.h>
#include "ssl_locl.h"
#ifndef NO_KRB5
#ifndef OPENSSL_NO_KRB5
#include "kssl.h"
#endif /* NO_KRB5 */
#endif /* OPENSSL_NO_KRB5 */
static SSL_METHOD *ssl3_get_server_method(int ver);
static int ssl3_get_client_hello(SSL *s);
@@ -267,9 +267,9 @@ int ssl3_accept(SSL *s)
/* clear this, it may get reset by
* send_server_key_exchange */
if ((s->options & SSL_OP_EPHEMERAL_RSA)
#ifndef NO_KRB5
#ifndef OPENSSL_NO_KRB5
&& !(l & SSL_KRB5)
#endif /* NO_KRB5 */
#endif /* OPENSSL_NO_KRB5 */
)
s->s3->tmp.use_rsa_tmp=1;
else
@@ -555,7 +555,7 @@ static int ssl3_check_client_hello(SSL *s)
* which will now be aborted. (A full SSL_clear would be too much.)
* I hope that tmp.dh is the only thing that may need to be cleared
* when a handshake is not completed ... */
#ifndef NO_DH
#ifndef OPENSSL_NO_DH
if (s->s3->tmp.dh != NULL)
{
DH_free(s->s3->tmp.dh);
@@ -927,14 +927,14 @@ static int ssl3_send_server_done(SSL *s)
static int ssl3_send_server_key_exchange(SSL *s)
{
#ifndef NO_RSA
#ifndef OPENSSL_NO_RSA
unsigned char *q;
int j,num;
RSA *rsa;
unsigned char md_buf[MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH];
unsigned int u;
#endif
#ifndef NO_DH
#ifndef OPENSSL_NO_DH
DH *dh=NULL,*dhp;
#endif
EVP_PKEY *pkey;
@@ -957,7 +957,7 @@ static int ssl3_send_server_key_exchange(SSL *s)
r[0]=r[1]=r[2]=r[3]=NULL;
n=0;
#ifndef NO_RSA
#ifndef OPENSSL_NO_RSA
if (type & SSL_kRSA)
{
rsa=cert->rsa_tmp;
@@ -987,7 +987,7 @@ static int ssl3_send_server_key_exchange(SSL *s)
}
else
#endif
#ifndef NO_DH
#ifndef OPENSSL_NO_DH
if (type & SSL_kEDH)
{
dhp=cert->dh_tmp;
@@ -1091,7 +1091,7 @@ static int ssl3_send_server_key_exchange(SSL *s)
{
/* n is the length of the params, they start at &(d[4])
* and p points to the space at the end. */
#ifndef NO_RSA
#ifndef OPENSSL_NO_RSA
if (pkey->type == EVP_PKEY_RSA)
{
q=md_buf;
@@ -1119,7 +1119,7 @@ static int ssl3_send_server_key_exchange(SSL *s)
}
else
#endif
#if !defined(NO_DSA)
#if !defined(OPENSSL_NO_DSA)
if (pkey->type == EVP_PKEY_DSA)
{
/* lets do DSS */
@@ -1257,17 +1257,17 @@ static int ssl3_get_client_key_exchange(SSL *s)
long n;
unsigned long l;
unsigned char *p;
#ifndef NO_RSA
#ifndef OPENSSL_NO_RSA
RSA *rsa=NULL;
EVP_PKEY *pkey=NULL;
#endif
#ifndef NO_DH
#ifndef OPENSSL_NO_DH
BIGNUM *pub=NULL;
DH *dh_srvr;
#endif
#ifndef NO_KRB5
#ifndef OPENSSL_NO_KRB5
KSSL_ERR kssl_err;
#endif /* NO_KRB5 */
#endif /* OPENSSL_NO_KRB5 */
n=ssl3_get_message(s,
SSL3_ST_SR_KEY_EXCH_A,
@@ -1281,7 +1281,7 @@ static int ssl3_get_client_key_exchange(SSL *s)
l=s->s3->tmp.new_cipher->algorithms;
#ifndef NO_RSA
#ifndef OPENSSL_NO_RSA
if (l & SSL_kRSA)
{
/* FIX THIS UP EAY EAY EAY EAY */
@@ -1366,7 +1366,7 @@ static int ssl3_get_client_key_exchange(SSL *s)
}
else
#endif
#ifndef NO_DH
#ifndef OPENSSL_NO_DH
if (l & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
{
n2s(p,i);
@@ -1429,7 +1429,7 @@ static int ssl3_get_client_key_exchange(SSL *s)
}
else
#endif
#ifndef NO_KRB5
#ifndef OPENSSL_NO_KRB5
if (l & SSL_kKRB5)
{
krb5_error_code krb5rc;
@@ -1475,7 +1475,7 @@ static int ssl3_get_client_key_exchange(SSL *s)
*/
}
else
#endif /* NO_KRB5 */
#endif /* OPENSSL_NO_KRB5 */
{
al=SSL_AD_HANDSHAKE_FAILURE;
SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_UNKNOWN_CIPHER_TYPE);
@@ -1485,7 +1485,7 @@ static int ssl3_get_client_key_exchange(SSL *s)
return(1);
f_err:
ssl3_send_alert(s,SSL3_AL_FATAL,al);
#if !defined(NO_DH) || !defined(NO_RSA)
#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_RSA)
err:
#endif
return(-1);
@@ -1574,7 +1574,7 @@ static int ssl3_get_cert_verify(SSL *s)
goto f_err;
}
#ifndef NO_RSA
#ifndef OPENSSL_NO_RSA
if (pkey->type == EVP_PKEY_RSA)
{
i=RSA_verify(NID_md5_sha1, s->s3->tmp.cert_verify_md,
@@ -1595,7 +1595,7 @@ static int ssl3_get_cert_verify(SSL *s)
}
else
#endif
#ifndef NO_DSA
#ifndef OPENSSL_NO_DSA
if (pkey->type == EVP_PKEY_DSA)
{
j=DSA_verify(pkey->save_type,
@@ -1641,7 +1641,7 @@ static int ssl3_get_client_certificate(SSL *s)
SSL3_ST_SR_CERT_A,
SSL3_ST_SR_CERT_B,
-1,
#if defined(MSDOS) && !defined(WIN32)
#if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN32)
1024*30, /* 30k max cert list :-) */
#else
1024*100, /* 100k max cert list :-) */

18
ssl/ssl_algs.c
View File

@@ -64,38 +64,38 @@
int SSL_library_init(void)
{
#ifndef NO_DES
#ifndef OPENSSL_NO_DES
EVP_add_cipher(EVP_des_cbc());
EVP_add_cipher(EVP_des_ede3_cbc());
#endif
#ifndef NO_IDEA
#ifndef OPENSSL_NO_IDEA
EVP_add_cipher(EVP_idea_cbc());
#endif
#ifndef NO_RC4
#ifndef OPENSSL_NO_RC4
EVP_add_cipher(EVP_rc4());
#endif
#ifndef NO_RC2
#ifndef OPENSSL_NO_RC2
EVP_add_cipher(EVP_rc2_cbc());
#endif
#ifndef NO_AES
#ifndef OPENSSL_NO_AES
EVP_add_cipher(EVP_aes_128_cbc());
EVP_add_cipher(EVP_aes_192_cbc());
EVP_add_cipher(EVP_aes_256_cbc());
#endif
#ifndef NO_MD2
#ifndef OPENSSL_NO_MD2
EVP_add_digest(EVP_md2());
#endif
#ifndef NO_MD5
#ifndef OPENSSL_NO_MD5
EVP_add_digest(EVP_md5());
EVP_add_digest_alias(SN_md5,"ssl2-md5");
EVP_add_digest_alias(SN_md5,"ssl3-md5");
#endif
#ifndef NO_SHA
#ifndef OPENSSL_NO_SHA
EVP_add_digest(EVP_sha1()); /* RSA with sha1 */
EVP_add_digest_alias(SN_sha1,"ssl3-sha1");
EVP_add_digest_alias(SN_sha1WithRSAEncryption,SN_sha1WithRSA);
#endif
#if !defined(NO_SHA) && !defined(NO_DSA)
#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_DSA)
EVP_add_digest(EVP_dss1()); /* DSA with sha1 */
EVP_add_digest_alias(SN_dsaWithSHA1,SN_dsaWithSHA1_2);
EVP_add_digest_alias(SN_dsaWithSHA1,"DSS1");

29
ssl/ssl_cert.c
View File

@@ -107,12 +107,11 @@
#include <stdio.h>
#include "openssl/e_os.h"
#ifndef NO_SYS_TYPES_H
# include <sys/types.h>
#endif
#if !defined(WIN32) && !defined(VSM) && !defined(NeXT) && !defined(MAC_OS_pre_X)
#if !defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_SYS_VMS) && !defined(NeXT) && !defined(MAC_OS_pre_X)
#include <dirent.h>
#endif
@@ -188,7 +187,7 @@ CERT *ssl_cert_dup(CERT *cert)
ret->mask = cert->mask;
ret->export_mask = cert->export_mask;
#ifndef NO_RSA
#ifndef OPENSSL_NO_RSA
if (cert->rsa_tmp != NULL)
{
ret->rsa_tmp = cert->rsa_tmp;
@@ -197,7 +196,7 @@ CERT *ssl_cert_dup(CERT *cert)
ret->rsa_tmp_cb = cert->rsa_tmp_cb;
#endif
#ifndef NO_DH
#ifndef OPENSSL_NO_DH
if (cert->dh_tmp != NULL)
{
/* DH parameters don't have a reference count */
@@ -280,14 +279,14 @@ CERT *ssl_cert_dup(CERT *cert)
return(ret);
#ifndef NO_DH /* avoid 'unreferenced label' warning if NO_DH is defined */
#ifndef OPENSSL_NO_DH /* avoid 'unreferenced label' warning if OPENSSL_NO_DH is defined */
err:
#endif
#ifndef NO_RSA
#ifndef OPENSSL_NO_RSA
if (ret->rsa_tmp != NULL)
RSA_free(ret->rsa_tmp);
#endif
#ifndef NO_DH
#ifndef OPENSSL_NO_DH
if (ret->dh_tmp != NULL)
DH_free(ret->dh_tmp);
#endif
@@ -324,10 +323,10 @@ void ssl_cert_free(CERT *c)
}
#endif
#ifndef NO_RSA
#ifndef OPENSSL_NO_RSA
if (c->rsa_tmp) RSA_free(c->rsa_tmp);
#endif
#ifndef NO_DH
#ifndef OPENSSL_NO_DH
if (c->dh_tmp) DH_free(c->dh_tmp);
#endif
@@ -428,11 +427,11 @@ void ssl_sess_cert_free(SESS_CERT *sc)
#endif
}
#ifndef NO_RSA
#ifndef OPENSSL_NO_RSA
if (sc->peer_rsa_tmp != NULL)
RSA_free(sc->peer_rsa_tmp);
#endif
#ifndef NO_DH
#ifndef OPENSSL_NO_DH
if (sc->peer_dh_tmp != NULL)
DH_free(sc->peer_dh_tmp);
#endif
@@ -476,7 +475,7 @@ int ssl_verify_cert_chain(SSL *s,STACK_OF(X509) *sk)
i=s->ctx->app_verify_callback(&ctx); /* should pass app_verify_arg */
else
{
#ifndef NO_X509_VERIFY
#ifndef OPENSSL_NO_X509_VERIFY
i=X509_verify_cert(&ctx);
#else
i=0;
@@ -586,7 +585,7 @@ static int xname_cmp(const X509_NAME * const *a, const X509_NAME * const *b)
return(X509_NAME_cmp(*a,*b));
}
#ifndef NO_STDIO
#ifndef OPENSSL_NO_STDIO
/*!
* Load CA certs from a file into a ::STACK. Note that it is somewhat misnamed;
* it doesn't really have anything to do with clients (except that a common use
@@ -716,8 +715,8 @@ err:
* certs may have been added to \c stack.
*/
#ifndef WIN32
#ifndef VMS /* XXXX This may be fixed in the future */
#ifndef OPENSSL_SYS_WIN32
#ifndef OPENSSL_SYS_VMS /* XXXX This may be fixed in the future */
#ifndef MAC_OS_pre_X
int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,

8
ssl/ssl_ciph.c
View File

@@ -300,16 +300,16 @@ static unsigned long ssl_cipher_get_disabled(void)
unsigned long mask;
mask = SSL_kFZA;
#ifdef NO_RSA
#ifdef OPENSSL_NO_RSA
mask |= SSL_aRSA|SSL_kRSA;
#endif
#ifdef NO_DSA
#ifdef OPENSSL_NO_DSA
mask |= SSL_aDSS;
#endif
#ifdef NO_DH
#ifdef OPENSSL_NO_DH
mask |= SSL_kDHr|SSL_kDHd|SSL_kEDH|SSL_aDH;
#endif
#ifdef NO_KRB5
#ifdef OPENSSL_NO_KRB5
mask |= SSL_kKRB5|SSL_aKRB5;
#endif

4
ssl/ssl_err.c
View File

@@ -63,7 +63,7 @@
#include <openssl/ssl.h>
/* BEGIN ERROR CODES */
#ifndef NO_ERR
#ifndef OPENSSL_NO_ERR
static ERR_STRING_DATA SSL_str_functs[]=
{
{ERR_PACK(0,SSL_F_CLIENT_CERTIFICATE,0), "CLIENT_CERTIFICATE"},
@@ -432,7 +432,7 @@ void ERR_load_SSL_strings(void)
if (init)
{
init=0;
#ifndef NO_ERR
#ifndef OPENSSL_NO_ERR
ERR_load_strings(ERR_LIB_SSL,SSL_str_functs);
ERR_load_strings(ERR_LIB_SSL,SSL_str_reasons);
#endif

2
ssl/ssl_err2.c
View File

@@ -62,7 +62,7 @@
void SSL_load_error_strings(void)
{
#ifndef NO_ERR
#ifndef OPENSSL_NO_ERR
ERR_load_crypto_strings();
ERR_load_SSL_strings();
#endif

20
ssl/ssl_lib.c
View File

@@ -191,9 +191,9 @@ SSL *SSL_new(SSL_CTX *ctx)
if (s == NULL) goto err;
memset(s,0,sizeof(SSL));
#ifndef NO_KRB5
#ifndef OPENSSL_NO_KRB5
s->kssl_ctx = kssl_ctx_new();
#endif /* NO_KRB5 */
#endif /* OPENSSL_NO_KRB5 */
if (ctx->cert != NULL)
{
@@ -425,7 +425,7 @@ int SSL_get_fd(SSL *s)
return(ret);
}
#ifndef NO_SOCK
#ifndef OPENSSL_NO_SOCK
int SSL_set_fd(SSL *s,int fd)
{
int ret=0;
@@ -1316,14 +1316,14 @@ void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher)
kl=SSL_C_EXPORT_PKEYLENGTH(cipher);
#ifndef NO_RSA
#ifndef OPENSSL_NO_RSA
rsa_tmp=(c->rsa_tmp != NULL || c->rsa_tmp_cb != NULL);
rsa_tmp_export=(c->rsa_tmp_cb != NULL ||
(rsa_tmp && RSA_size(c->rsa_tmp)*8 <= kl));
#else
rsa_tmp=rsa_tmp_export=0;
#endif
#ifndef NO_DH
#ifndef OPENSSL_NO_DH
dh_tmp=(c->dh_tmp != NULL || c->dh_tmp_cb != NULL);
dh_tmp_export=(c->dh_tmp_cb != NULL ||
(dh_tmp && DH_size(c->dh_tmp)*8 <= kl));
@@ -1397,7 +1397,7 @@ void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher)
mask|=SSL_aNULL;
emask|=SSL_aNULL;
#ifndef NO_KRB5
#ifndef OPENSSL_NO_KRB5
mask|=SSL_kKRB5|SSL_aKRB5;
emask|=SSL_kKRB5|SSL_aKRB5;
#endif
@@ -1946,7 +1946,7 @@ SSL_CTX *SSL_get_SSL_CTX(SSL *ssl)
return(ssl->ctx);
}
#ifndef NO_STDIO
#ifndef OPENSSL_NO_STDIO
int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx)
{
return(X509_STORE_set_default_paths(ctx->cert_store));
@@ -2048,7 +2048,7 @@ int SSL_want(SSL *s)
* \param cb the callback
*/
#ifndef NO_RSA
#ifndef OPENSSL_NO_RSA
void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx,RSA *(*cb)(SSL *ssl,
int is_export,
int keylength))
@@ -2085,7 +2085,7 @@ RSA *cb(SSL *ssl,int is_export,int keylength)
* \param dh the callback
*/
#ifndef NO_DH
#ifndef OPENSSL_NO_DH
void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,DH *(*dh)(SSL *ssl,int is_export,
int keylength))
{
@@ -2099,7 +2099,7 @@ void SSL_set_tmp_dh_callback(SSL *ssl,DH *(*dh)(SSL *ssl,int is_export,
}
#endif
#if defined(_WINDLL) && defined(WIN16)
#if defined(_WINDLL) && defined(OPENSSL_SYS_WIN16)
#include "../crypto/bio/bss_file.c"
#endif

13
ssl/ssl_locl.h
View File

@@ -127,6 +127,7 @@
#include <openssl/x509.h>
#include <openssl/err.h>
#include <openssl/ssl.h>
#include <openssl/symhacks.h>
#ifdef OPENSSL_BUILD_SHLIBSSL
# undef OPENSSL_EXTERN
@@ -376,11 +377,11 @@ typedef struct cert_st
int valid;
unsigned long mask;
unsigned long export_mask;
#ifndef NO_RSA
#ifndef OPENSSL_NO_RSA
RSA *rsa_tmp;
RSA *(*rsa_tmp_cb)(SSL *ssl,int is_export,int keysize);
#endif
#ifndef NO_DH
#ifndef OPENSSL_NO_DH
DH *dh_tmp;
DH *(*dh_tmp_cb)(SSL *ssl,int is_export,int keysize);
#endif
@@ -403,10 +404,10 @@ typedef struct sess_cert_st
/* Obviously we don't have the private keys of these,
* so maybe we shouldn't even use the CERT_PKEY type here. */
#ifndef NO_RSA
#ifndef OPENSSL_NO_RSA
RSA *peer_rsa_tmp; /* not used for SSL 2 */
#endif
#ifndef NO_DH
#ifndef OPENSSL_NO_DH
DH *peer_dh_tmp; /* not used for SSL 2 */
#endif
@@ -463,9 +464,9 @@ OPENSSL_EXTERN SSL3_ENC_METHOD ssl3_undef_enc_method;
OPENSSL_EXTERN SSL_CIPHER ssl2_ciphers[];
OPENSSL_EXTERN SSL_CIPHER ssl3_ciphers[];
#ifdef VMS
#ifdef OPENSSL_SYS_VMS
#undef SSL_COMP_get_compression_methods
#define SSL_COMP_get_compression_methods SSL_COMP_get_compress_methods
#define SSL_COMP_get_compression_methods SSL_COMP_get_compress_methods
#endif

30
ssl/ssl_rsa.c
View File

@@ -81,7 +81,7 @@ int SSL_use_certificate(SSL *ssl, X509 *x)
return(ssl_set_cert(ssl->cert,x));
}
#ifndef NO_STDIO
#ifndef OPENSSL_NO_STDIO
int SSL_use_certificate_file(SSL *ssl, const char *file, int type)
{
int j;
@@ -148,7 +148,7 @@ int SSL_use_certificate_ASN1(SSL *ssl, unsigned char *d, int len)
return(ret);
}
#ifndef NO_RSA
#ifndef OPENSSL_NO_RSA
int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa)
{
EVP_PKEY *pkey;
@@ -198,7 +198,7 @@ static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey)
EVP_PKEY_free(pktmp);
ERR_clear_error();
#ifndef NO_RSA
#ifndef OPENSSL_NO_RSA
/* Don't check the public/private key, this is mostly
* for smart cards. */
if ((pkey->type == EVP_PKEY_RSA) &&
@@ -251,8 +251,8 @@ static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey)
return(1);
}
#ifndef NO_RSA
#ifndef NO_STDIO
#ifndef OPENSSL_NO_RSA
#ifndef OPENSSL_NO_STDIO
int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type)
{
int j,ret=0;
@@ -317,7 +317,7 @@ int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len)
RSA_free(rsa);
return(ret);
}
#endif /* !NO_RSA */
#endif /* !OPENSSL_NO_RSA */
int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey)
{
@@ -337,7 +337,7 @@ int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey)
return(ret);
}
#ifndef NO_STDIO
#ifndef OPENSSL_NO_STDIO
int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type)
{
int j,ret=0;
@@ -438,7 +438,7 @@ static int ssl_set_cert(CERT *c, X509 *x)
EVP_PKEY_copy_parameters(pkey,c->pkeys[i].privatekey);
ERR_clear_error();
#ifndef NO_RSA
#ifndef OPENSSL_NO_RSA
/* Don't check the public/private key, this is mostly
* for smart cards. */
if ((c->pkeys[i].privatekey->type == EVP_PKEY_RSA) &&
@@ -471,7 +471,7 @@ static int ssl_set_cert(CERT *c, X509 *x)
}
else
ok=1;
} /* NO_RSA */
} /* OPENSSL_NO_RSA */
}
else
ok=1;
@@ -493,7 +493,7 @@ static int ssl_set_cert(CERT *c, X509 *x)
return(1);
}
#ifndef NO_STDIO
#ifndef OPENSSL_NO_STDIO
int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type)
{
int j;
@@ -560,7 +560,7 @@ int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d)
return(ret);
}
#ifndef NO_RSA
#ifndef OPENSSL_NO_RSA
int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa)
{
int ret;
@@ -590,7 +590,7 @@ int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa)
return(ret);
}
#ifndef NO_STDIO
#ifndef OPENSSL_NO_STDIO
int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type)
{
int j,ret=0;
@@ -655,7 +655,7 @@ int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len)
RSA_free(rsa);
return(ret);
}
#endif /* !NO_RSA */
#endif /* !OPENSSL_NO_RSA */
int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey)
{
@@ -672,7 +672,7 @@ int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey)
return(ssl_set_pkey(ctx->cert,pkey));
}
#ifndef NO_STDIO
#ifndef OPENSSL_NO_STDIO
int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type)
{
int j,ret=0;
@@ -735,7 +735,7 @@ int SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx, unsigned char *d,
}
#ifndef NO_STDIO
#ifndef OPENSSL_NO_STDIO
/* Read a file that contains our certificate in "PEM" format,
* possibly followed by a sequence of CA certificates that should be
* sent to the peer in the Certificate message.

12
ssl/ssl_stat.c
View File

@@ -74,7 +74,7 @@ case SSL_ST_BEFORE|SSL_ST_CONNECT: str="before/connect initialization"; break;
case SSL_ST_OK|SSL_ST_CONNECT: str="ok/connect SSL initialization"; break;
case SSL_ST_BEFORE|SSL_ST_ACCEPT: str="before/accept initialization"; break;
case SSL_ST_OK|SSL_ST_ACCEPT: str="ok/accept SSL initialization"; break;
#ifndef NO_SSL2
#ifndef OPENSSL_NO_SSL2
case SSL2_ST_CLIENT_START_ENCRYPTION: str="SSLv2 client start encryption"; break;
case SSL2_ST_SERVER_START_ENCRYPTION: str="SSLv2 server start encryption"; break;
case SSL2_ST_SEND_CLIENT_HELLO_A: str="SSLv2 write client hello A"; break;
@@ -115,7 +115,7 @@ case SSL2_ST_X509_GET_SERVER_CERTIFICATE: str="SSLv2 X509 read server certificat
case SSL2_ST_X509_GET_CLIENT_CERTIFICATE: str="SSLv2 X509 read client certificate"; break;
#endif
#ifndef NO_SSL3
#ifndef OPENSSL_NO_SSL3
/* SSLv3 additions */
case SSL3_ST_CW_CLNT_HELLO_A: str="SSLv3 write client hello A"; break;
case SSL3_ST_CW_CLNT_HELLO_B: str="SSLv3 write client hello B"; break;
@@ -182,7 +182,7 @@ case SSL3_ST_SR_CERT_VRFY_A: str="SSLv3 read certificate verify A"; break;
case SSL3_ST_SR_CERT_VRFY_B: str="SSLv3 read certificate verify B"; break;
#endif
#if !defined(NO_SSL2) && !defined(NO_SSL3)
#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
/* SSLv2/v3 compatibility states */
/* client */
case SSL23_ST_CW_CLNT_HELLO_A: str="SSLv2/v3 write client hello A"; break;
@@ -223,7 +223,7 @@ case SSL_ST_BEFORE: str="PINIT "; break;
case SSL_ST_ACCEPT: str="AINIT "; break;
case SSL_ST_CONNECT: str="CINIT "; break;
case SSL_ST_OK: str="SSLOK "; break;
#ifndef NO_SSL2
#ifndef OPENSSL_NO_SSL2
case SSL2_ST_CLIENT_START_ENCRYPTION: str="2CSENC"; break;
case SSL2_ST_SERVER_START_ENCRYPTION: str="2SSENC"; break;
case SSL2_ST_SEND_CLIENT_HELLO_A: str="2SCH_A"; break;
@@ -264,7 +264,7 @@ case SSL2_ST_X509_GET_SERVER_CERTIFICATE: str="2X9GSC"; break;
case SSL2_ST_X509_GET_CLIENT_CERTIFICATE: str="2X9GCC"; break;
#endif
#ifndef NO_SSL3
#ifndef OPENSSL_NO_SSL3
/* SSLv3 additions */
case SSL3_ST_SW_FLUSH:
case SSL3_ST_CW_FLUSH: str="3FLUSH"; break;
@@ -330,7 +330,7 @@ case SSL3_ST_SR_CERT_VRFY_A: str="3RCV_A"; break;
case SSL3_ST_SR_CERT_VRFY_B: str="3RCV_B"; break;
#endif
#if !defined(NO_SSL2) && !defined(NO_SSL3)
#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
/* SSLv2/v3 compatibility states */
/* client */
case SSL23_ST_CW_CLNT_HELLO_A: str="23WCHA"; break;

2
ssl/ssl_txt.c
View File

@@ -60,7 +60,7 @@
#include <openssl/buffer.h>
#include "ssl_locl.h"
#ifndef NO_FP_API
#ifndef OPENSSL_NO_FP_API
int SSL_SESSION_print_fp(FILE *fp, SSL_SESSION *x)
{
BIO *b;

42
ssl/ssltest.c
View File

@@ -126,12 +126,12 @@
#include <openssl/ssl.h>
#include <openssl/err.h>
#include <openssl/rand.h>
#ifdef WINDOWS
#ifdef OPENSSL_SYS_WINDOWS
#include <winsock.h>
#include "../crypto/bio/bss_file.c"
#endif
#ifdef VMS
#ifdef OPENSSL_SYS_VMS
# define TEST_SERVER_CERT "SYS$DISK:[-.APPS]SERVER.PEM"
# define TEST_CLIENT_CERT "SYS$DISK:[-.APPS]CLIENT.PEM"
#else
@@ -145,11 +145,11 @@
#define COMP_ZLIB 2
static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
#ifndef NO_RSA
#ifndef OPENSSL_NO_RSA
static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export,int keylength);
static void free_tmp_rsa(void);
#endif
#ifndef NO_DH
#ifndef OPENSSL_NO_DH
static DH *get_dh512(void);
static DH *get_dh1024(void);
static DH *get_dh1024dsa(void);
@@ -183,18 +183,18 @@ static void sv_usage(void)
fprintf(stderr," -reuse - use session-id reuse\n");
fprintf(stderr," -num <val> - number of connections to perform\n");
fprintf(stderr," -bytes <val> - number of bytes to swap between client/server\n");
#ifndef NO_DH
#ifndef OPENSSL_NO_DH
fprintf(stderr," -dhe1024 - use 1024 bit key (safe prime) for DHE\n");
fprintf(stderr," -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n");
fprintf(stderr," -no_dhe - disable DHE\n");
#endif
#ifndef NO_SSL2
#ifndef OPENSSL_NO_SSL2
fprintf(stderr," -ssl2 - use SSLv2\n");
#endif
#ifndef NO_SSL3
#ifndef OPENSSL_NO_SSL3
fprintf(stderr," -ssl3 - use SSLv3\n");
#endif
#ifndef NO_TLS1
#ifndef OPENSSL_NO_TLS1
fprintf(stderr," -tls1 - use TLSv1\n");
#endif
fprintf(stderr," -CApath arg - PEM format directory of CA's\n");
@@ -230,7 +230,7 @@ static void print_details(SSL *c_ssl, const char *prefix)
{
if (0)
;
#ifndef NO_RSA
#ifndef OPENSSL_NO_RSA
else if (pkey->type == EVP_PKEY_RSA && pkey->pkey.rsa != NULL
&& pkey->pkey.rsa->n != NULL)
{
@@ -238,7 +238,7 @@ static void print_details(SSL *c_ssl, const char *prefix)
BN_num_bits(pkey->pkey.rsa->n));
}
#endif
#ifndef NO_DSA
#ifndef OPENSSL_NO_DSA
else if (pkey->type == EVP_PKEY_DSA && pkey->pkey.dsa != NULL
&& pkey->pkey.dsa->p != NULL)
{
@@ -337,7 +337,7 @@ int main(int argc, char *argv[])
SSL *c_ssl,*s_ssl;
int number=1,reuse=0;
long bytes=1L;
#ifndef NO_DH
#ifndef OPENSSL_NO_DH
DH *dh;
int dhe1024 = 0, dhe1024dsa = 0;
#endif
@@ -375,7 +375,7 @@ int main(int argc, char *argv[])
debug=1;
else if (strcmp(*argv,"-reuse") == 0)
reuse=1;
#ifndef NO_DH
#ifndef OPENSSL_NO_DH
else if (strcmp(*argv,"-dhe1024") == 0)
dhe1024=1;
else if (strcmp(*argv,"-dhe1024dsa") == 0)
@@ -527,7 +527,7 @@ bad:
}
}
#if !defined(NO_SSL2) && !defined(NO_SSL3)
#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
if (ssl2)
meth=SSLv2_method();
else
@@ -539,7 +539,7 @@ bad:
else
meth=SSLv23_method();
#else
#ifdef NO_SSL2
#ifdef OPENSSL_NO_SSL2
meth=SSLv3_method();
#else
meth=SSLv2_method();
@@ -560,7 +560,7 @@ bad:
SSL_CTX_set_cipher_list(s_ctx,cipher);
}
#ifndef NO_DH
#ifndef OPENSSL_NO_DH
if (!no_dhe)
{
if (dhe1024dsa)
@@ -580,7 +580,7 @@ bad:
(void)no_dhe;
#endif
#ifndef NO_RSA
#ifndef OPENSSL_NO_RSA
SSL_CTX_set_tmp_rsa_callback(s_ctx,tmp_rsa_cb);
#endif
@@ -636,7 +636,7 @@ bad:
c_ssl=SSL_new(c_ctx);
s_ssl=SSL_new(s_ctx);
#ifndef NO_KRB5
#ifndef OPENSSL_NO_KRB5
if (c_ssl && c_ssl->kssl_ctx)
{
char localhost[257];
@@ -647,7 +647,7 @@ bad:
localhost);
}
}
#endif /* NO_KRB5 */
#endif /* OPENSSL_NO_KRB5 */
for (i=0; i<number; i++)
{
@@ -695,7 +695,7 @@ end:
if (bio_stdout != NULL) BIO_free(bio_stdout);
#ifndef NO_RSA
#ifndef OPENSSL_NO_RSA
free_tmp_rsa();
#endif
ERR_free_strings();
@@ -1411,7 +1411,7 @@ static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
return(ok);
}
#ifndef NO_RSA
#ifndef OPENSSL_NO_RSA
static RSA *rsa_tmp=NULL;
static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength)
@@ -1437,7 +1437,7 @@ static void free_tmp_rsa(void)
}
#endif
#ifndef NO_DH
#ifndef OPENSSL_NO_DH
/* These DH parameters have been generated as follows:
* $ openssl dhparam -C -noout 512
* $ openssl dhparam -C -noout 1024