From 6789b41d862fabf0fe1bb1614a9ff2388994fab2 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Tue, 16 Jul 2002 10:46:00 +0000 Subject: [PATCH 01/20] The default C compiler on MacOS X doesn't like empty object files --- crypto/ebcdic.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/crypto/ebcdic.c b/crypto/ebcdic.c index bc968ea80..d1bece87f 100644 --- a/crypto/ebcdic.c +++ b/crypto/ebcdic.c @@ -211,8 +211,8 @@ ascii2ebcdic(void *dest, const void *srce, size_t count) } #else /*CHARSET_EBCDIC*/ -#include -#if defined(PEDANTIC) || defined(__DECC) +#include +#if defined(PEDANTIC) || defined(__DECC) || defined(OPENSSL_SYS_MACOSX) static void *dummy=&dummy; #endif #endif From 7dbed652fca1dc3ab8fa3ac25b99cee2eab253fd Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Tue, 16 Jul 2002 11:07:42 +0000 Subject: [PATCH 02/20] We had some experimental options in the Darwin entries. They are no longer needed --- Configure | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Configure b/Configure index 0b47b3c1c..eb3345bf0 100755 --- a/Configure +++ b/Configure @@ -543,8 +543,8 @@ my %table=( ##### MacOS X (a.k.a. Rhapsody or Darwin) setup "rhapsody-ppc-cc","cc:-O3 -DB_ENDIAN::(unknown):MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::", -"darwin-ppc-cc","cc:-O3 -nostdinc -I/System/Library/Frameworks/System.framework/Headers -I/System/Library/Frameworks/System.frameworks/Headers/bsd -I/usr/include -fomit-frame-pointer -Wall -DB_ENDIAN::(unknown):MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::::::::::darwin-shared:-fPIC::.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib", -"darwin-i386-cc","cc:-O3 -nostdinc -I/System/Library/Frameworks/System.framework/Headers -I/System/Library/Frameworks/System.frameworks/Headers/bsd -I/usr/include -fomit-frame-pointer -Wall -DB_ENDIAN::(unknown):MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::::::::::darwin-shared:-fPIC::.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib", +"darwin-ppc-cc","cc:-O3 -fomit-frame-pointer -DB_ENDIAN::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::::::::::darwin-shared:-fPIC::.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib", +"darwin-i386-cc","cc:-O3 -fomit-frame-pointer -DB_ENDIAN::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::::::::::darwin-shared:-fPIC::.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib", ##### Sony NEWS-OS 4.x "newsos4-gcc","gcc:-O -DB_ENDIAN::(unknown):NEWS4:-lmld -liberty:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::", From ebccb429def24678e2a12b92e31cabb5a60605e8 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Wed, 17 Jul 2002 07:48:39 +0000 Subject: [PATCH 03/20] Add the usually recommended solution to the linking problem entry for MacOS X --- PROBLEMS | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/PROBLEMS b/PROBLEMS index 99a0779f9..f072449fe 100644 --- a/PROBLEMS +++ b/PROBLEMS @@ -20,6 +20,15 @@ to: It's possible that something similar is needed for shared library support as well. That hasn't been well tested yet. + +Another solution that many seem to recommend is to move the libraries +/usr/lib/libcrypto.0.9.dylib, /usr/lib/libssl.0.9.dylib to a different +directory, build and install OpenSSL and anything that depends on your +build, then move libcrypto.0.9.dylib and libssl.0.9.dylib back to their +original places. Note that the version numbers on those two libraries +may differ on your machine. + + As long as Apple doesn't fix the problem with ld, this problem building OpenSSL will remain as is. From 8cfdb960f0f1f107b47c93ee7bc68b6e72ecf441 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Wed, 17 Jul 2002 08:20:27 +0000 Subject: [PATCH 04/20] On MacOS X, you're not allowed to have common objects in shared libraries --- Configure | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Configure b/Configure index eb3345bf0..bf0f5bc0d 100755 --- a/Configure +++ b/Configure @@ -543,8 +543,8 @@ my %table=( ##### MacOS X (a.k.a. Rhapsody or Darwin) setup "rhapsody-ppc-cc","cc:-O3 -DB_ENDIAN::(unknown):MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::", -"darwin-ppc-cc","cc:-O3 -fomit-frame-pointer -DB_ENDIAN::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::::::::::darwin-shared:-fPIC::.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib", -"darwin-i386-cc","cc:-O3 -fomit-frame-pointer -DB_ENDIAN::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::::::::::darwin-shared:-fPIC::.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib", +"darwin-ppc-cc","cc:-O3 -fomit-frame-pointer -fno-common -DB_ENDIAN::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::::::::::darwin-shared:-fPIC::.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib", +"darwin-i386-cc","cc:-O3 -fomit-frame-pointer -fno-common -DB_ENDIAN::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::::::::::darwin-shared:-fPIC::.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib", ##### Sony NEWS-OS 4.x "newsos4-gcc","gcc:-O -DB_ENDIAN::(unknown):NEWS4:-lmld -liberty:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::", From f5db08e57af8b3b2d2e026302b11da5fa70411b9 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Wed, 17 Jul 2002 11:09:44 +0000 Subject: [PATCH 05/20] On MacOS X, the shared library editor uses DYLD_LIBRARY_PATH --- Makefile.org | 8 ++++---- apps/Makefile.ssl | 4 ++-- test/Makefile.ssl | 4 ++-- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/Makefile.org b/Makefile.org index 716bfe0b2..9967485fc 100644 --- a/Makefile.org +++ b/Makefile.org @@ -578,8 +578,8 @@ rehash: rehash.time rehash.time: certs @(OPENSSL="`pwd`/apps/openssl"; OPENSSL_DEBUG_MEMORY=on; \ export OPENSSL OPENSSL_DEBUG_MEMORY; \ - LD_LIBRARY_PATH="`pwd`"; SHLIB_PATH="`pwd`"; LIBPATH="`pwd`"; \ - export LD_LIBRARY_PATH SHLIB_PATH LIBPATH; \ + LD_LIBRARY_PATH="`pwd`"; DYLD_LIBRARY_PATH="`pwd`"; SHLIB_PATH="`pwd`"; LIBPATH="`pwd`"; \ + export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH; \ $(PERL) tools/c_rehash certs) touch rehash.time @@ -588,8 +588,8 @@ test: tests tests: rehash @(cd test && echo "testing..." && \ $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' TESTS='${TESTS}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' TESTS='${TESTS}' OPENSSL_DEBUG_MEMORY=on tests ); - @LD_LIBRARY_PATH="`pwd`"; SHLIB_PATH="`pwd`"; LIBPATH="`pwd`"; \ - export LD_LIBRARY_PATH SHLIB_PATH LIBPATH; \ + @LD_LIBRARY_PATH="`pwd`"; DYLD_LIBRARY_PATH="`pwd`"; SHLIB_PATH="`pwd`"; LIBPATH="`pwd`"; \ + export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH; \ apps/openssl version -a report: diff --git a/apps/Makefile.ssl b/apps/Makefile.ssl index 027f1c6a1..0d47a08e1 100644 --- a/apps/Makefile.ssl +++ b/apps/Makefile.ssl @@ -147,8 +147,8 @@ $(PROGRAM): progs.h $(E_OBJ) $(PROGRAM).o $(DLIBCRYPTO) $(DLIBSSL) $(CC) -o $(PROGRAM) $(CFLAGS) $(PROGRAM).o $(E_OBJ) $(PEX_LIBS) $(LIBSSL) $(LIBKRB5) $(LIBCRYPTO) $(EX_LIBS) ; \ fi -(cd ..; OPENSSL="`pwd`/apps/openssl"; export OPENSSL; \ - LIBPATH="`pwd`"; LD_LIBRARY_PATH="`pwd`"; SHLIB_PATH="`pwd`"; \ - export LD_LIBRARY_PATH SHLIB_PATH LIBPATH; \ + LIBPATH="`pwd`"; LD_LIBRARY_PATH="`pwd`"; DYLD_LIBRARY_PATH="`pwd`"; SHLIB_PATH="`pwd`"; \ + export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH; \ $(PERL) tools/c_rehash certs) progs.h: progs.pl diff --git a/test/Makefile.ssl b/test/Makefile.ssl index 129b07cf7..048063576 100644 --- a/test/Makefile.ssl +++ b/test/Makefile.ssl @@ -119,8 +119,8 @@ apps: @(cd ../apps; $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' TESTS='${TESTS}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' all) alltests: - (LIBPATH="`cd ..; pwd`"; LD_LIBRARY_PATH=$$LIBPATH; SHLIB_PATH=$$LIBPATH; \ - export LD_LIBRARY_PATH SHLIB_PATH LIBPATH; \ + (LIBPATH="`cd ..; pwd`"; LD_LIBRARY_PATH=$$LIBPATH; DYLD_LIBRARY_PATH=$$LIBPATH; SHLIB_PATH=$$LIBPATH; \ + export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH; \ $(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' alltests.chooser) alltests.chooser: \ test_des test_idea test_sha test_md4 test_md5 test_hmac \ From fe5eb6707f231e9f5f9aa54d4d8723ec054410b0 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Wed, 17 Jul 2002 11:16:22 +0000 Subject: [PATCH 06/20] If OpenSSL is built with shared library support on MacOS X, everything works fine. Note: this is only true for 0.9.7 and on --- PROBLEMS | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/PROBLEMS b/PROBLEMS index f072449fe..70e591a1d 100644 --- a/PROBLEMS +++ b/PROBLEMS @@ -1,5 +1,11 @@ * System libcrypto.dylib and libssl.dylib are used by system ld on MacOS X. -[NOTE: This is currently undergoing tests, and may be removed soon] + + + NOTE: The problem described here only applies when OpenSSL isn't built + with shared library support (i.e. without the "shared" configuration + option). If you build with shared library support, you will have no + problems as long as you set up DYLD_LIBRARY_PATH properly at all times. + This is really a misfeature in ld, which seems to look for .dylib libraries along the whole library path before it bothers looking for .a libraries. This From 311e209931ab32ea5ff4d69088ecabf85eee2680 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Wed, 17 Jul 2002 11:29:15 +0000 Subject: [PATCH 07/20] Add a few FAQ entries for the various ways building OpenSSL on MacOS X can fail, and point at the text in the PROBLEMS file --- FAQ | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/FAQ b/FAQ index 45566252f..410c1da04 100644 --- a/FAQ +++ b/FAQ @@ -40,6 +40,8 @@ OpenSSL - Frequently Asked Questions * Why does the OpenSSL compilation fail with "ar: command not found"? * Why does the OpenSSL compilation fail on Win32 with VC++? * What is special about OpenSSL on Redhat? +* Why does the OpenSSL compilation fail on MacOS X? +* Why does the OpenSSL test suite fail on MacOS X? [PROG] Questions about programming with OpenSSL @@ -496,6 +498,32 @@ MDC-2: 4,908,861 13/03/2007 IDEA: 5,214,703 25/05/2010 RC5: 5,724,428 03/03/2015 + +* Why does the OpenSSL compilation fail on MacOS X? + +If the failure happens when trying to build the "openssl" binary, with +a large number of undefined symbols, it's very probable that you have +OpenSSL 0.9.6b delivered with the operating system (you can find out by +running '/usr/bin/openssl version') and that you were trying to build +OpenSSL 0.9.7 or newer. The problem is that the loader ('ld') in +MacOS X has a misfeature that's quite difficult to go around. +Look in the file PROBLEMS for a more detailed explanation and for possible +solutions. + + +* Why does the OpenSSL test suite fail on MacOS X? + +If the failure happens when running 'make test' and the RC4 test fails, +it's very probable that you have OpenSSL 0.9.6b delivered with the +operating system (you can find out by running '/usr/bin/openssl version') +and that you were trying to build OpenSSL 0.9.6d. The problem is that +the loader ('ld') in MacOS X has a misfeature that's quite difficult to +go around and has linked the programs "openssl" and the test programs +with /usr/lib/libcrypto.dylib and /usr/lib/libssl.dylib instead of the +libraries you just built. +Look in the file PROBLEMS for a more detailed explanation and for possible +solutions. + [PROG] ======================================================================== * Is OpenSSL thread-safe? From cd4c36adb8cf159a1ea86a3e0b1ff2f222016937 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Wed, 17 Jul 2002 13:27:43 +0000 Subject: [PATCH 08/20] Add support for shared libraries with OS/2. PR: 124 --- INSTALL.OS2 | 9 ++++++ crypto/bio/bio.h | 2 ++ crypto/symhacks.h | 2 +- os2/OS2-EMX.cmd | 5 +++ util/libeay.num | 10 +++--- util/mkdef.pl | 46 ++++++++++++++++++++------- util/pl/OS2-EMX.pl | 79 +++++++++++++++++++++++++++++----------------- 7 files changed, 106 insertions(+), 47 deletions(-) diff --git a/INSTALL.OS2 b/INSTALL.OS2 index d4cc0e319..530316db1 100644 --- a/INSTALL.OS2 +++ b/INSTALL.OS2 @@ -20,3 +20,12 @@ If that finishes successfully you will find the libraries and programs in the "out" directory. + + Alternatively, you can make a dynamic build that puts the library code into + crypto.dll and ssl.dll by running + + > make -f os2-emx-dll.mak + + This will build the above mentioned dlls and a matching pair of import + libraries in the "out_dll" directory along with the set of test programs + and the openssl application. diff --git a/crypto/bio/bio.h b/crypto/bio/bio.h index 8aefeac3d..c5caf253c 100644 --- a/crypto/bio/bio.h +++ b/crypto/bio/bio.h @@ -554,7 +554,9 @@ BIO_METHOD *BIO_s_socket(void); BIO_METHOD *BIO_s_connect(void); BIO_METHOD *BIO_s_accept(void); BIO_METHOD *BIO_s_fd(void); +#ifndef OPENSSL_SYS_OS2 BIO_METHOD *BIO_s_log(void); +#endif BIO_METHOD *BIO_s_bio(void); BIO_METHOD *BIO_s_null(void); BIO_METHOD *BIO_f_null(void); diff --git a/crypto/symhacks.h b/crypto/symhacks.h index 21022d951..ff558a43d 100644 --- a/crypto/symhacks.h +++ b/crypto/symhacks.h @@ -249,7 +249,7 @@ /* Case insensiteve linking causes problems.... */ -#if defined(OPENSSL_SYS_WIN16) || defined(OPENSSL_SYS_VMS) +#if defined(OPENSSL_SYS_WIN16) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) #undef ERR_load_CRYPTO_strings #define ERR_load_CRYPTO_strings ERR_load_CRYPTOlib_strings #undef OCSP_crlID_new diff --git a/os2/OS2-EMX.cmd b/os2/OS2-EMX.cmd index 8b2a092c6..acab99ac3 100644 --- a/os2/OS2-EMX.cmd +++ b/os2/OS2-EMX.cmd @@ -5,6 +5,11 @@ perl util\mkfiles.pl > MINFO @rem create make file perl util\mk1mf.pl OS2-EMX > OS2-EMX.mak +perl util\mk1mf.pl dll OS2-EMX > OS2-EMX-DLL.mak + +echo Generating export definition files +perl util\mkdef.pl crypto OS2 > os2\crypto.def +perl util\mkdef.pl ssl OS2 > os2\ssl.def echo Generating x86 for GNU assember diff --git a/util/libeay.num b/util/libeay.num index be0c1926b..2a9745107 100755 --- a/util/libeay.num +++ b/util/libeay.num @@ -984,8 +984,8 @@ BIO_ghbn_ctrl 1003 EXIST::FUNCTION: CRYPTO_free_ex_data 1004 EXIST::FUNCTION: CRYPTO_get_ex_data 1005 EXIST::FUNCTION: CRYPTO_set_ex_data 1007 EXIST::FUNCTION: -ERR_load_CRYPTO_strings 1009 EXIST:!VMS,!WIN16:FUNCTION: -ERR_load_CRYPTOlib_strings 1009 EXIST:VMS,WIN16:FUNCTION: +ERR_load_CRYPTO_strings 1009 EXIST:!OS2,!VMS,!WIN16:FUNCTION: +ERR_load_CRYPTOlib_strings 1009 EXIST:OS2,VMS,WIN16:FUNCTION: EVP_PKEY_bits 1010 EXIST::FUNCTION: MD5_Transform 1011 EXIST::FUNCTION:MD5 SHA1_Transform 1012 EXIST::FUNCTION:SHA,SHA1 @@ -1216,7 +1216,7 @@ name_cmp 1239 EXIST::FUNCTION: str_dup 1240 NOEXIST::FUNCTION: i2s_ASN1_ENUMERATED 1241 EXIST::FUNCTION: i2s_ASN1_ENUMERATED_TABLE 1242 EXIST::FUNCTION: -BIO_s_log 1243 EXIST:!WIN16,!WIN32,!macintosh:FUNCTION: +BIO_s_log 1243 EXIST:!OS2,!WIN16,!WIN32,!macintosh:FUNCTION: BIO_f_reliable 1244 EXIST::FUNCTION:BIO PKCS7_dataFinal 1245 EXIST::FUNCTION: PKCS7_dataDecode 1246 EXIST::FUNCTION: @@ -2732,8 +2732,8 @@ EC_POINT_point2oct 3178 EXIST::FUNCTION:EC KRB5_APREQ_free 3179 EXIST::FUNCTION: ASN1_OBJECT_it 3180 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: ASN1_OBJECT_it 3180 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -OCSP_crlID_new 3181 EXIST:!VMS,!WIN16:FUNCTION: -OCSP_crlID2_new 3181 EXIST:VMS,WIN16:FUNCTION: +OCSP_crlID_new 3181 EXIST:!OS2,!VMS,!WIN16:FUNCTION: +OCSP_crlID2_new 3181 EXIST:OS2,VMS,WIN16:FUNCTION: CONF_modules_load_file 3182 EXIST::FUNCTION: CONF_imodule_set_usr_data 3183 EXIST::FUNCTION: ENGINE_set_default_string 3184 EXIST::FUNCTION: diff --git a/util/mkdef.pl b/util/mkdef.pl index 9d0979939..64d21242e 100755 --- a/util/mkdef.pl +++ b/util/mkdef.pl @@ -58,6 +58,7 @@ my $debug=0; my $crypto_num= "util/libeay.num"; my $ssl_num= "util/ssleay.num"; +my $libname; my $do_update = 0; my $do_rewrite = 1; @@ -73,12 +74,13 @@ my $VMS=0; my $W32=0; my $W16=0; my $NT=0; +my $OS2=0; # Set this to make typesafe STACK definitions appear in DEF my $safe_stack_def = 0; my @known_platforms = ( "__FreeBSD__", "PERL5", "NeXT", "EXPORT_VAR_AS_FUNCTION" ); -my @known_ossl_platforms = ( "VMS", "WIN16", "WIN32", "WINNT" ); +my @known_ossl_platforms = ( "VMS", "WIN16", "WIN32", "WINNT", "OS2" ); my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF", "CAST", "MD2", "MD4", "MD5", "SHA", "SHA0", "SHA1", "RIPEMD", @@ -126,11 +128,18 @@ foreach (@ARGV, split(/ /, $options)) $VMSAlpha=1; } $VMS=1 if $_ eq "VMS"; + $OS2=1 if $_ eq "OS2"; $do_ssl=1 if $_ eq "ssleay"; - $do_ssl=1 if $_ eq "ssl"; + if ($_ eq "ssl") { + $do_ssl=1; + $libname=$_ + } $do_crypto=1 if $_ eq "libeay"; - $do_crypto=1 if $_ eq "crypto"; + if ($_ eq "crypto") { + $do_crypto=1; + $libname=$_; + } $do_update=1 if $_ eq "update"; $do_rewrite=1 if $_ eq "rewrite"; $do_ctest=1 if $_ eq "ctest"; @@ -171,8 +180,17 @@ foreach (@ARGV, split(/ /, $options)) } +if (!$libname) { + if ($do_ssl) { + $libname="SSLEAY"; + } + if ($do_crypto) { + $libname="LIBEAY"; + } +} + # If no platform is given, assume WIN32 -if ($W32 + $W16 + $VMS == 0) { +if ($W32 + $W16 + $VMS + $OS2 == 0) { $W32 = 1; } @@ -183,7 +201,7 @@ if ($W16) { if (!$do_ssl && !$do_crypto) { - print STDERR "usage: $0 ( ssl | crypto ) [ 16 | 32 | NT ]\n"; + print STDERR "usage: $0 ( ssl | crypto ) [ 16 | 32 | NT | OS2 ]\n"; exit(1); } @@ -307,10 +325,10 @@ EOF } else { - &print_def_file(*STDOUT,"SSLEAY",*ssl_list,@ssl_symbols) + &print_def_file(*STDOUT,$libname,*ssl_list,@ssl_symbols) if $do_ssl == 1; - &print_def_file(*STDOUT,"LIBEAY",*crypto_list,@crypto_symbols) + &print_def_file(*STDOUT,$libname,*crypto_list,@crypto_symbols) if $do_crypto == 1; } @@ -997,6 +1015,7 @@ sub is_valid if ($keyword eq "WIN32" && $W32) { return 1; } if ($keyword eq "WIN16" && $W16) { return 1; } if ($keyword eq "WINNT" && $NT) { return 1; } + if ($keyword eq "OS2" && $OS2) { return 1; } # Special platforms: # EXPORT_VAR_AS_FUNCTION means that global variables # will be represented as functions. This currently @@ -1095,24 +1114,27 @@ sub print_def_file { (*OUT,my $name,*nums,my @symbols)=@_; my $n = 1; my @e; my @r; my @v; my $prev=""; + my $liboptions=""; if ($W32) { $name.="32"; } - else + elsif ($W16) { $name.="16"; } + elsif ($OS2) + { $liboptions = "INITINSTANCE\nDATA NONSHARED"; } print OUT <<"EOF"; ; ; Definition file for the DLL version of the $name library from OpenSSL ; -LIBRARY $name +LIBRARY $name $liboptions DESCRIPTION 'OpenSSL $name - http://www.openssl.org/' EOF - if (!$W32) { + if ($W16) { print <<"EOF"; CODE PRELOAD MOVEABLE DATA PRELOAD MOVEABLE SINGLE @@ -1151,10 +1173,10 @@ EOF print STDERR "Warning: Symbol '",$s2,"' redefined. old=",($nums{$prev} =~ /^(.*?)\\/,$1),", new=",($nums{$s2} =~ /^(.*?)\\/,$1),"\n"; } $prev = $s2; # To warn about duplicates... - if($v) { + if($v && !$OS2) { printf OUT " %s%-39s @%-8d DATA\n",($W32)?"":"_",$s2,$n; } else { - printf OUT " %s%-39s @%d\n",($W32)?"":"_",$s2,$n; + printf OUT " %s%-39s @%d\n",($W32||$OS2)?"":"_",$s2,$n; } } } diff --git a/util/pl/OS2-EMX.pl b/util/pl/OS2-EMX.pl index 57180556c..d695dda62 100644 --- a/util/pl/OS2-EMX.pl +++ b/util/pl/OS2-EMX.pl @@ -10,18 +10,20 @@ $rm='rm -f'; # C compiler stuff $cc='gcc'; -$cflags="-DL_ENDIAN -O3 -fomit-frame-pointer -m486 -Zmt -Wall "; +$cflags="-DL_ENDIAN -O3 -fomit-frame-pointer -m486 -Zmtd -Wall "; +$cflags.="-Zomf " if $shlib; +$shl_cflag="-Zdll"; if ($debug) { $cflags.="-g "; } -$obj='.o'; +$obj=$shlib ? '.obj' : '.o'; $ofile='-o '; # EXE linking stuff $link='${CC}'; -$lflags='${CFLAGS} -Zbsd-signals'; +$lflags='${CFLAGS} -Zbsd-signals -s'; $efile='-o '; $exep='.exe'; $ex_libs="-lsocket"; @@ -30,12 +32,12 @@ $ex_libs="-lsocket"; $mklib='ar r'; $mlflags=''; $ranlib="ar s"; -$plib='lib'; -$libp=".a"; -$shlibp=".a"; +$plib=''; +$libp=$shlib ? ".lib" : ".a"; +$shlibp=$shlib ? ".dll" : ".a"; $lfile=''; -$asm='as'; +$asm=$shlib ? 'as -Zomf' : 'as'; $afile='-o '; $bn_asm_obj=""; $bn_asm_src=""; @@ -46,24 +48,32 @@ $bf_enc_src=""; if (!$no_asm) { - $bn_asm_obj='crypto\bn\asm\bn-os2.o crypto\bn\asm\co-os2.o'; - $bn_asm_src='crypto\bn\asm\bn-os2.asm crypto\bn\asm\co-os2.asm'; - $des_enc_obj='crypto\des\asm\d-os2.o crypto\des\asm\y-os2.o'; - $des_enc_src='crypto\des\asm\d-os2.asm crypto\des\asm\y-os2.asm'; - $bf_enc_obj='crypto\bf\asm\b-os2.o'; - $bf_enc_src='crypto\bf\asm\b-os2.asm'; - $cast_enc_obj='crypto\cast\asm\c-os2.o'; - $cast_enc_src='crypto\cast\asm\c-os2.asm'; - $rc4_enc_obj='crypto\rc4\asm\r4-os2.o'; - $rc4_enc_src='crypto\rc4\asm\r4-os2.asm'; - $rc5_enc_obj='crypto\rc5\asm\r5-os2.o'; - $rc5_enc_src='crypto\rc5\asm\r5-os2.asm'; - $md5_asm_obj='crypto\md5\asm\m5-os2.o'; - $md5_asm_src='crypto\md5\asm\m5-os2.asm'; - $sha1_asm_obj='crypto\sha\asm\s1-os2.o'; - $sha1_asm_src='crypto\sha\asm\s1-os2.asm'; - $rmd160_asm_obj='crypto\ripemd\asm\rm-os2.o'; - $rmd160_asm_src='crypto\ripemd\asm\rm-os2.asm'; + $bn_asm_obj="crypto\\bn\\asm\\bn-os2$obj crypto\\bn\\asm\\co-os2$obj"; + $bn_asm_src="crypto\\bn\\asm\\bn-os2.asm crypto\\bn\\asm\\co-os2.asm"; + $des_enc_obj="crypto\\des\\asm\\d-os2$obj crypto\\des\\asm\\y-os2$obj"; + $des_enc_src="crypto\\des\\asm\\d-os2.asm crypto\\des\\asm\\y-os2.asm"; + $bf_enc_obj="crypto\\bf\\asm\\b-os2$obj"; + $bf_enc_src="crypto\\bf\\asm\\b-os2.asm"; + $cast_enc_obj="crypto\\cast\\asm\\c-os2$obj"; + $cast_enc_src="crypto\\cast\\asm\\c-os2.asm"; + $rc4_enc_obj="crypto\\rc4\\asm\\r4-os2$obj"; + $rc4_enc_src="crypto\\rc4\\asm\\r4-os2.asm"; + $rc5_enc_obj="crypto\\rc5\\asm\\r5-os2$obj"; + $rc5_enc_src="crypto\\rc5\\asm\\r5-os2.asm"; + $md5_asm_obj="crypto\\md5\\asm\\m5-os2$obj"; + $md5_asm_src="crypto\\md5\\asm\\m5-os2.asm"; + $sha1_asm_obj="crypto\\sha\\asm\\s1-os2$obj"; + $sha1_asm_src="crypto\\sha\\asm\\s1-os2.asm"; + $rmd160_asm_obj="crypto\\ripemd\\asm\\rm-os2$obj"; + $rmd160_asm_src="crypto\\ripemd\\asm\\rm-os2.asm"; + } + +if ($shlib) + { + $mlflags.=" $lflags -Zdll"; + $lib_cflag=" -D_DLL"; + $out_def="out_dll"; + $tmp_def="tmp_dll"; } sub do_lib_rule @@ -76,9 +86,20 @@ sub do_lib_rule ($Name=$name) =~ tr/a-z/A-Z/; $ret.="$target: \$(${Name}OBJ)\n"; - $ret.="\t\$(RM) $target\n"; - $ret.="\t\$(MKLIB) $target \$(${Name}OBJ)\n"; - $ret.="\t\$(RANLIB) $target\n\n"; + if (!$shlib) + { + $ret.="\t\$(RM) $target\n"; + $ret.="\t\$(MKLIB) $target \$(${Name}OBJ)\n"; + $ret.="\t\$(RANLIB) $target\n\n"; + } + else + { + local($ex)=($target =~ /O_SSL/)?' $(L_CRYPTO)':''; + $ex.=' -lsocket'; + $ret.="\t\$(LINK) \$(SHLIB_CFLAGS) \$(MLFLAGS) $efile$target \$(SHLIB_EX_OBJ) \$(${Name}OBJ) $ex os2/${Name}.def\n"; + $ret.="\temximp -o $out_def/$name.a os2/${Name}.def\n"; + $ret.="\temximp -o $out_def/$name.lib os2/${Name}.def\n\n"; + } } sub do_link_rule @@ -89,7 +110,7 @@ sub do_link_rule $file =~ s/\//$o/g if $o ne '/'; $n=&bname($target); $ret.="$target: $files $dep_libs\n"; - $ret.="\t\$(LINK) ${efile}$target \$(LFLAGS) $files $libs\n\n"; + $ret.="\t\$(LINK) ${efile}$target \$(CFLAG) \$(LFLAGS) $files $libs\n\n"; return($ret); } From 6643f275e2f91a5ae0418d16497a77b7e58920bd Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Wed, 17 Jul 2002 13:33:02 +0000 Subject: [PATCH 09/20] Make mkdir failsafe in case the directories are already present --- util/mk1mf.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/util/mk1mf.pl b/util/mk1mf.pl index 1f8b839e4..866629fe2 100755 --- a/util/mk1mf.pl +++ b/util/mk1mf.pl @@ -101,7 +101,7 @@ $out_def="out"; $inc_def="outinc"; $tmp_def="tmp"; -$mkdir="mkdir"; +$mkdir="-mkdir"; ($ssl,$crypto)=("ssl","crypto"); $ranlib="echo ranlib"; From 32bf74e30ee987b6162dc1807d9189a9c45a8795 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Thu, 18 Jul 2002 06:34:34 +0000 Subject: [PATCH 10/20] OPENSSL_SYS_WIN32 is important so util/mkdef.pl can detect it --- crypto/rand/rand.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/rand/rand.h b/crypto/rand/rand.h index 16ea8fca0..66e39991e 100644 --- a/crypto/rand/rand.h +++ b/crypto/rand/rand.h @@ -103,7 +103,7 @@ int RAND_egd(const char *path); int RAND_egd_bytes(const char *path,int bytes); int RAND_poll(void); -#if defined(OPENSSL_SYS_WINDOWS) +#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) void RAND_screen(void); int RAND_event(UINT, WPARAM, LPARAM); From 9335a5f7c07cf16d3d167edee078b33c8dab725d Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Thu, 18 Jul 2002 07:47:30 +0000 Subject: [PATCH 11/20] Unixware doesn't have strings.h, so we need to declare strcasecmp() differently. Unixware 2 needs to link with libresolv. PR: 148 --- Configure | 10 +++++----- apps/apps.c | 6 +++++- apps/ca.c | 6 +++++- 3 files changed, 15 insertions(+), 7 deletions(-) diff --git a/Configure b/Configure index bf0f5bc0d..c14ecac16 100755 --- a/Configure +++ b/Configure @@ -413,13 +413,13 @@ my %table=( "linux-elf-arm","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:::BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", # UnixWare 2.0x fails destest with -O -"unixware-2.0","cc:-DFILIO_H::-Kthread::-lsocket -lnsl -lx:${x86_gcc_des} ${x86_gcc_opts}:::", -"unixware-2.0-pentium","cc:-DFILIO_H -Kpentium::-Kthread::-lsocket -lnsl -lx:MD2_CHAR RC4_INDEX ${x86_gcc_des}::", +"unixware-2.0","cc:-DFILIO_H -DNO_STRINGS_H::-Kthread::-lsocket -lnsl -lresolv -lx:${x86_gcc_des} ${x86_gcc_opts}:::", +"unixware-2.0-pentium","cc:-DFILIO_H -DNO_STRINGS_H -Kpentium::-Kthread::-lsocket -lnsl -lresolv -lx:MD2_CHAR RC4_INDEX ${x86_gcc_des}::", # UnixWare 2.1 -"unixware-2.1","cc:-O -DFILIO_H::-Kthread::-lsocket -lnsl -lx:${x86_gcc_des} ${x86_gcc_opts}:::", -"unixware-2.1-pentium","cc:-O -DFILIO_H -Kpentium::-Kthread::-lsocket -lnsl -lx:MD2_CHAR RC4_INDEX ${x86_gcc_des}::", -"unixware-2.1-p6","cc:-O -DFILIO_H -Kp6::-Kthread::-lsocket -lnsl -lx:MD2_CHAR RC4_INDEX ${x86_gcc_des}::", +"unixware-2.1","cc:-O -DFILIO_H::-Kthread::-lsocket -lnsl -lresolv -lx:${x86_gcc_des} ${x86_gcc_opts}:::", +"unixware-2.1-pentium","cc:-O -DFILIO_H -Kpentium::-Kthread::-lsocket -lnsl -lresolv -lx:MD2_CHAR RC4_INDEX ${x86_gcc_des}::", +"unixware-2.1-p6","cc:-O -DFILIO_H -Kp6::-Kthread::-lsocket -lnsl -lresolv -lx:MD2_CHAR RC4_INDEX ${x86_gcc_des}::", # UnixWare 7 "unixware-7","cc:-O -DFILIO_H -Kalloca::-Kthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}::::::::::dlfcn:svr5-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", diff --git a/apps/apps.c b/apps/apps.c index ac18296e6..40faa02f9 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -129,7 +129,11 @@ #ifdef OPENSSL_SYS_WINDOWS #define strcasecmp _stricmp #else -#include +# ifdef NO_STRINGS_H + int strcasecmp(); +# else +# include +# endif /* NO_STRINGS_H */ #endif #ifdef OPENSSL_SYS_WINDOWS diff --git a/apps/ca.c b/apps/ca.c index 0b3c8a439..db4652069 100644 --- a/apps/ca.c +++ b/apps/ca.c @@ -80,7 +80,11 @@ #ifdef OPENSSL_SYS_WINDOWS #define strcasecmp _stricmp #else -#include +# ifdef NO_STRINGS_H + int strcasecmp(); +# else +# include +# endif /* NO_STRINGS_H */ #endif #ifndef W_OK From 8e6cbcd7c0c661016f25f4782fb5f662b4dff140 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Thu, 18 Jul 2002 08:47:33 +0000 Subject: [PATCH 12/20] Make S/MIME output conform with the mail and MIME standards. PR: 151 --- apps/smime.c | 6 +++--- crypto/pkcs7/pk7_mime.c | 28 ++++++++++++++-------------- 2 files changed, 17 insertions(+), 17 deletions(-) diff --git a/apps/smime.c b/apps/smime.c index 90fe026f5..482bd18e4 100644 --- a/apps/smime.c +++ b/apps/smime.c @@ -530,9 +530,9 @@ int MAIN(int argc, char **argv) } else if(operation == SMIME_PK7OUT) { PEM_write_bio_PKCS7(out, p7); } else { - if(to) BIO_printf(out, "To: %s\n", to); - if(from) BIO_printf(out, "From: %s\n", from); - if(subject) BIO_printf(out, "Subject: %s\n", subject); + if(to) BIO_printf(out, "To: %s\r\n", to); + if(from) BIO_printf(out, "From: %s\r\n", from); + if(subject) BIO_printf(out, "Subject: %s\r\n", subject); if(outformat == FORMAT_SMIME) SMIME_write_PKCS7(out, p7, in, flags); else if(outformat == FORMAT_PEM) diff --git a/crypto/pkcs7/pk7_mime.c b/crypto/pkcs7/pk7_mime.c index 086d39427..d5fb9ec8a 100644 --- a/crypto/pkcs7/pk7_mime.c +++ b/crypto/pkcs7/pk7_mime.c @@ -164,34 +164,34 @@ int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags) bound[i] = c; } bound[32] = 0; - BIO_printf(bio, "MIME-Version: 1.0\n"); + BIO_printf(bio, "MIME-Version: 1.0\r\n"); BIO_printf(bio, "Content-Type: multipart/signed;"); BIO_printf(bio, " protocol=\"application/x-pkcs7-signature\";"); - BIO_printf(bio, " micalg=sha1; boundary=\"----%s\"\n\n", bound); + BIO_printf(bio, " micalg=sha1; boundary=\"----%s\"\r\n\r\n", bound); BIO_printf(bio, "This is an S/MIME signed message\n\n"); /* Now write out the first part */ - BIO_printf(bio, "------%s\n", bound); - if(flags & PKCS7_TEXT) BIO_printf(bio, "Content-Type: text/plain\n\n"); + BIO_printf(bio, "------%s\r\n", bound); + if(flags & PKCS7_TEXT) BIO_printf(bio, "Content-Type: text/plain\r\n\r\n"); while((i = BIO_read(data, linebuf, MAX_SMLEN)) > 0) BIO_write(bio, linebuf, i); - BIO_printf(bio, "\n------%s\n", bound); + BIO_printf(bio, "\r\n------%s\r\n", bound); /* Headers for signature */ - BIO_printf(bio, "Content-Type: application/x-pkcs7-signature; name=\"smime.p7s\"\n"); - BIO_printf(bio, "Content-Transfer-Encoding: base64\n"); - BIO_printf(bio, "Content-Disposition: attachment; filename=\"smime.p7s\"\n\n"); + BIO_printf(bio, "Content-Type: application/x-pkcs7-signature; name=\"smime.p7s\"\r\n"); + BIO_printf(bio, "Content-Transfer-Encoding: base64\r\n"); + BIO_printf(bio, "Content-Disposition: attachment; filename=\"smime.p7s\"\r\n\r\n"); B64_write_PKCS7(bio, p7); - BIO_printf(bio,"\n------%s--\n\n", bound); + BIO_printf(bio,"\r\n------%s--\r\n\r\n", bound); return 1; } /* MIME headers */ - BIO_printf(bio, "MIME-Version: 1.0\n"); - BIO_printf(bio, "Content-Disposition: attachment; filename=\"smime.p7m\"\n"); - BIO_printf(bio, "Content-Type: application/x-pkcs7-mime; name=\"smime.p7m\"\n"); - BIO_printf(bio, "Content-Transfer-Encoding: base64\n\n"); + BIO_printf(bio, "MIME-Version: 1.0\r\n"); + BIO_printf(bio, "Content-Disposition: attachment; filename=\"smime.p7m\"\r\n"); + BIO_printf(bio, "Content-Type: application/x-pkcs7-mime; name=\"smime.p7m\"\r\n"); + BIO_printf(bio, "Content-Transfer-Encoding: base64\r\n\r\n"); B64_write_PKCS7(bio, p7); - BIO_printf(bio, "\n"); + BIO_printf(bio, "\r\n"); return 1; } From ca6dde5d3d90d1c04450939fee1ceabec96b8b46 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Thu, 18 Jul 2002 10:39:20 +0000 Subject: [PATCH 13/20] Reverse the change with the following log, it needs further investigation: Make S/MIME output conform with the mail and MIME standards. PR: 151 --- apps/smime.c | 6 +++--- crypto/pkcs7/pk7_mime.c | 26 +++++++++++++------------- 2 files changed, 16 insertions(+), 16 deletions(-) diff --git a/apps/smime.c b/apps/smime.c index 482bd18e4..90fe026f5 100644 --- a/apps/smime.c +++ b/apps/smime.c @@ -530,9 +530,9 @@ int MAIN(int argc, char **argv) } else if(operation == SMIME_PK7OUT) { PEM_write_bio_PKCS7(out, p7); } else { - if(to) BIO_printf(out, "To: %s\r\n", to); - if(from) BIO_printf(out, "From: %s\r\n", from); - if(subject) BIO_printf(out, "Subject: %s\r\n", subject); + if(to) BIO_printf(out, "To: %s\n", to); + if(from) BIO_printf(out, "From: %s\n", from); + if(subject) BIO_printf(out, "Subject: %s\n", subject); if(outformat == FORMAT_SMIME) SMIME_write_PKCS7(out, p7, in, flags); else if(outformat == FORMAT_PEM) diff --git a/crypto/pkcs7/pk7_mime.c b/crypto/pkcs7/pk7_mime.c index d5fb9ec8a..5100c84b8 100644 --- a/crypto/pkcs7/pk7_mime.c +++ b/crypto/pkcs7/pk7_mime.c @@ -164,34 +164,34 @@ int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags) bound[i] = c; } bound[32] = 0; - BIO_printf(bio, "MIME-Version: 1.0\r\n"); + BIO_printf(bio, "MIME-Version: 1.0\n"); BIO_printf(bio, "Content-Type: multipart/signed;"); BIO_printf(bio, " protocol=\"application/x-pkcs7-signature\";"); - BIO_printf(bio, " micalg=sha1; boundary=\"----%s\"\r\n\r\n", bound); + BIO_printf(bio, " micalg=sha1; boundary=\"----%s\"\n\n", bound); BIO_printf(bio, "This is an S/MIME signed message\n\n"); /* Now write out the first part */ BIO_printf(bio, "------%s\r\n", bound); - if(flags & PKCS7_TEXT) BIO_printf(bio, "Content-Type: text/plain\r\n\r\n"); + if(flags & PKCS7_TEXT) BIO_printf(bio, "Content-Type: text/plain\n\n"); while((i = BIO_read(data, linebuf, MAX_SMLEN)) > 0) BIO_write(bio, linebuf, i); - BIO_printf(bio, "\r\n------%s\r\n", bound); + BIO_printf(bio, "\n------%s\n", bound); /* Headers for signature */ - BIO_printf(bio, "Content-Type: application/x-pkcs7-signature; name=\"smime.p7s\"\r\n"); - BIO_printf(bio, "Content-Transfer-Encoding: base64\r\n"); - BIO_printf(bio, "Content-Disposition: attachment; filename=\"smime.p7s\"\r\n\r\n"); + BIO_printf(bio, "Content-Type: application/x-pkcs7-signature; name=\"smime.p7s\"\n"); + BIO_printf(bio, "Content-Transfer-Encoding: base64\n"); + BIO_printf(bio, "Content-Disposition: attachment; filename=\"smime.p7s\"\n\n"); B64_write_PKCS7(bio, p7); - BIO_printf(bio,"\r\n------%s--\r\n\r\n", bound); + BIO_printf(bio,"\n------%s--\n\n", bound); return 1; } /* MIME headers */ - BIO_printf(bio, "MIME-Version: 1.0\r\n"); - BIO_printf(bio, "Content-Disposition: attachment; filename=\"smime.p7m\"\r\n"); - BIO_printf(bio, "Content-Type: application/x-pkcs7-mime; name=\"smime.p7m\"\r\n"); - BIO_printf(bio, "Content-Transfer-Encoding: base64\r\n\r\n"); + BIO_printf(bio, "MIME-Version: 1.0\n"); + BIO_printf(bio, "Content-Disposition: attachment; filename=\"smime.p7m\"\n"); + BIO_printf(bio, "Content-Type: application/x-pkcs7-mime; name=\"smime.p7m\"\n"); + BIO_printf(bio, "Content-Transfer-Encoding: base64\n\n"); B64_write_PKCS7(bio, p7); - BIO_printf(bio, "\r\n"); + BIO_printf(bio, "\n"); return 1; } From 7e6617611f833385257dcfa11dc5e4d1aedf1591 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bodo=20M=C3=B6ller?= Date: Thu, 18 Jul 2002 11:23:50 +0000 Subject: [PATCH 14/20] Fix bug introduced with revision 1.95 when this filed was modified to use the new X509_CRL_set_issuer_name() function: The CRL issuer should be X509_get_subject_name(x509), not X509_get_issuer_name(x509). Submitted by: Juergen Lesny typo --- apps/ca.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/apps/ca.c b/apps/ca.c index db4652069..cbb1a0529 100644 --- a/apps/ca.c +++ b/apps/ca.c @@ -1454,13 +1454,13 @@ bad: } if ((crldays == 0) && (crlhours == 0)) { - BIO_printf(bio_err,"cannot lookup how long until the next CRL is issuer\n"); + BIO_printf(bio_err,"cannot lookup how long until the next CRL is issued\n"); goto err; } if (verbose) BIO_printf(bio_err,"making CRL\n"); if ((crl=X509_CRL_new()) == NULL) goto err; - if (!X509_CRL_set_issuer_name(crl, X509_get_issuer_name(x509))) goto err; + if (!X509_CRL_set_issuer_name(crl, X509_get_subject_name(x509))) goto err; tmptm = ASN1_TIME_new(); if (!tmptm) goto err; From ec9ea6a3c884cdd8498d9fc7093fbe0f070a3037 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Thu, 18 Jul 2002 12:37:59 +0000 Subject: [PATCH 15/20] Further enhance assembler support on Cygwin and DJGPP. Make pod2mantest useable on DOS-based systems. Part of PR 75, the rest is still under investigation. --- crypto/perlasm/x86asm.pl | 6 ++++++ util/pod2mantest | 1 + 2 files changed, 7 insertions(+) diff --git a/crypto/perlasm/x86asm.pl b/crypto/perlasm/x86asm.pl index 81c6e64e8..9a3d85b09 100644 --- a/crypto/perlasm/x86asm.pl +++ b/crypto/perlasm/x86asm.pl @@ -87,6 +87,12 @@ $tmp #ifdef OUT #define OK 1 #define ALIGN 4 +#if defined(__CYGWIN__) || defined(__DJGPP__) +#undef SIZE +#undef TYPE +#define SIZE(a,b) +#define TYPE(a,b) +#endif /* __CYGWIN || __DJGPP */ #endif #if defined(BSDI) && !defined(ELF) diff --git a/util/pod2mantest b/util/pod2mantest index 449ef14f1..8e913180c 100755 --- a/util/pod2mantest +++ b/util/pod2mantest @@ -11,6 +11,7 @@ IFS=: +if test "$OSTYPE" = "msdosdjgpp"; then IFS=";"; fi try_without_dir=false # First we try "pod2man", then "$dir/pod2man" for each item in $PATH. for dir in dummy:$PATH; do From 402bcde847371e905ffeb2f9328cf3798ea7cfe7 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Thu, 18 Jul 2002 17:59:21 +0000 Subject: [PATCH 16/20] Allow subjects with more than 255 characters to be properly printed. PR: 147 --- apps/apps.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/apps/apps.c b/apps/apps.c index 40faa02f9..a302119d7 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -1217,7 +1217,7 @@ static int set_table_opts(unsigned long *flags, const char *arg, const NAME_EX_T void print_name(BIO *out, char *title, X509_NAME *nm, unsigned long lflags) { - char buf[256]; + char *buf; char mline = 0; int indent = 0; if(title) BIO_puts(out, title); @@ -1226,9 +1226,10 @@ void print_name(BIO *out, char *title, X509_NAME *nm, unsigned long lflags) indent = 4; } if(lflags == XN_FLAG_COMPAT) { - X509_NAME_oneline(nm,buf,256); - BIO_puts(out,buf); + buf = X509_NAME_oneline(nm, 0, 0); + BIO_puts(out, buf); BIO_puts(out, "\n"); + OPENSSL_free(buf); } else { if(mline) BIO_puts(out, "\n"); X509_NAME_print_ex(out, nm, indent, lflags); From 503f3b1a21903773ba5ae7452a44f379c20e5739 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Thu, 18 Jul 2002 18:54:46 +0000 Subject: [PATCH 17/20] Add history for documented new functions. PR: 59 --- doc/crypto/BN_zero.pod | 3 +++ doc/crypto/EVP_DigestInit.pod | 9 +++++++-- doc/crypto/EVP_EncryptInit.pod | 5 +++++ doc/crypto/EVP_SignInit.pod | 2 +- doc/crypto/hmac.pod | 3 +++ doc/crypto/lhash.pod | 5 +++++ 6 files changed, 24 insertions(+), 3 deletions(-) diff --git a/doc/crypto/BN_zero.pod b/doc/crypto/BN_zero.pod index 3c64a6569..b555ec398 100644 --- a/doc/crypto/BN_zero.pod +++ b/doc/crypto/BN_zero.pod @@ -53,4 +53,7 @@ BN_zero(), BN_one() and BN_set_word() are available in all versions of SSLeay and OpenSSL. BN_value_one() and BN_get_word() were added in SSLeay 0.8. +BN_value_one() was changed to return a true const BIGNUM * in OpenSSL +0.9.7. + =cut diff --git a/doc/crypto/EVP_DigestInit.pod b/doc/crypto/EVP_DigestInit.pod index 064c0fab1..5901c3952 100644 --- a/doc/crypto/EVP_DigestInit.pod +++ b/doc/crypto/EVP_DigestInit.pod @@ -245,7 +245,12 @@ L, L EVP_DigestInit(), EVP_DigestUpdate() and EVP_DigestFinal() are available in all versions of SSLeay and OpenSSL. -EVP_DigestInit_ex(), EVP_DigestFinal_ex() and EVP_MD_CTX_copy_ex() -were added in OpenSSL 0.9.7. +EVP_MD_CTX_init(), EVP_MD_CTX_create(), EVP_MD_CTX_copy_ex(), +EVP_MD_CTX_cleanup(), EVP_MD_CTX_destroy(), EVP_DigestInit_ex() +and EVP_DigestFinal_ex() were added in OpenSSL 0.9.7. + +EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), +EVP_dss(), EVP_dss1(), EVP_mdc2() and EVP_ripemd160() were +changed to return truely const EVP_MD * in OpenSSL 0.9.7. =cut diff --git a/doc/crypto/EVP_EncryptInit.pod b/doc/crypto/EVP_EncryptInit.pod index 371b6a228..75cceb1ca 100644 --- a/doc/crypto/EVP_EncryptInit.pod +++ b/doc/crypto/EVP_EncryptInit.pod @@ -501,4 +501,9 @@ L =head1 HISTORY +EVP_CIPHER_CTX_init(), EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(), +EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex(), +EVP_CipherFinal_ex() and EVP_CIPHER_CTX_set_padding() appeared in +OpenSSL 0.9.7. + =cut diff --git a/doc/crypto/EVP_SignInit.pod b/doc/crypto/EVP_SignInit.pod index f9a76cf4b..b203c3a1c 100644 --- a/doc/crypto/EVP_SignInit.pod +++ b/doc/crypto/EVP_SignInit.pod @@ -91,6 +91,6 @@ L, L EVP_SignInit(), EVP_SignUpdate() and EVP_SignFinal() are available in all versions of SSLeay and OpenSSL. -EVP_SignInit_ex() was added in OpenSSL 0.9.7 +EVP_SignInit_ex() was added in OpenSSL 0.9.7. =cut diff --git a/doc/crypto/hmac.pod b/doc/crypto/hmac.pod index 579bf9e8a..3976baf22 100644 --- a/doc/crypto/hmac.pod +++ b/doc/crypto/hmac.pod @@ -96,4 +96,7 @@ L, L HMAC(), HMAC_Init(), HMAC_Update(), HMAC_Final() and HMAC_cleanup() are available since SSLeay 0.9.0. +HMAC_CTX_init(), HMAC_Init_ex() and HMAC_CTX_cleanup() are available +since OpenSSL 0.9.7. + =cut diff --git a/doc/crypto/lhash.pod b/doc/crypto/lhash.pod index 0bac11421..dcdbb43a8 100644 --- a/doc/crypto/lhash.pod +++ b/doc/crypto/lhash.pod @@ -286,4 +286,9 @@ lh_error() was added in SSLeay 0.9.1b. This manpage is derived from the SSLeay documentation. +In OpenSSL 0.9.7, all lhash functions that were passed function pointers +were changed for better type safety, and the function types LHASH_COMP_FN_TYPE, +LHASH_HASH_FN_TYPE, LHASH_DOALL_FN_TYPE and LHASH_DOALL_ARG_FN_TYPE +became available. + =cut From db802c60e32820866bcfadef47e627821aac7442 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Thu, 18 Jul 2002 19:10:57 +0000 Subject: [PATCH 18/20] Explain why RSA_check_key() doesn't work with hard keys. PR: 86 --- doc/crypto/RSA_check_key.pod | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/doc/crypto/RSA_check_key.pod b/doc/crypto/RSA_check_key.pod index 79fed753a..5737ecdc3 100644 --- a/doc/crypto/RSA_check_key.pod +++ b/doc/crypto/RSA_check_key.pod @@ -28,12 +28,21 @@ RSA_check_key() returns 1 if B is a valid RSA key, and 0 otherwise. If the key is invalid or an error occurred, the reason code can be obtained using L. +=head1 NOTES + +RSA_check_key() can only check soft keys. If given hard keys, i.e. keys +that were retreived from an ENGINE (with ENGINE_load_private_key()), +RSA_check_key() will always return 0, as if the key was invalid. The +reason is that the private components B

, B and B are normally +not available to OpenSSL for hard keys, and the checks can therefore not +be done. + =head1 SEE ALSO L, L =head1 HISTORY -RSA_check() appeared in OpenSSL 0.9.4. +RSA_check_key() appeared in OpenSSL 0.9.4. =cut From 0af9a89cef9e7ba4f47db9dbe14d2437c0da2dcb Mon Sep 17 00:00:00 2001 From: Geoff Thorpe Date: Thu, 18 Jul 2002 20:59:22 +0000 Subject: [PATCH 19/20] This documentation change was being written at the same time as Richard's changes. So I'm committing this version to overwrite his changes for now, and he can always take his turn to overwrite my words if he wants :-) PR: 86 --- doc/crypto/RSA_check_key.pod | 33 ++++++++++++++++++++++++++------- 1 file changed, 26 insertions(+), 7 deletions(-) diff --git a/doc/crypto/RSA_check_key.pod b/doc/crypto/RSA_check_key.pod index 5737ecdc3..3d824a07f 100644 --- a/doc/crypto/RSA_check_key.pod +++ b/doc/crypto/RSA_check_key.pod @@ -18,7 +18,9 @@ in fact prime, and that B. It also checks that B, and that B, B and B are set correctly or are B. -The key's public components may not be B. +As such, this function can not be used with any arbitrary RSA key object, +even if it is otherwise fit for regular RSA operation. See B for more +information. =head1 RETURN VALUE @@ -30,12 +32,29 @@ obtained using L. =head1 NOTES -RSA_check_key() can only check soft keys. If given hard keys, i.e. keys -that were retreived from an ENGINE (with ENGINE_load_private_key()), -RSA_check_key() will always return 0, as if the key was invalid. The -reason is that the private components B

, B and B are normally -not available to OpenSSL for hard keys, and the checks can therefore not -be done. +This function does not work on RSA public keys that have only the modulus +and public exponent elements populated. It performs integrity checks on all +the RSA key material, so the RSA key structure must contain all the private +key data too. + +Unlike most other RSA functions, this function does B work +transparently with any underlying ENGINE implementation because it uses the +key data in the RSA structure directly. An ENGINE implementation can +override the way key data is stored and handled, and can even provide +support for HSM keys - in which case the RSA structure may contain B +key data at all! If the ENGINE in question is only being used for +acceleration or analysis purposes, then in all likelihood the RSA key data +is complete and untouched, but this can't be assumed in the general case. + +=head1 BUGS + +A method of verifying the RSA key using opaque RSA API functions might need +to be considered. Right now RSA_check_key() simply uses the RSA structure +elements directly, bypassing the RSA_METHOD table altogether (and +completely violating encapsulation and object-orientation in the process). +The best fix will probably be to introduce a "check_key()" handler to the +RSA_METHOD function table so that alternative implementations can also +provide their own verifiers. =head1 SEE ALSO From 02b7ec88bb798326d2bdae41c549bebeabc8759f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lutz=20J=C3=A4nicke?= Date: Fri, 19 Jul 2002 11:05:50 +0000 Subject: [PATCH 20/20] =?UTF-8?q?Manual=20page=20for=20SSL=5Fdo=5Fhandshak?= =?UTF-8?q?e().=20Submitted=20by:=20Martin=20Sj=C3=B6gren=20=20PR:=20137?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- doc/ssl/SSL_accept.pod | 1 + doc/ssl/SSL_connect.pod | 1 + doc/ssl/SSL_do_handshake.pod | 75 +++++++++++++++++++++++++++++++ doc/ssl/SSL_set_connect_state.pod | 1 + doc/ssl/ssl.pod | 1 + 5 files changed, 79 insertions(+) create mode 100644 doc/ssl/SSL_do_handshake.pod diff --git a/doc/ssl/SSL_accept.pod b/doc/ssl/SSL_accept.pod index ac6caf9ba..a673edba8 100644 --- a/doc/ssl/SSL_accept.pod +++ b/doc/ssl/SSL_accept.pod @@ -69,6 +69,7 @@ to find out the reason. L, L, L, L, L, L, +L, L =cut diff --git a/doc/ssl/SSL_connect.pod b/doc/ssl/SSL_connect.pod index 766f1876a..8426310c0 100644 --- a/doc/ssl/SSL_connect.pod +++ b/doc/ssl/SSL_connect.pod @@ -66,6 +66,7 @@ to find out the reason. L, L, L, L, L, L, +L, L =cut diff --git a/doc/ssl/SSL_do_handshake.pod b/doc/ssl/SSL_do_handshake.pod new file mode 100644 index 000000000..243576451 --- /dev/null +++ b/doc/ssl/SSL_do_handshake.pod @@ -0,0 +1,75 @@ +=pod + +=head1 NAME + +SSL_do_handshake - perform a TLS/SSL handshake + +=head1 SYNOPSIS + + #include + + int SSL_do_handshake(SSL *ssl); + +=head1 DESCRIPTION + +SSL_do_handshake() will wait for a SSL/TLS handshake to take place. If the +connection is in client mode, the handshake will be started. The handshake +routines may have to be explicitly set in advance using either +L or +L. + +=head1 NOTES + +The behaviour of SSL_do_handshake() depends on the underlying BIO. + +If the underlying BIO is B, SSL_do_handshake() will only return +once the handshake has been finished or an error occurred, except for SGC +(Server Gated Cryptography). For SGC, SSL_do_handshake() may return with -1, +but SSL_get_error() will yield B and +SSL_do_handshake() should be called again. + +If the underlying BIO is B, SSL_do_handshake() will also return +when the underlying BIO could not satisfy the needs of SSL_do_handshake() +to continue the handshake. In this case a call to SSL_get_error() with the +return value of SSL_do_handshake() will yield B or +B. The calling process then must repeat the call after +taking appropriate action to satisfy the needs of SSL_do_handshake(). +The action depends on the underlying BIO. When using a non-blocking socket, +nothing is to be done, but select() can be used to check for the required +condition. When using a buffering BIO, like a BIO pair, data must be written +into or retrieved out of the BIO before being able to continue. + +=head1 RETURN VALUES + +The following return values can occur: + +=over 4 + +=item 1 + +The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been +established. + +=item 0 + +The TLS/SSL handshake was not successful but was shut down controlled and +by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the +return value B to find out the reason. + +=item E0 + +The TLS/SSL handshake was not successful because a fatal error occurred either +at the protocol level or a connection failure occurred. The shutdown was +not clean. It can also occur of action is need to continue the operation +for non-blocking BIOs. Call SSL_get_error() with the return value B +to find out the reason. + +=back + +=head1 SEE ALSO + +L, L, +L, L, L, +L + +=cut diff --git a/doc/ssl/SSL_set_connect_state.pod b/doc/ssl/SSL_set_connect_state.pod index 7adf8adfe..d88a057de 100644 --- a/doc/ssl/SSL_set_connect_state.pod +++ b/doc/ssl/SSL_set_connect_state.pod @@ -49,6 +49,7 @@ information. L, L, L, L, L, L, L, +L, L =cut diff --git a/doc/ssl/ssl.pod b/doc/ssl/ssl.pod index d0525582b..1471e0312 100644 --- a/doc/ssl/ssl.pod +++ b/doc/ssl/ssl.pod @@ -693,6 +693,7 @@ L, L, L, L, +L, L, L, L,