Fix gcc 4.6 warnings. Check TLS server hello extension length.
This commit is contained in:
Ben Laurie
parent
22872a5363
commit
d886975835
@ -351,13 +351,12 @@ void program_name(char *in, char *out, int size)
|
|||||||
|
|
||||||
int chopup_args(ARGS *arg, char *buf, int *argc, char **argv[])
|
int chopup_args(ARGS *arg, char *buf, int *argc, char **argv[])
|
||||||
{
|
{
|
||||||
int num,len,i;
|
int num,i;
|
||||||
char *p;
|
char *p;
|
||||||
|
|
||||||
*argc=0;
|
*argc=0;
|
||||||
*argv=NULL;
|
*argv=NULL;
|
||||||
|
|
||||||
len=strlen(buf);
|
|
||||||
i=0;
|
i=0;
|
||||||
if (arg->count == 0)
|
if (arg->count == 0)
|
||||||
{
|
{
|
||||||
|
|||||||
@ -88,9 +88,6 @@ int MAIN(int, char **);
|
|||||||
|
|
||||||
int MAIN(int argc, char **argv)
|
int MAIN(int argc, char **argv)
|
||||||
{
|
{
|
||||||
#ifndef OPENSSL_NO_ENGINE
|
|
||||||
ENGINE *e = NULL;
|
|
||||||
#endif
|
|
||||||
DH *dh=NULL;
|
DH *dh=NULL;
|
||||||
int i,badops=0,text=0;
|
int i,badops=0,text=0;
|
||||||
BIO *in=NULL,*out=NULL;
|
BIO *in=NULL,*out=NULL;
|
||||||
@ -189,7 +186,7 @@ bad:
|
|||||||
ERR_load_crypto_strings();
|
ERR_load_crypto_strings();
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_ENGINE
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
e = setup_engine(bio_err, engine, 0);
|
setup_engine(bio_err, engine, 0);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
in=BIO_new(BIO_s_file());
|
in=BIO_new(BIO_s_file());
|
||||||
|
|||||||
@ -149,9 +149,6 @@ int MAIN(int, char **);
|
|||||||
|
|
||||||
int MAIN(int argc, char **argv)
|
int MAIN(int argc, char **argv)
|
||||||
{
|
{
|
||||||
#ifndef OPENSSL_NO_ENGINE
|
|
||||||
ENGINE *e = NULL;
|
|
||||||
#endif
|
|
||||||
DH *dh=NULL;
|
DH *dh=NULL;
|
||||||
int i,badops=0,text=0;
|
int i,badops=0,text=0;
|
||||||
#ifndef OPENSSL_NO_DSA
|
#ifndef OPENSSL_NO_DSA
|
||||||
@ -270,7 +267,7 @@ bad:
|
|||||||
ERR_load_crypto_strings();
|
ERR_load_crypto_strings();
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_ENGINE
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
e = setup_engine(bio_err, engine, 0);
|
setup_engine(bio_err, engine, 0);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
if (g && !num)
|
if (g && !num)
|
||||||
|
|||||||
@ -111,9 +111,6 @@ int MAIN(int, char **);
|
|||||||
|
|
||||||
int MAIN(int argc, char **argv)
|
int MAIN(int argc, char **argv)
|
||||||
{
|
{
|
||||||
#ifndef OPENSSL_NO_ENGINE
|
|
||||||
ENGINE *e = NULL;
|
|
||||||
#endif
|
|
||||||
DSA *dsa=NULL;
|
DSA *dsa=NULL;
|
||||||
int i,badops=0,text=0;
|
int i,badops=0,text=0;
|
||||||
BIO *in=NULL,*out=NULL;
|
BIO *in=NULL,*out=NULL;
|
||||||
@ -278,7 +275,7 @@ bad:
|
|||||||
}
|
}
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_ENGINE
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
e = setup_engine(bio_err, engine, 0);
|
setup_engine(bio_err, engine, 0);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
if (need_rand)
|
if (need_rand)
|
||||||
@ -357,12 +354,10 @@ bad:
|
|||||||
if (C)
|
if (C)
|
||||||
{
|
{
|
||||||
unsigned char *data;
|
unsigned char *data;
|
||||||
int l,len,bits_p,bits_q,bits_g;
|
int l,len,bits_p;
|
||||||
|
|
||||||
len=BN_num_bytes(dsa->p);
|
len=BN_num_bytes(dsa->p);
|
||||||
bits_p=BN_num_bits(dsa->p);
|
bits_p=BN_num_bits(dsa->p);
|
||||||
bits_q=BN_num_bits(dsa->q);
|
|
||||||
bits_g=BN_num_bits(dsa->g);
|
|
||||||
data=(unsigned char *)OPENSSL_malloc(len+20);
|
data=(unsigned char *)OPENSSL_malloc(len+20);
|
||||||
if (data == NULL)
|
if (data == NULL)
|
||||||
{
|
{
|
||||||
|
|||||||
@ -85,9 +85,6 @@ int MAIN(int, char **);
|
|||||||
|
|
||||||
int MAIN(int argc, char **argv)
|
int MAIN(int argc, char **argv)
|
||||||
{
|
{
|
||||||
#ifndef OPENSSL_NO_ENGINE
|
|
||||||
ENGINE *e = NULL;
|
|
||||||
#endif
|
|
||||||
int ret = 1;
|
int ret = 1;
|
||||||
EC_KEY *eckey = NULL;
|
EC_KEY *eckey = NULL;
|
||||||
const EC_GROUP *group;
|
const EC_GROUP *group;
|
||||||
@ -254,7 +251,7 @@ bad:
|
|||||||
ERR_load_crypto_strings();
|
ERR_load_crypto_strings();
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_ENGINE
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
e = setup_engine(bio_err, engine, 0);
|
setup_engine(bio_err, engine, 0);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
if(!app_passwd(bio_err, passargin, passargout, &passin, &passout))
|
if(!app_passwd(bio_err, passargin, passargout, &passin, &passout))
|
||||||
|
|||||||
@ -129,9 +129,6 @@ int MAIN(int argc, char **argv)
|
|||||||
char *infile = NULL, *outfile = NULL, *prog;
|
char *infile = NULL, *outfile = NULL, *prog;
|
||||||
BIO *in = NULL, *out = NULL;
|
BIO *in = NULL, *out = NULL;
|
||||||
int informat, outformat, noout = 0, C = 0, ret = 1;
|
int informat, outformat, noout = 0, C = 0, ret = 1;
|
||||||
#ifndef OPENSSL_NO_ENGINE
|
|
||||||
ENGINE *e = NULL;
|
|
||||||
#endif
|
|
||||||
char *engine = NULL;
|
char *engine = NULL;
|
||||||
|
|
||||||
BIGNUM *ec_p = NULL, *ec_a = NULL, *ec_b = NULL,
|
BIGNUM *ec_p = NULL, *ec_a = NULL, *ec_b = NULL,
|
||||||
@ -340,7 +337,7 @@ bad:
|
|||||||
}
|
}
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_ENGINE
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
e = setup_engine(bio_err, engine, 0);
|
setup_engine(bio_err, engine, 0);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
if (list_curves)
|
if (list_curves)
|
||||||
|
|||||||
@ -100,9 +100,6 @@ int MAIN(int, char **);
|
|||||||
|
|
||||||
int MAIN(int argc, char **argv)
|
int MAIN(int argc, char **argv)
|
||||||
{
|
{
|
||||||
#ifndef OPENSSL_NO_ENGINE
|
|
||||||
ENGINE *e = NULL;
|
|
||||||
#endif
|
|
||||||
static const char magic[]="Salted__";
|
static const char magic[]="Salted__";
|
||||||
char mbuf[sizeof magic-1];
|
char mbuf[sizeof magic-1];
|
||||||
char *strbuf=NULL;
|
char *strbuf=NULL;
|
||||||
@ -311,7 +308,7 @@ bad:
|
|||||||
}
|
}
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_ENGINE
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
e = setup_engine(bio_err, engine, 0);
|
setup_engine(bio_err, engine, 0);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
if (md && (dgst=EVP_get_digestbyname(md)) == NULL)
|
if (md && (dgst=EVP_get_digestbyname(md)) == NULL)
|
||||||
|
|||||||
@ -89,9 +89,6 @@ int MAIN(int, char **);
|
|||||||
int MAIN(int argc, char **argv)
|
int MAIN(int argc, char **argv)
|
||||||
{
|
{
|
||||||
BN_GENCB cb;
|
BN_GENCB cb;
|
||||||
#ifndef OPENSSL_NO_ENGINE
|
|
||||||
ENGINE *e = NULL;
|
|
||||||
#endif
|
|
||||||
DH *dh=NULL;
|
DH *dh=NULL;
|
||||||
int ret=1,num=DEFBITS;
|
int ret=1,num=DEFBITS;
|
||||||
int g=2;
|
int g=2;
|
||||||
@ -163,7 +160,7 @@ bad:
|
|||||||
}
|
}
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_ENGINE
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
e = setup_engine(bio_err, engine, 0);
|
setup_engine(bio_err, engine, 0);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
out=BIO_new(BIO_s_file());
|
out=BIO_new(BIO_s_file());
|
||||||
|
|||||||
@ -78,9 +78,6 @@ int MAIN(int, char **);
|
|||||||
|
|
||||||
int MAIN(int argc, char **argv)
|
int MAIN(int argc, char **argv)
|
||||||
{
|
{
|
||||||
#ifndef OPENSSL_NO_ENGINE
|
|
||||||
ENGINE *e = NULL;
|
|
||||||
#endif
|
|
||||||
DSA *dsa=NULL;
|
DSA *dsa=NULL;
|
||||||
int ret=1;
|
int ret=1;
|
||||||
char *outfile=NULL;
|
char *outfile=NULL;
|
||||||
@ -206,7 +203,7 @@ bad:
|
|||||||
}
|
}
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_ENGINE
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
e = setup_engine(bio_err, engine, 0);
|
setup_engine(bio_err, engine, 0);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
if(!app_passwd(bio_err, NULL, passargout, NULL, &passout)) {
|
if(!app_passwd(bio_err, NULL, passargout, NULL, &passout)) {
|
||||||
|
|||||||
@ -89,9 +89,6 @@ int MAIN(int, char **);
|
|||||||
int MAIN(int argc, char **argv)
|
int MAIN(int argc, char **argv)
|
||||||
{
|
{
|
||||||
BN_GENCB cb;
|
BN_GENCB cb;
|
||||||
#ifndef OPENSSL_NO_ENGINE
|
|
||||||
ENGINE *e = NULL;
|
|
||||||
#endif
|
|
||||||
int ret=1;
|
int ret=1;
|
||||||
int i,num=DEFBITS;
|
int i,num=DEFBITS;
|
||||||
long l;
|
long l;
|
||||||
@ -235,7 +232,7 @@ bad:
|
|||||||
}
|
}
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_ENGINE
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
e = setup_engine(bio_err, engine, 0);
|
setup_engine(bio_err, engine, 0);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
if (outfile == NULL)
|
if (outfile == NULL)
|
||||||
|
|||||||
@ -82,9 +82,6 @@ int MAIN(int, char **);
|
|||||||
|
|
||||||
int MAIN(int argc, char **argv)
|
int MAIN(int argc, char **argv)
|
||||||
{
|
{
|
||||||
#ifndef OPENSSL_NO_ENGINE
|
|
||||||
ENGINE *e = NULL;
|
|
||||||
#endif
|
|
||||||
PKCS7 *p7=NULL;
|
PKCS7 *p7=NULL;
|
||||||
int i,badops=0;
|
int i,badops=0;
|
||||||
BIO *in=NULL,*out=NULL;
|
BIO *in=NULL,*out=NULL;
|
||||||
@ -180,7 +177,7 @@ bad:
|
|||||||
ERR_load_crypto_strings();
|
ERR_load_crypto_strings();
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_ENGINE
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
e = setup_engine(bio_err, engine, 0);
|
setup_engine(bio_err, engine, 0);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
in=BIO_new(BIO_s_file());
|
in=BIO_new(BIO_s_file());
|
||||||
|
|||||||
@ -77,9 +77,6 @@ int MAIN(int, char **);
|
|||||||
|
|
||||||
int MAIN(int argc, char **argv)
|
int MAIN(int argc, char **argv)
|
||||||
{
|
{
|
||||||
#ifndef OPENSSL_NO_ENGINE
|
|
||||||
ENGINE *e = NULL;
|
|
||||||
#endif
|
|
||||||
int i, r, ret = 1;
|
int i, r, ret = 1;
|
||||||
int badopt;
|
int badopt;
|
||||||
char *outfile = NULL;
|
char *outfile = NULL;
|
||||||
@ -178,7 +175,7 @@ int MAIN(int argc, char **argv)
|
|||||||
}
|
}
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_ENGINE
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
e = setup_engine(bio_err, engine, 0);
|
setup_engine(bio_err, engine, 0);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
app_RAND_load_file(NULL, bio_err, (inrand != NULL));
|
app_RAND_load_file(NULL, bio_err, (inrand != NULL));
|
||||||
|
|||||||
@ -2075,12 +2075,14 @@ static int www_body(char *hostname, int s, unsigned char *context)
|
|||||||
{
|
{
|
||||||
char *buf=NULL;
|
char *buf=NULL;
|
||||||
int ret=1;
|
int ret=1;
|
||||||
int i,j,k,blank,dot;
|
int i,j,k,dot;
|
||||||
struct stat st_buf;
|
struct stat st_buf;
|
||||||
SSL *con;
|
SSL *con;
|
||||||
SSL_CIPHER *c;
|
SSL_CIPHER *c;
|
||||||
BIO *io,*ssl_bio,*sbio;
|
BIO *io,*ssl_bio,*sbio;
|
||||||
|
#ifdef RENEG
|
||||||
long total_bytes;
|
long total_bytes;
|
||||||
|
#endif
|
||||||
|
|
||||||
buf=OPENSSL_malloc(bufsize);
|
buf=OPENSSL_malloc(bufsize);
|
||||||
if (buf == NULL) return(0);
|
if (buf == NULL) return(0);
|
||||||
@ -2151,7 +2153,6 @@ static int www_body(char *hostname, int s, unsigned char *context)
|
|||||||
SSL_set_msg_callback_arg(con, bio_s_out);
|
SSL_set_msg_callback_arg(con, bio_s_out);
|
||||||
}
|
}
|
||||||
|
|
||||||
blank=0;
|
|
||||||
for (;;)
|
for (;;)
|
||||||
{
|
{
|
||||||
if (hack)
|
if (hack)
|
||||||
@ -2388,7 +2389,9 @@ static int www_body(char *hostname, int s, unsigned char *context)
|
|||||||
BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n");
|
BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n");
|
||||||
}
|
}
|
||||||
/* send the file */
|
/* send the file */
|
||||||
|
#ifdef RENEG
|
||||||
total_bytes=0;
|
total_bytes=0;
|
||||||
|
#endif
|
||||||
for (;;)
|
for (;;)
|
||||||
{
|
{
|
||||||
i=BIO_read(file,buf,bufsize);
|
i=BIO_read(file,buf,bufsize);
|
||||||
|
|||||||
@ -329,7 +329,7 @@ static int init_server_long(int *sock, int port, char *ip, int type)
|
|||||||
{
|
{
|
||||||
int ret=0;
|
int ret=0;
|
||||||
struct sockaddr_in server;
|
struct sockaddr_in server;
|
||||||
int s= -1,i;
|
int s= -1;
|
||||||
|
|
||||||
if (!ssl_sock_init()) return(0);
|
if (!ssl_sock_init()) return(0);
|
||||||
|
|
||||||
@ -368,7 +368,6 @@ static int init_server_long(int *sock, int port, char *ip, int type)
|
|||||||
}
|
}
|
||||||
/* Make it 128 for linux */
|
/* Make it 128 for linux */
|
||||||
if (type==SOCK_STREAM && listen(s,128) == -1) goto err;
|
if (type==SOCK_STREAM && listen(s,128) == -1) goto err;
|
||||||
i=0;
|
|
||||||
*sock=s;
|
*sock=s;
|
||||||
ret=1;
|
ret=1;
|
||||||
err:
|
err:
|
||||||
@ -386,7 +385,7 @@ static int init_server(int *sock, int port, int type)
|
|||||||
|
|
||||||
static int do_accept(int acc_sock, int *sock, char **host)
|
static int do_accept(int acc_sock, int *sock, char **host)
|
||||||
{
|
{
|
||||||
int ret,i;
|
int ret;
|
||||||
struct hostent *h1,*h2;
|
struct hostent *h1,*h2;
|
||||||
static struct sockaddr_in from;
|
static struct sockaddr_in from;
|
||||||
int len;
|
int len;
|
||||||
@ -463,7 +462,6 @@ redoit:
|
|||||||
BIO_printf(bio_err,"gethostbyname failure\n");
|
BIO_printf(bio_err,"gethostbyname failure\n");
|
||||||
return(0);
|
return(0);
|
||||||
}
|
}
|
||||||
i=0;
|
|
||||||
if (h2->h_addrtype != AF_INET)
|
if (h2->h_addrtype != AF_INET)
|
||||||
{
|
{
|
||||||
BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
|
BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
|
||||||
|
|||||||
@ -500,9 +500,6 @@ int MAIN(int, char **);
|
|||||||
|
|
||||||
int MAIN(int argc, char **argv)
|
int MAIN(int argc, char **argv)
|
||||||
{
|
{
|
||||||
#ifndef OPENSSL_NO_ENGINE
|
|
||||||
ENGINE *e = NULL;
|
|
||||||
#endif
|
|
||||||
unsigned char *buf=NULL,*buf2=NULL;
|
unsigned char *buf=NULL,*buf2=NULL;
|
||||||
int mret=1;
|
int mret=1;
|
||||||
long count=0,save_count=0;
|
long count=0,save_count=0;
|
||||||
@ -593,7 +590,6 @@ int MAIN(int argc, char **argv)
|
|||||||
unsigned char DES_iv[8];
|
unsigned char DES_iv[8];
|
||||||
unsigned char iv[2*MAX_BLOCK_SIZE/8];
|
unsigned char iv[2*MAX_BLOCK_SIZE/8];
|
||||||
#ifndef OPENSSL_NO_DES
|
#ifndef OPENSSL_NO_DES
|
||||||
DES_cblock *buf_as_des_cblock = NULL;
|
|
||||||
static DES_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0};
|
static DES_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0};
|
||||||
static DES_cblock key2={0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12};
|
static DES_cblock key2={0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12};
|
||||||
static DES_cblock key3={0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34};
|
static DES_cblock key3={0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34};
|
||||||
@ -806,9 +802,6 @@ int MAIN(int argc, char **argv)
|
|||||||
BIO_printf(bio_err,"out of memory\n");
|
BIO_printf(bio_err,"out of memory\n");
|
||||||
goto end;
|
goto end;
|
||||||
}
|
}
|
||||||
#ifndef OPENSSL_NO_DES
|
|
||||||
buf_as_des_cblock = (DES_cblock *)buf;
|
|
||||||
#endif
|
|
||||||
if ((buf2=(unsigned char *)OPENSSL_malloc((int)BUFSIZE)) == NULL)
|
if ((buf2=(unsigned char *)OPENSSL_malloc((int)BUFSIZE)) == NULL)
|
||||||
{
|
{
|
||||||
BIO_printf(bio_err,"out of memory\n");
|
BIO_printf(bio_err,"out of memory\n");
|
||||||
@ -883,7 +876,7 @@ int MAIN(int argc, char **argv)
|
|||||||
BIO_printf(bio_err,"no engine given\n");
|
BIO_printf(bio_err,"no engine given\n");
|
||||||
goto end;
|
goto end;
|
||||||
}
|
}
|
||||||
e = setup_engine(bio_err, *argv, 0);
|
setup_engine(bio_err, *argv, 0);
|
||||||
/* j will be increased again further down. We just
|
/* j will be increased again further down. We just
|
||||||
don't want speed to confuse an engine with an
|
don't want speed to confuse an engine with an
|
||||||
algorithm, especially when none is given (which
|
algorithm, especially when none is given (which
|
||||||
|
|||||||
@ -539,7 +539,6 @@ bad:
|
|||||||
if (reqfile)
|
if (reqfile)
|
||||||
{
|
{
|
||||||
EVP_PKEY *pkey;
|
EVP_PKEY *pkey;
|
||||||
X509_CINF *ci;
|
|
||||||
BIO *in;
|
BIO *in;
|
||||||
|
|
||||||
if (!sign_flag && !CA_flag)
|
if (!sign_flag && !CA_flag)
|
||||||
@ -607,7 +606,6 @@ bad:
|
|||||||
print_name(bio_err, "subject=", X509_REQ_get_subject_name(req), nmflag);
|
print_name(bio_err, "subject=", X509_REQ_get_subject_name(req), nmflag);
|
||||||
|
|
||||||
if ((x=X509_new()) == NULL) goto end;
|
if ((x=X509_new()) == NULL) goto end;
|
||||||
ci=x->cert_info;
|
|
||||||
|
|
||||||
if (sno == NULL)
|
if (sno == NULL)
|
||||||
{
|
{
|
||||||
|
|||||||
@ -273,7 +273,7 @@ ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp,
|
|||||||
{
|
{
|
||||||
ASN1_INTEGER *ret=NULL;
|
ASN1_INTEGER *ret=NULL;
|
||||||
const unsigned char *p;
|
const unsigned char *p;
|
||||||
unsigned char *to,*s;
|
unsigned char *s;
|
||||||
long len;
|
long len;
|
||||||
int inf,tag,xclass;
|
int inf,tag,xclass;
|
||||||
int i;
|
int i;
|
||||||
@ -308,7 +308,6 @@ ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp,
|
|||||||
i=ERR_R_MALLOC_FAILURE;
|
i=ERR_R_MALLOC_FAILURE;
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
to=s;
|
|
||||||
ret->type=V_ASN1_INTEGER;
|
ret->type=V_ASN1_INTEGER;
|
||||||
if(len) {
|
if(len) {
|
||||||
if ((*p == 0) && (len != 1))
|
if ((*p == 0) && (len != 1))
|
||||||
|
|||||||
@ -242,7 +242,7 @@ RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length,
|
|||||||
int sgckey)
|
int sgckey)
|
||||||
{
|
{
|
||||||
RSA *ret=NULL;
|
RSA *ret=NULL;
|
||||||
const unsigned char *p, *kp;
|
const unsigned char *p;
|
||||||
NETSCAPE_ENCRYPTED_PKEY *enckey = NULL;
|
NETSCAPE_ENCRYPTED_PKEY *enckey = NULL;
|
||||||
|
|
||||||
p = *pp;
|
p = *pp;
|
||||||
@ -265,7 +265,6 @@ RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length,
|
|||||||
ASN1err(ASN1_F_D2I_RSA_NET,ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM);
|
ASN1err(ASN1_F_D2I_RSA_NET,ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
kp = enckey->enckey->digest->data;
|
|
||||||
if (cb == NULL)
|
if (cb == NULL)
|
||||||
cb=EVP_read_pw_string;
|
cb=EVP_read_pw_string;
|
||||||
if ((ret=d2i_RSA_NET_2(a, enckey->enckey->digest,cb, sgckey)) == NULL) goto err;
|
if ((ret=d2i_RSA_NET_2(a, enckey->enckey->digest,cb, sgckey)) == NULL) goto err;
|
||||||
|
|||||||
@ -87,7 +87,7 @@ int X509_CRL_print(BIO *out, X509_CRL *x)
|
|||||||
STACK_OF(X509_REVOKED) *rev;
|
STACK_OF(X509_REVOKED) *rev;
|
||||||
X509_REVOKED *r;
|
X509_REVOKED *r;
|
||||||
long l;
|
long l;
|
||||||
int i, n;
|
int i;
|
||||||
char *p;
|
char *p;
|
||||||
|
|
||||||
BIO_printf(out, "Certificate Revocation List (CRL):\n");
|
BIO_printf(out, "Certificate Revocation List (CRL):\n");
|
||||||
@ -107,7 +107,6 @@ int X509_CRL_print(BIO *out, X509_CRL *x)
|
|||||||
else BIO_printf(out,"NONE");
|
else BIO_printf(out,"NONE");
|
||||||
BIO_printf(out,"\n");
|
BIO_printf(out,"\n");
|
||||||
|
|
||||||
n=X509_CRL_get_ext_count(x);
|
|
||||||
X509V3_extensions_print(out, "CRL extensions",
|
X509V3_extensions_print(out, "CRL extensions",
|
||||||
x->crl->extensions, 0, 8);
|
x->crl->extensions, 0, 8);
|
||||||
|
|
||||||
|
|||||||
@ -166,7 +166,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
|
|||||||
int i;
|
int i;
|
||||||
int otag;
|
int otag;
|
||||||
int ret = 0;
|
int ret = 0;
|
||||||
ASN1_VALUE *pchval, **pchptr, *ptmpval;
|
ASN1_VALUE **pchptr, *ptmpval;
|
||||||
if (!pval)
|
if (!pval)
|
||||||
return 0;
|
return 0;
|
||||||
if (aux && aux->asn1_cb)
|
if (aux && aux->asn1_cb)
|
||||||
@ -317,7 +317,6 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
|
|||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
/* CHOICE type, try each possibility in turn */
|
/* CHOICE type, try each possibility in turn */
|
||||||
pchval = NULL;
|
|
||||||
p = *in;
|
p = *in;
|
||||||
for (i = 0, tt=it->templates; i < it->tcount; i++, tt++)
|
for (i = 0, tt=it->templates; i < it->tcount; i++, tt++)
|
||||||
{
|
{
|
||||||
|
|||||||
@ -125,7 +125,6 @@ static int nbiof_free(BIO *a)
|
|||||||
|
|
||||||
static int nbiof_read(BIO *b, char *out, int outl)
|
static int nbiof_read(BIO *b, char *out, int outl)
|
||||||
{
|
{
|
||||||
NBIO_TEST *nt;
|
|
||||||
int ret=0;
|
int ret=0;
|
||||||
#if 1
|
#if 1
|
||||||
int num;
|
int num;
|
||||||
@ -134,7 +133,6 @@ static int nbiof_read(BIO *b, char *out, int outl)
|
|||||||
|
|
||||||
if (out == NULL) return(0);
|
if (out == NULL) return(0);
|
||||||
if (b->next_bio == NULL) return(0);
|
if (b->next_bio == NULL) return(0);
|
||||||
nt=(NBIO_TEST *)b->ptr;
|
|
||||||
|
|
||||||
BIO_clear_retry_flags(b);
|
BIO_clear_retry_flags(b);
|
||||||
#if 1
|
#if 1
|
||||||
|
|||||||
@ -110,7 +110,7 @@ int BIO_set(BIO *bio, BIO_METHOD *method)
|
|||||||
|
|
||||||
int BIO_free(BIO *a)
|
int BIO_free(BIO *a)
|
||||||
{
|
{
|
||||||
int ret=0,i;
|
int i;
|
||||||
|
|
||||||
if (a == NULL) return(0);
|
if (a == NULL) return(0);
|
||||||
|
|
||||||
@ -133,7 +133,7 @@ int BIO_free(BIO *a)
|
|||||||
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_BIO, a, &a->ex_data);
|
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_BIO, a, &a->ex_data);
|
||||||
|
|
||||||
if ((a->method == NULL) || (a->method->destroy == NULL)) return(1);
|
if ((a->method == NULL) || (a->method->destroy == NULL)) return(1);
|
||||||
ret=a->method->destroy(a);
|
a->method->destroy(a);
|
||||||
OPENSSL_free(a);
|
OPENSSL_free(a);
|
||||||
return(1);
|
return(1);
|
||||||
}
|
}
|
||||||
|
|||||||
@ -340,7 +340,6 @@ static int acpt_write(BIO *b, const char *in, int inl)
|
|||||||
|
|
||||||
static long acpt_ctrl(BIO *b, int cmd, long num, void *ptr)
|
static long acpt_ctrl(BIO *b, int cmd, long num, void *ptr)
|
||||||
{
|
{
|
||||||
BIO *dbio;
|
|
||||||
int *ip;
|
int *ip;
|
||||||
long ret=1;
|
long ret=1;
|
||||||
BIO_ACCEPT *data;
|
BIO_ACCEPT *data;
|
||||||
@ -437,8 +436,8 @@ static long acpt_ctrl(BIO *b, int cmd, long num, void *ptr)
|
|||||||
ret=(long)data->bind_mode;
|
ret=(long)data->bind_mode;
|
||||||
break;
|
break;
|
||||||
case BIO_CTRL_DUP:
|
case BIO_CTRL_DUP:
|
||||||
dbio=(BIO *)ptr;
|
/* dbio=(BIO *)ptr;
|
||||||
/* if (data->param_port) EAY EAY
|
if (data->param_port) EAY EAY
|
||||||
BIO_set_port(dbio,data->param_port);
|
BIO_set_port(dbio,data->param_port);
|
||||||
if (data->param_hostname)
|
if (data->param_hostname)
|
||||||
BIO_set_hostname(dbio,data->param_hostname);
|
BIO_set_hostname(dbio,data->param_hostname);
|
||||||
|
|||||||
@ -551,7 +551,7 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
|
|||||||
int tna, int tnb, BN_ULONG *t)
|
int tna, int tnb, BN_ULONG *t)
|
||||||
{
|
{
|
||||||
int i,j,n2=n*2;
|
int i,j,n2=n*2;
|
||||||
int c1,c2,neg,zero;
|
int c1,c2,neg;
|
||||||
BN_ULONG ln,lo,*p;
|
BN_ULONG ln,lo,*p;
|
||||||
|
|
||||||
# ifdef BN_COUNT
|
# ifdef BN_COUNT
|
||||||
@ -567,7 +567,7 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
|
|||||||
/* r=(a[0]-a[1])*(b[1]-b[0]) */
|
/* r=(a[0]-a[1])*(b[1]-b[0]) */
|
||||||
c1=bn_cmp_part_words(a,&(a[n]),tna,n-tna);
|
c1=bn_cmp_part_words(a,&(a[n]),tna,n-tna);
|
||||||
c2=bn_cmp_part_words(&(b[n]),b,tnb,tnb-n);
|
c2=bn_cmp_part_words(&(b[n]),b,tnb,tnb-n);
|
||||||
zero=neg=0;
|
neg=0;
|
||||||
switch (c1*3+c2)
|
switch (c1*3+c2)
|
||||||
{
|
{
|
||||||
case -4:
|
case -4:
|
||||||
@ -575,7 +575,6 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
|
|||||||
bn_sub_part_words(&(t[n]),b, &(b[n]),tnb,n-tnb); /* - */
|
bn_sub_part_words(&(t[n]),b, &(b[n]),tnb,n-tnb); /* - */
|
||||||
break;
|
break;
|
||||||
case -3:
|
case -3:
|
||||||
zero=1;
|
|
||||||
/* break; */
|
/* break; */
|
||||||
case -2:
|
case -2:
|
||||||
bn_sub_part_words(t, &(a[n]),a, tna,tna-n); /* - */
|
bn_sub_part_words(t, &(a[n]),a, tna,tna-n); /* - */
|
||||||
@ -585,7 +584,6 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
|
|||||||
case -1:
|
case -1:
|
||||||
case 0:
|
case 0:
|
||||||
case 1:
|
case 1:
|
||||||
zero=1;
|
|
||||||
/* break; */
|
/* break; */
|
||||||
case 2:
|
case 2:
|
||||||
bn_sub_part_words(t, a, &(a[n]),tna,n-tna); /* + */
|
bn_sub_part_words(t, a, &(a[n]),tna,n-tna); /* + */
|
||||||
@ -593,7 +591,6 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
|
|||||||
neg=1;
|
neg=1;
|
||||||
break;
|
break;
|
||||||
case 3:
|
case 3:
|
||||||
zero=1;
|
|
||||||
/* break; */
|
/* break; */
|
||||||
case 4:
|
case 4:
|
||||||
bn_sub_part_words(t, a, &(a[n]),tna,n-tna);
|
bn_sub_part_words(t, a, &(a[n]),tna,n-tna);
|
||||||
@ -1012,7 +1009,6 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
|
|||||||
{
|
{
|
||||||
if (i >= -1 && i <= 1)
|
if (i >= -1 && i <= 1)
|
||||||
{
|
{
|
||||||
int sav_j =0;
|
|
||||||
/* Find out the power of two lower or equal
|
/* Find out the power of two lower or equal
|
||||||
to the longest of the two numbers */
|
to the longest of the two numbers */
|
||||||
if (i >= 0)
|
if (i >= 0)
|
||||||
@ -1023,7 +1019,6 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
|
|||||||
{
|
{
|
||||||
j = BN_num_bits_word((BN_ULONG)bl);
|
j = BN_num_bits_word((BN_ULONG)bl);
|
||||||
}
|
}
|
||||||
sav_j = j;
|
|
||||||
j = 1<<(j-1);
|
j = 1<<(j-1);
|
||||||
assert(j <= al || j <= bl);
|
assert(j <= al || j <= bl);
|
||||||
k = j+j;
|
k = j+j;
|
||||||
|
|||||||
@ -213,13 +213,14 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
|
|||||||
int bufnum=0,i,ii;
|
int bufnum=0,i,ii;
|
||||||
BUF_MEM *buff=NULL;
|
BUF_MEM *buff=NULL;
|
||||||
char *s,*p,*end;
|
char *s,*p,*end;
|
||||||
int again,n;
|
int again;
|
||||||
long eline=0;
|
long eline=0;
|
||||||
char btmp[DECIMAL_SIZE(eline)+1];
|
char btmp[DECIMAL_SIZE(eline)+1];
|
||||||
CONF_VALUE *v=NULL,*tv;
|
CONF_VALUE *v=NULL,*tv;
|
||||||
CONF_VALUE *sv=NULL;
|
CONF_VALUE *sv=NULL;
|
||||||
char *section=NULL,*buf;
|
char *section=NULL,*buf;
|
||||||
STACK_OF(CONF_VALUE) *section_sk=NULL,*ts;
|
/* STACK_OF(CONF_VALUE) *section_sk=NULL;*/
|
||||||
|
/* STACK_OF(CONF_VALUE) *ts=NULL;*/
|
||||||
char *start,*psection,*pname;
|
char *start,*psection,*pname;
|
||||||
void *h = (void *)(conf->data);
|
void *h = (void *)(conf->data);
|
||||||
|
|
||||||
@ -250,7 +251,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
|
|||||||
CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
|
CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
section_sk=(STACK_OF(CONF_VALUE) *)sv->value;
|
/* section_sk=(STACK_OF(CONF_VALUE) *)sv->value;*/
|
||||||
|
|
||||||
bufnum=0;
|
bufnum=0;
|
||||||
again=0;
|
again=0;
|
||||||
@ -309,7 +310,6 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
|
|||||||
buf=buff->data;
|
buf=buff->data;
|
||||||
|
|
||||||
clear_comments(conf, buf);
|
clear_comments(conf, buf);
|
||||||
n=strlen(buf);
|
|
||||||
s=eat_ws(conf, buf);
|
s=eat_ws(conf, buf);
|
||||||
if (IS_EOF(conf,*s)) continue; /* blank line */
|
if (IS_EOF(conf,*s)) continue; /* blank line */
|
||||||
if (*s == '[')
|
if (*s == '[')
|
||||||
@ -343,7 +343,7 @@ again:
|
|||||||
CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
|
CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
section_sk=(STACK_OF(CONF_VALUE) *)sv->value;
|
/* section_sk=(STACK_OF(CONF_VALUE) *)sv->value;*/
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
@ -406,12 +406,12 @@ again:
|
|||||||
CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
|
CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
ts=(STACK_OF(CONF_VALUE) *)tv->value;
|
/* ts=(STACK_OF(CONF_VALUE) *)tv->value;*/
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
tv=sv;
|
tv=sv;
|
||||||
ts=section_sk;
|
/* ts=section_sk;*/
|
||||||
}
|
}
|
||||||
#if 1
|
#if 1
|
||||||
if (_CONF_add_string(conf, tv, v) == 0)
|
if (_CONF_add_string(conf, tv, v) == 0)
|
||||||
@ -465,9 +465,6 @@ err:
|
|||||||
|
|
||||||
static void clear_comments(CONF *conf, char *p)
|
static void clear_comments(CONF *conf, char *p)
|
||||||
{
|
{
|
||||||
char *to;
|
|
||||||
|
|
||||||
to=p;
|
|
||||||
for (;;)
|
for (;;)
|
||||||
{
|
{
|
||||||
if (IS_FCOMMENT(conf,*p))
|
if (IS_FCOMMENT(conf,*p))
|
||||||
|
|||||||
@ -110,7 +110,7 @@ static int dsa_builtin_paramgen(DSA *ret, int bits,
|
|||||||
BIGNUM *r0,*W,*X,*c,*test;
|
BIGNUM *r0,*W,*X,*c,*test;
|
||||||
BIGNUM *g=NULL,*q=NULL,*p=NULL;
|
BIGNUM *g=NULL,*q=NULL,*p=NULL;
|
||||||
BN_MONT_CTX *mont=NULL;
|
BN_MONT_CTX *mont=NULL;
|
||||||
int k,n=0,i,b,m=0;
|
int k,n=0,i,m=0;
|
||||||
int counter=0;
|
int counter=0;
|
||||||
int r=0;
|
int r=0;
|
||||||
BN_CTX *ctx=NULL;
|
BN_CTX *ctx=NULL;
|
||||||
@ -211,7 +211,6 @@ static int dsa_builtin_paramgen(DSA *ret, int bits,
|
|||||||
/* "offset = 2" */
|
/* "offset = 2" */
|
||||||
|
|
||||||
n=(bits-1)/160;
|
n=(bits-1)/160;
|
||||||
b=(bits-1)-n*160;
|
|
||||||
|
|
||||||
for (;;)
|
for (;;)
|
||||||
{
|
{
|
||||||
|
|||||||
@ -96,7 +96,6 @@ const ECDH_METHOD *ECDH_get_default_method(void)
|
|||||||
|
|
||||||
int ECDH_set_method(EC_KEY *eckey, const ECDH_METHOD *meth)
|
int ECDH_set_method(EC_KEY *eckey, const ECDH_METHOD *meth)
|
||||||
{
|
{
|
||||||
const ECDH_METHOD *mtmp;
|
|
||||||
ECDH_DATA *ecdh;
|
ECDH_DATA *ecdh;
|
||||||
|
|
||||||
ecdh = ecdh_check(eckey);
|
ecdh = ecdh_check(eckey);
|
||||||
@ -104,11 +103,6 @@ int ECDH_set_method(EC_KEY *eckey, const ECDH_METHOD *meth)
|
|||||||
if (ecdh == NULL)
|
if (ecdh == NULL)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
mtmp = ecdh->meth;
|
|
||||||
#if 0
|
|
||||||
if (mtmp->finish)
|
|
||||||
mtmp->finish(eckey);
|
|
||||||
#endif
|
|
||||||
#ifndef OPENSSL_NO_ENGINE
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
if (ecdh->engine)
|
if (ecdh->engine)
|
||||||
{
|
{
|
||||||
|
|||||||
@ -83,7 +83,6 @@ const ECDSA_METHOD *ECDSA_get_default_method(void)
|
|||||||
|
|
||||||
int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth)
|
int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth)
|
||||||
{
|
{
|
||||||
const ECDSA_METHOD *mtmp;
|
|
||||||
ECDSA_DATA *ecdsa;
|
ECDSA_DATA *ecdsa;
|
||||||
|
|
||||||
ecdsa = ecdsa_check(eckey);
|
ecdsa = ecdsa_check(eckey);
|
||||||
@ -91,7 +90,6 @@ int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth)
|
|||||||
if (ecdsa == NULL)
|
if (ecdsa == NULL)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
mtmp = ecdsa->meth;
|
|
||||||
#ifndef OPENSSL_NO_ENGINE
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
if (ecdsa->engine)
|
if (ecdsa->engine)
|
||||||
{
|
{
|
||||||
|
|||||||
@ -235,7 +235,7 @@ void EVP_DecodeInit(EVP_ENCODE_CTX *ctx)
|
|||||||
int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
|
int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
|
||||||
const unsigned char *in, int inl)
|
const unsigned char *in, int inl)
|
||||||
{
|
{
|
||||||
int seof= -1,eof=0,rv= -1,ret=0,i,v,tmp,n,ln,tmp2,exp_nl;
|
int seof= -1,eof=0,rv= -1,ret=0,i,v,tmp,n,ln,exp_nl;
|
||||||
unsigned char *d;
|
unsigned char *d;
|
||||||
|
|
||||||
n=ctx->num;
|
n=ctx->num;
|
||||||
@ -319,7 +319,6 @@ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
|
|||||||
* lines. We process the line and then need to
|
* lines. We process the line and then need to
|
||||||
* accept the '\n' */
|
* accept the '\n' */
|
||||||
if ((v != B64_EOF) && (n >= 64)) exp_nl=1;
|
if ((v != B64_EOF) && (n >= 64)) exp_nl=1;
|
||||||
tmp2=v;
|
|
||||||
if (n > 0)
|
if (n > 0)
|
||||||
{
|
{
|
||||||
v=EVP_DecodeBlock(out,d,n);
|
v=EVP_DecodeBlock(out,d,n);
|
||||||
|
|||||||
@ -130,12 +130,9 @@ void HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len)
|
|||||||
|
|
||||||
void HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len)
|
void HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len)
|
||||||
{
|
{
|
||||||
int j;
|
|
||||||
unsigned int i;
|
unsigned int i;
|
||||||
unsigned char buf[EVP_MAX_MD_SIZE];
|
unsigned char buf[EVP_MAX_MD_SIZE];
|
||||||
|
|
||||||
j=EVP_MD_block_size(ctx->md);
|
|
||||||
|
|
||||||
EVP_DigestFinal_ex(&ctx->md_ctx,buf,&i);
|
EVP_DigestFinal_ex(&ctx->md_ctx,buf,&i);
|
||||||
EVP_MD_CTX_copy_ex(&ctx->md_ctx,&ctx->o_ctx);
|
EVP_MD_CTX_copy_ex(&ctx->md_ctx,&ctx->o_ctx);
|
||||||
EVP_DigestUpdate(&ctx->md_ctx,buf,i);
|
EVP_DigestUpdate(&ctx->md_ctx,buf,i);
|
||||||
|
|||||||
@ -182,7 +182,6 @@ int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE* o, unsigned long flags)
|
|||||||
{
|
{
|
||||||
int i, ret = 0;
|
int i, ret = 0;
|
||||||
long l;
|
long l;
|
||||||
unsigned char *p;
|
|
||||||
OCSP_CERTID *cid = NULL;
|
OCSP_CERTID *cid = NULL;
|
||||||
OCSP_BASICRESP *br = NULL;
|
OCSP_BASICRESP *br = NULL;
|
||||||
OCSP_RESPID *rid = NULL;
|
OCSP_RESPID *rid = NULL;
|
||||||
@ -207,7 +206,6 @@ int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE* o, unsigned long flags)
|
|||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
p = ASN1_STRING_data(rb->response);
|
|
||||||
i = ASN1_STRING_length(rb->response);
|
i = ASN1_STRING_length(rb->response);
|
||||||
if (!(br = OCSP_response_get1_basic(o))) goto err;
|
if (!(br = OCSP_response_get1_basic(o))) goto err;
|
||||||
rd = br->tbsResponseData;
|
rd = br->tbsResponseData;
|
||||||
|
|||||||
@ -434,7 +434,6 @@ int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen,
|
|||||||
|
|
||||||
int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher)
|
int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher)
|
||||||
{
|
{
|
||||||
int o;
|
|
||||||
const EVP_CIPHER *enc=NULL;
|
const EVP_CIPHER *enc=NULL;
|
||||||
char *p,c;
|
char *p,c;
|
||||||
char **header_pp = &header;
|
char **header_pp = &header;
|
||||||
@ -474,7 +473,6 @@ int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher)
|
|||||||
header++;
|
header++;
|
||||||
}
|
}
|
||||||
*header='\0';
|
*header='\0';
|
||||||
o=OBJ_sn2nid(p);
|
|
||||||
cipher->cipher=enc=EVP_get_cipherbyname(p);
|
cipher->cipher=enc=EVP_get_cipherbyname(p);
|
||||||
*header=c;
|
*header=c;
|
||||||
header++;
|
header++;
|
||||||
|
|||||||
@ -342,7 +342,6 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
|
|||||||
X509_ALGOR *enc_alg=NULL;
|
X509_ALGOR *enc_alg=NULL;
|
||||||
STACK_OF(X509_ALGOR) *md_sk=NULL;
|
STACK_OF(X509_ALGOR) *md_sk=NULL;
|
||||||
STACK_OF(PKCS7_RECIP_INFO) *rsk=NULL;
|
STACK_OF(PKCS7_RECIP_INFO) *rsk=NULL;
|
||||||
X509_ALGOR *xalg=NULL;
|
|
||||||
PKCS7_RECIP_INFO *ri=NULL;
|
PKCS7_RECIP_INFO *ri=NULL;
|
||||||
|
|
||||||
i=OBJ_obj2nid(p7->type);
|
i=OBJ_obj2nid(p7->type);
|
||||||
@ -365,7 +364,6 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
|
|||||||
PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
|
PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
xalg=p7->d.signed_and_enveloped->enc_data->algorithm;
|
|
||||||
break;
|
break;
|
||||||
case NID_pkcs7_enveloped:
|
case NID_pkcs7_enveloped:
|
||||||
rsk=p7->d.enveloped->recipientinfo;
|
rsk=p7->d.enveloped->recipientinfo;
|
||||||
@ -377,7 +375,6 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
|
|||||||
PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
|
PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
xalg=p7->d.enveloped->enc_data->algorithm;
|
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
|
PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
|
||||||
|
|||||||
@ -558,7 +558,6 @@ X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si)
|
|||||||
int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher)
|
int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher)
|
||||||
{
|
{
|
||||||
int i;
|
int i;
|
||||||
ASN1_OBJECT *objtmp;
|
|
||||||
PKCS7_ENC_CONTENT *ec;
|
PKCS7_ENC_CONTENT *ec;
|
||||||
|
|
||||||
i=OBJ_obj2nid(p7->type);
|
i=OBJ_obj2nid(p7->type);
|
||||||
@ -581,7 +580,6 @@ int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher)
|
|||||||
PKCS7err(PKCS7_F_PKCS7_SET_CIPHER,PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER);
|
PKCS7err(PKCS7_F_PKCS7_SET_CIPHER,PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER);
|
||||||
return(0);
|
return(0);
|
||||||
}
|
}
|
||||||
objtmp = OBJ_nid2obj(i);
|
|
||||||
|
|
||||||
ec->cipher = cipher;
|
ec->cipher = cipher;
|
||||||
return 1;
|
return 1;
|
||||||
|
|||||||
@ -73,7 +73,6 @@ static int pk7_output_data(BIO *out, BIO *data, ASN1_VALUE *val, int flags,
|
|||||||
{
|
{
|
||||||
PKCS7 *p7 = (PKCS7 *)val;
|
PKCS7 *p7 = (PKCS7 *)val;
|
||||||
BIO *tmpbio, *p7bio;
|
BIO *tmpbio, *p7bio;
|
||||||
int r = 0;
|
|
||||||
|
|
||||||
if (!(flags & SMIME_DETACHED))
|
if (!(flags & SMIME_DETACHED))
|
||||||
{
|
{
|
||||||
@ -95,8 +94,6 @@ static int pk7_output_data(BIO *out, BIO *data, ASN1_VALUE *val, int flags,
|
|||||||
if (PKCS7_dataFinal(p7, p7bio) <= 0)
|
if (PKCS7_dataFinal(p7, p7bio) <= 0)
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
r = 1;
|
|
||||||
|
|
||||||
err:
|
err:
|
||||||
|
|
||||||
/* Now remove any digests prepended to the BIO */
|
/* Now remove any digests prepended to the BIO */
|
||||||
|
|||||||
@ -166,14 +166,13 @@ pqueue_pop(pqueue_s *pq)
|
|||||||
pitem *
|
pitem *
|
||||||
pqueue_find(pqueue_s *pq, PQ_64BIT priority)
|
pqueue_find(pqueue_s *pq, PQ_64BIT priority)
|
||||||
{
|
{
|
||||||
pitem *next, *prev = NULL;
|
pitem *next;
|
||||||
pitem *found = NULL;
|
pitem *found = NULL;
|
||||||
|
|
||||||
if ( pq->items == NULL)
|
if ( pq->items == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
for ( next = pq->items; next->next != NULL;
|
for ( next = pq->items; next->next != NULL; next = next->next)
|
||||||
prev = next, next = next->next)
|
|
||||||
{
|
{
|
||||||
if ( pq_64bit_eq(&(next->priority), &priority))
|
if ( pq_64bit_eq(&(next->priority), &priority))
|
||||||
{
|
{
|
||||||
@ -189,13 +188,6 @@ pqueue_find(pqueue_s *pq, PQ_64BIT priority)
|
|||||||
if ( ! found)
|
if ( ! found)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
#if 0 /* find works in peek mode */
|
|
||||||
if ( prev == NULL)
|
|
||||||
pq->items = next->next;
|
|
||||||
else
|
|
||||||
prev->next = next->next;
|
|
||||||
#endif
|
|
||||||
|
|
||||||
return found;
|
return found;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -265,8 +265,8 @@ err:
|
|||||||
const char *RAND_file_name(char *buf, size_t size)
|
const char *RAND_file_name(char *buf, size_t size)
|
||||||
{
|
{
|
||||||
char *s=NULL;
|
char *s=NULL;
|
||||||
int ok = 0;
|
|
||||||
#ifdef __OpenBSD__
|
#ifdef __OpenBSD__
|
||||||
|
int ok = 0;
|
||||||
struct stat sb;
|
struct stat sb;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
@ -294,7 +294,9 @@ const char *RAND_file_name(char *buf, size_t size)
|
|||||||
BUF_strlcat(buf,"/",size);
|
BUF_strlcat(buf,"/",size);
|
||||||
#endif
|
#endif
|
||||||
BUF_strlcat(buf,RFILE,size);
|
BUF_strlcat(buf,RFILE,size);
|
||||||
|
#ifdef __OpenBSD__
|
||||||
ok = 1;
|
ok = 1;
|
||||||
|
#endif
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
buf[0] = '\0'; /* no file name */
|
buf[0] = '\0'; /* no file name */
|
||||||
|
|||||||
@ -97,7 +97,6 @@ static int x509_subject_cmp(X509 **a, X509 **b)
|
|||||||
int X509_verify_cert(X509_STORE_CTX *ctx)
|
int X509_verify_cert(X509_STORE_CTX *ctx)
|
||||||
{
|
{
|
||||||
X509 *x,*xtmp,*chain_ss=NULL;
|
X509 *x,*xtmp,*chain_ss=NULL;
|
||||||
X509_NAME *xn;
|
|
||||||
int bad_chain = 0;
|
int bad_chain = 0;
|
||||||
X509_VERIFY_PARAM *param = ctx->param;
|
X509_VERIFY_PARAM *param = ctx->param;
|
||||||
int depth,i,ok=0;
|
int depth,i,ok=0;
|
||||||
@ -149,7 +148,6 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
|
|||||||
*/
|
*/
|
||||||
|
|
||||||
/* If we are self signed, we break */
|
/* If we are self signed, we break */
|
||||||
xn=X509_get_issuer_name(x);
|
|
||||||
if (ctx->check_issued(ctx, x,x)) break;
|
if (ctx->check_issued(ctx, x,x)) break;
|
||||||
|
|
||||||
/* If we were passed a cert chain, use it first */
|
/* If we were passed a cert chain, use it first */
|
||||||
@ -186,7 +184,6 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
|
|||||||
|
|
||||||
i=sk_X509_num(ctx->chain);
|
i=sk_X509_num(ctx->chain);
|
||||||
x=sk_X509_value(ctx->chain,i-1);
|
x=sk_X509_value(ctx->chain,i-1);
|
||||||
xn = X509_get_subject_name(x);
|
|
||||||
if (ctx->check_issued(ctx, x, x))
|
if (ctx->check_issued(ctx, x, x))
|
||||||
{
|
{
|
||||||
/* we have a self signed certificate */
|
/* we have a self signed certificate */
|
||||||
@ -235,7 +232,6 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
|
|||||||
if (depth < num) break;
|
if (depth < num) break;
|
||||||
|
|
||||||
/* If we are self signed, we break */
|
/* If we are self signed, we break */
|
||||||
xn=X509_get_issuer_name(x);
|
|
||||||
if (ctx->check_issued(ctx,x,x)) break;
|
if (ctx->check_issued(ctx,x,x)) break;
|
||||||
|
|
||||||
ok = ctx->get_issuer(&xtmp, ctx, x);
|
ok = ctx->get_issuer(&xtmp, ctx, x);
|
||||||
@ -254,7 +250,6 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* we now have our chain, lets check it... */
|
/* we now have our chain, lets check it... */
|
||||||
xn=X509_get_issuer_name(x);
|
|
||||||
|
|
||||||
/* Is last certificate looked up self signed? */
|
/* Is last certificate looked up self signed? */
|
||||||
if (!ctx->check_issued(ctx,x,x))
|
if (!ctx->check_issued(ctx,x,x))
|
||||||
|
|||||||
@ -1080,11 +1080,11 @@ static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
|
|||||||
static int hwcrhk_rsa_finish(RSA *rsa)
|
static int hwcrhk_rsa_finish(RSA *rsa)
|
||||||
{
|
{
|
||||||
HWCryptoHook_RSAKeyHandle *hptr;
|
HWCryptoHook_RSAKeyHandle *hptr;
|
||||||
int ret;
|
|
||||||
hptr = RSA_get_ex_data(rsa, hndidx_rsa);
|
hptr = RSA_get_ex_data(rsa, hndidx_rsa);
|
||||||
if (hptr)
|
if (hptr)
|
||||||
{
|
{
|
||||||
ret = p_hwcrhk_RSAUnloadKey(*hptr, NULL);
|
p_hwcrhk_RSAUnloadKey(*hptr, NULL);
|
||||||
OPENSSL_free(hptr);
|
OPENSSL_free(hptr);
|
||||||
RSA_set_ex_data(rsa, hndidx_rsa, NULL);
|
RSA_set_ex_data(rsa, hndidx_rsa, NULL);
|
||||||
}
|
}
|
||||||
|
|||||||
@ -811,7 +811,6 @@ static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa)
|
|||||||
SW_PARAM sw_param;
|
SW_PARAM sw_param;
|
||||||
SW_STATUS sw_status;
|
SW_STATUS sw_status;
|
||||||
SW_LARGENUMBER arg, res;
|
SW_LARGENUMBER arg, res;
|
||||||
unsigned char *ptr;
|
|
||||||
BN_CTX *ctx;
|
BN_CTX *ctx;
|
||||||
BIGNUM *dsa_p = NULL;
|
BIGNUM *dsa_p = NULL;
|
||||||
BIGNUM *dsa_q = NULL;
|
BIGNUM *dsa_q = NULL;
|
||||||
@ -899,7 +898,6 @@ static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa)
|
|||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
/* Convert the response */
|
/* Convert the response */
|
||||||
ptr = (unsigned char *)result->d;
|
|
||||||
if((to_return = DSA_SIG_new()) == NULL)
|
if((to_return = DSA_SIG_new()) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
to_return->r = BN_bin2bn((unsigned char *)result->d, 20, NULL);
|
to_return->r = BN_bin2bn((unsigned char *)result->d, 20, NULL);
|
||||||
|
|||||||
@ -631,10 +631,8 @@ static int ubsec_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
|
|||||||
const BIGNUM *dq, const BIGNUM *qinv, BN_CTX *ctx)
|
const BIGNUM *dq, const BIGNUM *qinv, BN_CTX *ctx)
|
||||||
{
|
{
|
||||||
int y_len,
|
int y_len,
|
||||||
m_len,
|
|
||||||
fd;
|
fd;
|
||||||
|
|
||||||
m_len = BN_num_bytes(p) + BN_num_bytes(q) + 1;
|
|
||||||
y_len = BN_num_bits(p) + BN_num_bits(q);
|
y_len = BN_num_bits(p) + BN_num_bits(q);
|
||||||
|
|
||||||
/* Check if hardware can't handle this argument. */
|
/* Check if hardware can't handle this argument. */
|
||||||
|
|||||||
@ -144,7 +144,7 @@ IMPLEMENT_dtls1_meth_func(DTLSv1_client_method,
|
|||||||
int dtls1_connect(SSL *s)
|
int dtls1_connect(SSL *s)
|
||||||
{
|
{
|
||||||
BUF_MEM *buf=NULL;
|
BUF_MEM *buf=NULL;
|
||||||
unsigned long Time=(unsigned long)time(NULL),l;
|
unsigned long Time=(unsigned long)time(NULL);
|
||||||
void (*cb)(const SSL *ssl,int type,int val)=NULL;
|
void (*cb)(const SSL *ssl,int type,int val)=NULL;
|
||||||
int ret= -1;
|
int ret= -1;
|
||||||
int new_state,state,skip=0;;
|
int new_state,state,skip=0;;
|
||||||
@ -374,7 +374,6 @@ int dtls1_connect(SSL *s)
|
|||||||
dtls1_start_timer(s);
|
dtls1_start_timer(s);
|
||||||
ret=dtls1_send_client_key_exchange(s);
|
ret=dtls1_send_client_key_exchange(s);
|
||||||
if (ret <= 0) goto end;
|
if (ret <= 0) goto end;
|
||||||
l=s->s3->tmp.new_cipher->algorithms;
|
|
||||||
/* EAY EAY EAY need to check for DH fix cert
|
/* EAY EAY EAY need to check for DH fix cert
|
||||||
* sent back */
|
* sent back */
|
||||||
/* For TLS, cert_req is set to 2, so a cert chain
|
/* For TLS, cert_req is set to 2, so a cert chain
|
||||||
|
|||||||
@ -131,13 +131,11 @@ int dtls1_enc(SSL *s, int send)
|
|||||||
SSL3_RECORD *rec;
|
SSL3_RECORD *rec;
|
||||||
EVP_CIPHER_CTX *ds;
|
EVP_CIPHER_CTX *ds;
|
||||||
unsigned long l;
|
unsigned long l;
|
||||||
int bs,i,ii,j,k,n=0;
|
int bs,i,ii,j,k;
|
||||||
const EVP_CIPHER *enc;
|
const EVP_CIPHER *enc;
|
||||||
|
|
||||||
if (send)
|
if (send)
|
||||||
{
|
{
|
||||||
if (s->write_hash != NULL)
|
|
||||||
n=EVP_MD_size(s->write_hash);
|
|
||||||
ds=s->enc_write_ctx;
|
ds=s->enc_write_ctx;
|
||||||
rec= &(s->s3->wrec);
|
rec= &(s->s3->wrec);
|
||||||
if (s->enc_write_ctx == NULL)
|
if (s->enc_write_ctx == NULL)
|
||||||
@ -158,8 +156,6 @@ int dtls1_enc(SSL *s, int send)
|
|||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
if (s->read_hash != NULL)
|
|
||||||
n=EVP_MD_size(s->read_hash);
|
|
||||||
ds=s->enc_read_ctx;
|
ds=s->enc_read_ctx;
|
||||||
rec= &(s->s3->rrec);
|
rec= &(s->s3->rrec);
|
||||||
if (s->enc_read_ctx == NULL)
|
if (s->enc_read_ctx == NULL)
|
||||||
|
|||||||
@ -256,9 +256,6 @@ dtls1_process_buffered_records(SSL *s)
|
|||||||
item = pqueue_peek(s->d1->unprocessed_rcds.q);
|
item = pqueue_peek(s->d1->unprocessed_rcds.q);
|
||||||
if (item)
|
if (item)
|
||||||
{
|
{
|
||||||
DTLS1_RECORD_DATA *rdata;
|
|
||||||
rdata = (DTLS1_RECORD_DATA *)item->data;
|
|
||||||
|
|
||||||
/* Check if epoch is current. */
|
/* Check if epoch is current. */
|
||||||
if (s->d1->unprocessed_rcds.epoch != s->d1->r_epoch)
|
if (s->d1->unprocessed_rcds.epoch != s->d1->r_epoch)
|
||||||
return(1); /* Nothing to do. */
|
return(1); /* Nothing to do. */
|
||||||
@ -331,7 +328,7 @@ dtls1_get_buffered_record(SSL *s)
|
|||||||
static int
|
static int
|
||||||
dtls1_process_record(SSL *s)
|
dtls1_process_record(SSL *s)
|
||||||
{
|
{
|
||||||
int i,al;
|
int al;
|
||||||
int clear=0;
|
int clear=0;
|
||||||
int enc_err;
|
int enc_err;
|
||||||
SSL_SESSION *sess;
|
SSL_SESSION *sess;
|
||||||
@ -418,7 +415,7 @@ if ( (sess == NULL) ||
|
|||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
rr->length-=mac_size;
|
rr->length-=mac_size;
|
||||||
i=s->method->ssl3_enc->mac(s,md,0);
|
s->method->ssl3_enc->mac(s,md,0);
|
||||||
if (memcmp(md,&(rr->data[rr->length]),mac_size) != 0)
|
if (memcmp(md,&(rr->data[rr->length]),mac_size) != 0)
|
||||||
{
|
{
|
||||||
goto err;
|
goto err;
|
||||||
@ -484,14 +481,12 @@ int dtls1_get_record(SSL *s)
|
|||||||
int ssl_major,ssl_minor;
|
int ssl_major,ssl_minor;
|
||||||
int i,n;
|
int i,n;
|
||||||
SSL3_RECORD *rr;
|
SSL3_RECORD *rr;
|
||||||
SSL_SESSION *sess;
|
|
||||||
unsigned char *p = NULL;
|
unsigned char *p = NULL;
|
||||||
unsigned short version;
|
unsigned short version;
|
||||||
DTLS1_BITMAP *bitmap;
|
DTLS1_BITMAP *bitmap;
|
||||||
unsigned int is_next_epoch;
|
unsigned int is_next_epoch;
|
||||||
|
|
||||||
rr= &(s->s3->rrec);
|
rr= &(s->s3->rrec);
|
||||||
sess=s->session;
|
|
||||||
|
|
||||||
/* The epoch may have changed. If so, process all the
|
/* The epoch may have changed. If so, process all the
|
||||||
* pending records. This is a non-blocking operation. */
|
* pending records. This is a non-blocking operation. */
|
||||||
|
|||||||
@ -97,14 +97,8 @@ SSL_CIPHER *ssl23_get_cipher(unsigned int u)
|
|||||||
* available */
|
* available */
|
||||||
SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p)
|
SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p)
|
||||||
{
|
{
|
||||||
SSL_CIPHER c,*cp;
|
SSL_CIPHER *cp;
|
||||||
unsigned long id;
|
|
||||||
int n;
|
|
||||||
|
|
||||||
n=ssl3_num_ciphers();
|
|
||||||
id=0x03000000|((unsigned long)p[0]<<16L)|
|
|
||||||
((unsigned long)p[1]<<8L)|(unsigned long)p[2];
|
|
||||||
c.id=id;
|
|
||||||
cp=ssl3_get_cipher_by_char(p);
|
cp=ssl3_get_cipher_by_char(p);
|
||||||
#ifndef OPENSSL_NO_SSL2
|
#ifndef OPENSSL_NO_SSL2
|
||||||
if (cp == NULL)
|
if (cp == NULL)
|
||||||
|
|||||||
@ -697,7 +697,6 @@ static int server_hello(SSL *s)
|
|||||||
{
|
{
|
||||||
unsigned char *p,*d;
|
unsigned char *p,*d;
|
||||||
int n,hit;
|
int n,hit;
|
||||||
STACK_OF(SSL_CIPHER) *sk;
|
|
||||||
|
|
||||||
p=(unsigned char *)s->init_buf->data;
|
p=(unsigned char *)s->init_buf->data;
|
||||||
if (s->state == SSL2_ST_SEND_SERVER_HELLO_A)
|
if (s->state == SSL2_ST_SEND_SERVER_HELLO_A)
|
||||||
@ -778,7 +777,6 @@ static int server_hello(SSL *s)
|
|||||||
|
|
||||||
/* lets send out the ciphers we like in the
|
/* lets send out the ciphers we like in the
|
||||||
* prefered order */
|
* prefered order */
|
||||||
sk= s->session->ciphers;
|
|
||||||
n=ssl_cipher_list_to_bytes(s,s->session->ciphers,d,0);
|
n=ssl_cipher_list_to_bytes(s,s->session->ciphers,d,0);
|
||||||
d+=n;
|
d+=n;
|
||||||
s2n(n,p); /* add cipher length */
|
s2n(n,p); /* add cipher length */
|
||||||
|
|||||||
@ -166,7 +166,7 @@ IMPLEMENT_ssl3_meth_func(SSLv3_client_method,
|
|||||||
int ssl3_connect(SSL *s)
|
int ssl3_connect(SSL *s)
|
||||||
{
|
{
|
||||||
BUF_MEM *buf=NULL;
|
BUF_MEM *buf=NULL;
|
||||||
unsigned long Time=(unsigned long)time(NULL),l;
|
unsigned long Time=(unsigned long)time(NULL);
|
||||||
void (*cb)(const SSL *ssl,int type,int val)=NULL;
|
void (*cb)(const SSL *ssl,int type,int val)=NULL;
|
||||||
int ret= -1;
|
int ret= -1;
|
||||||
int new_state,state,skip=0;
|
int new_state,state,skip=0;
|
||||||
@ -360,7 +360,6 @@ int ssl3_connect(SSL *s)
|
|||||||
case SSL3_ST_CW_KEY_EXCH_B:
|
case SSL3_ST_CW_KEY_EXCH_B:
|
||||||
ret=ssl3_send_client_key_exchange(s);
|
ret=ssl3_send_client_key_exchange(s);
|
||||||
if (ret <= 0) goto end;
|
if (ret <= 0) goto end;
|
||||||
l=s->s3->tmp.new_cipher->algorithms;
|
|
||||||
/* EAY EAY EAY need to check for DH fix cert
|
/* EAY EAY EAY need to check for DH fix cert
|
||||||
* sent back */
|
* sent back */
|
||||||
/* For TLS, cert_req is set to 2, so a cert chain
|
/* For TLS, cert_req is set to 2, so a cert chain
|
||||||
|
|||||||
@ -191,7 +191,7 @@ static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num)
|
|||||||
|
|
||||||
int ssl3_change_cipher_state(SSL *s, int which)
|
int ssl3_change_cipher_state(SSL *s, int which)
|
||||||
{
|
{
|
||||||
unsigned char *p,*key_block,*mac_secret;
|
unsigned char *p,*mac_secret;
|
||||||
unsigned char exp_key[EVP_MAX_KEY_LENGTH];
|
unsigned char exp_key[EVP_MAX_KEY_LENGTH];
|
||||||
unsigned char exp_iv[EVP_MAX_IV_LENGTH];
|
unsigned char exp_iv[EVP_MAX_IV_LENGTH];
|
||||||
unsigned char *ms,*key,*iv,*er1,*er2;
|
unsigned char *ms,*key,*iv,*er1,*er2;
|
||||||
@ -214,7 +214,6 @@ int ssl3_change_cipher_state(SSL *s, int which)
|
|||||||
else
|
else
|
||||||
comp=s->s3->tmp.new_compression->method;
|
comp=s->s3->tmp.new_compression->method;
|
||||||
#endif
|
#endif
|
||||||
key_block=s->s3->tmp.key_block;
|
|
||||||
|
|
||||||
if (which & SSL3_CC_READ)
|
if (which & SSL3_CC_READ)
|
||||||
{
|
{
|
||||||
|
|||||||
@ -297,7 +297,7 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
|
|||||||
SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
|
SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
|
||||||
long length)
|
long length)
|
||||||
{
|
{
|
||||||
int version,ssl_version=0,i;
|
int ssl_version=0,i;
|
||||||
long id;
|
long id;
|
||||||
ASN1_INTEGER ai,*aip;
|
ASN1_INTEGER ai,*aip;
|
||||||
ASN1_OCTET_STRING os,*osp;
|
ASN1_OCTET_STRING os,*osp;
|
||||||
@ -311,7 +311,6 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
|
|||||||
|
|
||||||
ai.data=NULL; ai.length=0;
|
ai.data=NULL; ai.length=0;
|
||||||
M_ASN1_D2I_get_x(ASN1_INTEGER,aip,d2i_ASN1_INTEGER);
|
M_ASN1_D2I_get_x(ASN1_INTEGER,aip,d2i_ASN1_INTEGER);
|
||||||
version=(int)ASN1_INTEGER_get(aip);
|
|
||||||
if (ai.data != NULL) { OPENSSL_free(ai.data); ai.data=NULL; ai.length=0; }
|
if (ai.data != NULL) { OPENSSL_free(ai.data); ai.data=NULL; ai.length=0; }
|
||||||
|
|
||||||
/* we don't care about the version right now :-) */
|
/* we don't care about the version right now :-) */
|
||||||
|
|||||||
@ -777,7 +777,7 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
|
|||||||
CIPHER_ORDER **tail_p, SSL_CIPHER **ca_list)
|
CIPHER_ORDER **tail_p, SSL_CIPHER **ca_list)
|
||||||
{
|
{
|
||||||
unsigned long algorithms, mask, algo_strength, mask_strength;
|
unsigned long algorithms, mask, algo_strength, mask_strength;
|
||||||
const char *l, *start, *buf;
|
const char *l, *buf;
|
||||||
int j, multi, found, rule, retval, ok, buflen;
|
int j, multi, found, rule, retval, ok, buflen;
|
||||||
unsigned long cipher_id = 0, ssl_version = 0;
|
unsigned long cipher_id = 0, ssl_version = 0;
|
||||||
char ch;
|
char ch;
|
||||||
@ -809,7 +809,6 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
|
|||||||
|
|
||||||
algorithms = mask = algo_strength = mask_strength = 0;
|
algorithms = mask = algo_strength = mask_strength = 0;
|
||||||
|
|
||||||
start=l;
|
|
||||||
for (;;)
|
for (;;)
|
||||||
{
|
{
|
||||||
ch = *l;
|
ch = *l;
|
||||||
@ -1100,7 +1099,7 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
|
|||||||
int is_export,pkl,kl;
|
int is_export,pkl,kl;
|
||||||
const char *ver,*exp_str;
|
const char *ver,*exp_str;
|
||||||
const char *kx,*au,*enc,*mac;
|
const char *kx,*au,*enc,*mac;
|
||||||
unsigned long alg,alg2,alg_s;
|
unsigned long alg,alg2;
|
||||||
#ifdef KSSL_DEBUG
|
#ifdef KSSL_DEBUG
|
||||||
static const char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s AL=%lx\n";
|
static const char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s AL=%lx\n";
|
||||||
#else
|
#else
|
||||||
@ -1108,7 +1107,6 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
|
|||||||
#endif /* KSSL_DEBUG */
|
#endif /* KSSL_DEBUG */
|
||||||
|
|
||||||
alg=cipher->algorithms;
|
alg=cipher->algorithms;
|
||||||
alg_s=cipher->algo_strength;
|
|
||||||
alg2=cipher->algorithm2;
|
alg2=cipher->algorithm2;
|
||||||
|
|
||||||
is_export=SSL_C_IS_EXPORT(cipher);
|
is_export=SSL_C_IS_EXPORT(cipher);
|
||||||
|
|||||||
@ -1940,15 +1940,13 @@ int check_srvr_ecc_cert_and_alg(X509 *x, SSL_CIPHER *cs)
|
|||||||
/* THIS NEEDS CLEANING UP */
|
/* THIS NEEDS CLEANING UP */
|
||||||
X509 *ssl_get_server_send_cert(SSL *s)
|
X509 *ssl_get_server_send_cert(SSL *s)
|
||||||
{
|
{
|
||||||
unsigned long alg,mask,kalg;
|
unsigned long alg,kalg;
|
||||||
CERT *c;
|
CERT *c;
|
||||||
int i,is_export;
|
int i;
|
||||||
|
|
||||||
c=s->cert;
|
c=s->cert;
|
||||||
ssl_set_cert_masks(c, s->s3->tmp.new_cipher);
|
ssl_set_cert_masks(c, s->s3->tmp.new_cipher);
|
||||||
alg=s->s3->tmp.new_cipher->algorithms;
|
alg=s->s3->tmp.new_cipher->algorithms;
|
||||||
is_export=SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
|
|
||||||
mask=is_export?c->export_mask:c->mask;
|
|
||||||
kalg=alg&(SSL_MKEY_MASK|SSL_AUTH_MASK);
|
kalg=alg&(SSL_MKEY_MASK|SSL_AUTH_MASK);
|
||||||
|
|
||||||
if (kalg & SSL_kECDH)
|
if (kalg & SSL_kECDH)
|
||||||
|
|||||||
@ -1351,7 +1351,6 @@ int doit(SSL *s_ssl, SSL *c_ssl, long count)
|
|||||||
BIO *c_bio=NULL;
|
BIO *c_bio=NULL;
|
||||||
BIO *s_bio=NULL;
|
BIO *s_bio=NULL;
|
||||||
int c_r,c_w,s_r,s_w;
|
int c_r,c_w,s_r,s_w;
|
||||||
int c_want,s_want;
|
|
||||||
int i,j;
|
int i,j;
|
||||||
int done=0;
|
int done=0;
|
||||||
int c_write,s_write;
|
int c_write,s_write;
|
||||||
@ -1386,8 +1385,6 @@ int doit(SSL *s_ssl, SSL *c_ssl, long count)
|
|||||||
|
|
||||||
c_r=0; s_r=1;
|
c_r=0; s_r=1;
|
||||||
c_w=1; s_w=0;
|
c_w=1; s_w=0;
|
||||||
c_want=W_WRITE;
|
|
||||||
s_want=0;
|
|
||||||
c_write=1,s_write=0;
|
c_write=1,s_write=0;
|
||||||
|
|
||||||
/* We can always do writes */
|
/* We can always do writes */
|
||||||
|
|||||||
18
ssl/t1_enc.c
18
ssl/t1_enc.c
@ -125,7 +125,7 @@ static void tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
|
|||||||
int sec_len, unsigned char *seed, int seed_len,
|
int sec_len, unsigned char *seed, int seed_len,
|
||||||
unsigned char *out, int olen)
|
unsigned char *out, int olen)
|
||||||
{
|
{
|
||||||
int chunk,n;
|
int chunk;
|
||||||
unsigned int j;
|
unsigned int j;
|
||||||
HMAC_CTX ctx;
|
HMAC_CTX ctx;
|
||||||
HMAC_CTX ctx_tmp;
|
HMAC_CTX ctx_tmp;
|
||||||
@ -143,7 +143,6 @@ static void tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
|
|||||||
HMAC_Update(&ctx,seed,seed_len);
|
HMAC_Update(&ctx,seed,seed_len);
|
||||||
HMAC_Final(&ctx,A1,&A1_len);
|
HMAC_Final(&ctx,A1,&A1_len);
|
||||||
|
|
||||||
n=0;
|
|
||||||
for (;;)
|
for (;;)
|
||||||
{
|
{
|
||||||
HMAC_Init_ex(&ctx,NULL,0,NULL,NULL); /* re-init */
|
HMAC_Init_ex(&ctx,NULL,0,NULL,NULL); /* re-init */
|
||||||
@ -227,14 +226,14 @@ static void tls1_generate_key_block(SSL *s, unsigned char *km,
|
|||||||
int tls1_change_cipher_state(SSL *s, int which)
|
int tls1_change_cipher_state(SSL *s, int which)
|
||||||
{
|
{
|
||||||
static const unsigned char empty[]="";
|
static const unsigned char empty[]="";
|
||||||
unsigned char *p,*key_block,*mac_secret;
|
unsigned char *p,*mac_secret;
|
||||||
unsigned char *exp_label,buf[TLS_MD_MAX_CONST_SIZE+
|
unsigned char *exp_label,buf[TLS_MD_MAX_CONST_SIZE+
|
||||||
SSL3_RANDOM_SIZE*2];
|
SSL3_RANDOM_SIZE*2];
|
||||||
unsigned char tmp1[EVP_MAX_KEY_LENGTH];
|
unsigned char tmp1[EVP_MAX_KEY_LENGTH];
|
||||||
unsigned char tmp2[EVP_MAX_KEY_LENGTH];
|
unsigned char tmp2[EVP_MAX_KEY_LENGTH];
|
||||||
unsigned char iv1[EVP_MAX_IV_LENGTH*2];
|
unsigned char iv1[EVP_MAX_IV_LENGTH*2];
|
||||||
unsigned char iv2[EVP_MAX_IV_LENGTH*2];
|
unsigned char iv2[EVP_MAX_IV_LENGTH*2];
|
||||||
unsigned char *ms,*key,*iv,*er1,*er2;
|
unsigned char *ms,*key,*iv;
|
||||||
int client_write;
|
int client_write;
|
||||||
EVP_CIPHER_CTX *dd;
|
EVP_CIPHER_CTX *dd;
|
||||||
const EVP_CIPHER *c;
|
const EVP_CIPHER *c;
|
||||||
@ -251,9 +250,10 @@ int tls1_change_cipher_state(SSL *s, int which)
|
|||||||
#ifndef OPENSSL_NO_COMP
|
#ifndef OPENSSL_NO_COMP
|
||||||
comp=s->s3->tmp.new_compression;
|
comp=s->s3->tmp.new_compression;
|
||||||
#endif
|
#endif
|
||||||
key_block=s->s3->tmp.key_block;
|
|
||||||
|
|
||||||
#ifdef KSSL_DEBUG
|
#ifdef KSSL_DEBUG
|
||||||
|
key_block=s->s3->tmp.key_block;
|
||||||
|
|
||||||
printf("tls1_change_cipher_state(which= %d) w/\n", which);
|
printf("tls1_change_cipher_state(which= %d) w/\n", which);
|
||||||
printf("\talg= %ld, comp= %p\n", s->s3->tmp.new_cipher->algorithms,
|
printf("\talg= %ld, comp= %p\n", s->s3->tmp.new_cipher->algorithms,
|
||||||
(void *)comp);
|
(void *)comp);
|
||||||
@ -348,8 +348,6 @@ int tls1_change_cipher_state(SSL *s, int which)
|
|||||||
cl : SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher)) : cl;
|
cl : SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher)) : cl;
|
||||||
/* Was j=(exp)?5:EVP_CIPHER_key_length(c); */
|
/* Was j=(exp)?5:EVP_CIPHER_key_length(c); */
|
||||||
k=EVP_CIPHER_iv_length(c);
|
k=EVP_CIPHER_iv_length(c);
|
||||||
er1= &(s->s3->client_random[0]);
|
|
||||||
er2= &(s->s3->server_random[0]);
|
|
||||||
if ( (which == SSL3_CHANGE_CIPHER_CLIENT_WRITE) ||
|
if ( (which == SSL3_CHANGE_CIPHER_CLIENT_WRITE) ||
|
||||||
(which == SSL3_CHANGE_CIPHER_SERVER_READ))
|
(which == SSL3_CHANGE_CIPHER_SERVER_READ))
|
||||||
{
|
{
|
||||||
@ -535,13 +533,11 @@ int tls1_enc(SSL *s, int send)
|
|||||||
SSL3_RECORD *rec;
|
SSL3_RECORD *rec;
|
||||||
EVP_CIPHER_CTX *ds;
|
EVP_CIPHER_CTX *ds;
|
||||||
unsigned long l;
|
unsigned long l;
|
||||||
int bs,i,ii,j,k,n=0;
|
int bs,i,ii,j,k;
|
||||||
const EVP_CIPHER *enc;
|
const EVP_CIPHER *enc;
|
||||||
|
|
||||||
if (send)
|
if (send)
|
||||||
{
|
{
|
||||||
if (s->write_hash != NULL)
|
|
||||||
n=EVP_MD_size(s->write_hash);
|
|
||||||
ds=s->enc_write_ctx;
|
ds=s->enc_write_ctx;
|
||||||
rec= &(s->s3->wrec);
|
rec= &(s->s3->wrec);
|
||||||
if (s->enc_write_ctx == NULL)
|
if (s->enc_write_ctx == NULL)
|
||||||
@ -551,8 +547,6 @@ int tls1_enc(SSL *s, int send)
|
|||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
if (s->read_hash != NULL)
|
|
||||||
n=EVP_MD_size(s->read_hash);
|
|
||||||
ds=s->enc_read_ctx;
|
ds=s->enc_read_ctx;
|
||||||
rec= &(s->s3->rrec);
|
rec= &(s->s3->rrec);
|
||||||
if (s->enc_read_ctx == NULL)
|
if (s->enc_read_ctx == NULL)
|
||||||
|
|||||||
@ -601,9 +601,9 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
|
|||||||
|
|
||||||
int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, int n, int *al)
|
int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, int n, int *al)
|
||||||
{
|
{
|
||||||
|
unsigned short length;
|
||||||
unsigned short type;
|
unsigned short type;
|
||||||
unsigned short size;
|
unsigned short size;
|
||||||
unsigned short len;
|
|
||||||
unsigned char *data = *p;
|
unsigned char *data = *p;
|
||||||
int tlsext_servername = 0;
|
int tlsext_servername = 0;
|
||||||
int renegotiate_seen = 0;
|
int renegotiate_seen = 0;
|
||||||
@ -611,7 +611,12 @@ int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
|
|||||||
if (data >= (d+n-2))
|
if (data >= (d+n-2))
|
||||||
goto ri_check;
|
goto ri_check;
|
||||||
|
|
||||||
n2s(data,len);
|
n2s(data,length);
|
||||||
|
if (data+length != d+n)
|
||||||
|
{
|
||||||
|
*al = SSL_AD_DECODE_ERROR;
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
while(data <= (d+n-4))
|
while(data <= (d+n-4))
|
||||||
{
|
{
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user