Compare commits
2 Commits
OpenSSL-en
...
OpenSSL_0_
| Author | SHA1 | Date | |
|---|---|---|---|
|
690dba1a9f | ||
|
|
9beaae61ec |
938
CHANGES
938
CHANGES
@@ -2,937 +2,7 @@
|
||||
OpenSSL CHANGES
|
||||
_______________
|
||||
|
||||
Changes between 0.9.6f and 0.9.6g [9 Aug 2002]
|
||||
|
||||
*) [In 0.9.6g-engine release:]
|
||||
Fix crypto/engine/vendor_defns/cswift.h for WIN32 (use '_stdcall').
|
||||
[Lynn Gazis <lgazis@rainbow.com>]
|
||||
|
||||
Changes between 0.9.6e and 0.9.6f [8 Aug 2002]
|
||||
|
||||
*) Fix ASN1 checks. Check for overflow by comparing with LONG_MAX
|
||||
and get fix the header length calculation.
|
||||
[Florian Weimer <Weimer@CERT.Uni-Stuttgart.DE>,
|
||||
Alon Kantor <alonk@checkpoint.com> (and others),
|
||||
Steve Henson]
|
||||
|
||||
*) Use proper error handling instead of 'assertions' in buffer
|
||||
overflow checks added in 0.9.6e. This prevents DoS (the
|
||||
assertions could call abort()).
|
||||
[Arne Ansper <arne@ats.cyber.ee>, Bodo Moeller]
|
||||
|
||||
Changes between 0.9.6d and 0.9.6e [30 Jul 2002]
|
||||
|
||||
*) Fix cipher selection routines: ciphers without encryption had no flags
|
||||
for the cipher strength set and where therefore not handled correctly
|
||||
by the selection routines (PR #130).
|
||||
[Lutz Jaenicke]
|
||||
|
||||
*) Fix EVP_dsa_sha macro.
|
||||
[Nils Larsch]
|
||||
|
||||
*) New option
|
||||
SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
|
||||
for disabling the SSL 3.0/TLS 1.0 CBC vulnerability countermeasure
|
||||
that was added in OpenSSL 0.9.6d.
|
||||
|
||||
As the countermeasure turned out to be incompatible with some
|
||||
broken SSL implementations, the new option is part of SSL_OP_ALL.
|
||||
SSL_OP_ALL is usually employed when compatibility with weird SSL
|
||||
implementations is desired (e.g. '-bugs' option to 's_client' and
|
||||
's_server'), so the new option is automatically set in many
|
||||
applications.
|
||||
[Bodo Moeller]
|
||||
|
||||
*) Changes in security patch:
|
||||
|
||||
Changes marked "(CHATS)" were sponsored by the Defense Advanced
|
||||
Research Projects Agency (DARPA) and Air Force Research Laboratory,
|
||||
Air Force Materiel Command, USAF, under agreement number
|
||||
F30602-01-2-0537.
|
||||
|
||||
*) Add various sanity checks to asn1_get_length() to reject
|
||||
the ASN1 length bytes if they exceed sizeof(long), will appear
|
||||
negative or the content length exceeds the length of the
|
||||
supplied buffer.
|
||||
[Steve Henson, Adi Stav <stav@mercury.co.il>, James Yonan <jim@ntlp.com>]
|
||||
|
||||
*) Assertions for various potential buffer overflows, not known to
|
||||
happen in practice.
|
||||
[Ben Laurie (CHATS)]
|
||||
|
||||
*) Various temporary buffers to hold ASCII versions of integers were
|
||||
too small for 64 bit platforms. (CAN-2002-0655)
|
||||
[Matthew Byng-Maddick <mbm@aldigital.co.uk> and Ben Laurie (CHATS)>
|
||||
|
||||
*) Remote buffer overflow in SSL3 protocol - an attacker could
|
||||
supply an oversized session ID to a client. (CAN-2002-0656)
|
||||
[Ben Laurie (CHATS)]
|
||||
|
||||
*) Remote buffer overflow in SSL2 protocol - an attacker could
|
||||
supply an oversized client master key. (CAN-2002-0656)
|
||||
[Ben Laurie (CHATS)]
|
||||
|
||||
Changes between 0.9.6c and 0.9.6d [9 May 2002]
|
||||
|
||||
*) Fix crypto/asn1/a_sign.c so that 'parameters' is omitted (not
|
||||
encoded as NULL) with id-dsa-with-sha1.
|
||||
[Nils Larsch <nla@trustcenter.de>; problem pointed out by Bodo Moeller]
|
||||
|
||||
*) Check various X509_...() return values in apps/req.c.
|
||||
[Nils Larsch <nla@trustcenter.de>]
|
||||
|
||||
*) Fix BASE64 decode (EVP_DecodeUpdate) for data with CR/LF ended lines:
|
||||
an end-of-file condition would erronously be flagged, when the CRLF
|
||||
was just at the end of a processed block. The bug was discovered when
|
||||
processing data through a buffering memory BIO handing the data to a
|
||||
BASE64-decoding BIO. Bug fund and patch submitted by Pavel Tsekov
|
||||
<ptsekov@syntrex.com> and Nedelcho Stanev.
|
||||
[Lutz Jaenicke]
|
||||
|
||||
*) Implement a countermeasure against a vulnerability recently found
|
||||
in CBC ciphersuites in SSL 3.0/TLS 1.0: Send an empty fragment
|
||||
before application data chunks to avoid the use of known IVs
|
||||
with data potentially chosen by the attacker.
|
||||
[Bodo Moeller]
|
||||
|
||||
*) Fix length checks in ssl3_get_client_hello().
|
||||
[Bodo Moeller]
|
||||
|
||||
*) TLS/SSL library bugfix: use s->s3->in_read_app_data differently
|
||||
to prevent ssl3_read_internal() from incorrectly assuming that
|
||||
ssl3_read_bytes() found application data while handshake
|
||||
processing was enabled when in fact s->s3->in_read_app_data was
|
||||
merely automatically cleared during the initial handshake.
|
||||
[Bodo Moeller; problem pointed out by Arne Ansper <arne@ats.cyber.ee>]
|
||||
|
||||
*) Fix object definitions for Private and Enterprise: they were not
|
||||
recognized in their shortname (=lowercase) representation. Extend
|
||||
obj_dat.pl to issue an error when using undefined keywords instead
|
||||
of silently ignoring the problem (Svenning Sorensen
|
||||
<sss@sss.dnsalias.net>).
|
||||
[Lutz Jaenicke]
|
||||
|
||||
*) Fix DH_generate_parameters() so that it works for 'non-standard'
|
||||
generators, i.e. generators other than 2 and 5. (Previously, the
|
||||
code did not properly initialise the 'add' and 'rem' values to
|
||||
BN_generate_prime().)
|
||||
|
||||
In the new general case, we do not insist that 'generator' is
|
||||
actually a primitive root: This requirement is rather pointless;
|
||||
a generator of the order-q subgroup is just as good, if not
|
||||
better.
|
||||
[Bodo Moeller]
|
||||
|
||||
*) Map new X509 verification errors to alerts. Discovered and submitted by
|
||||
Tom Wu <tom@arcot.com>.
|
||||
[Lutz Jaenicke]
|
||||
|
||||
*) Fix ssl3_pending() (ssl/s3_lib.c) to prevent SSL_pending() from
|
||||
returning non-zero before the data has been completely received
|
||||
when using non-blocking I/O.
|
||||
[Bodo Moeller; problem pointed out by John Hughes]
|
||||
|
||||
*) Some of the ciphers missed the strength entry (SSL_LOW etc).
|
||||
[Ben Laurie, Lutz Jaenicke]
|
||||
|
||||
*) Fix bug in SSL_clear(): bad sessions were not removed (found by
|
||||
Yoram Zahavi <YoramZ@gilian.com>).
|
||||
[Lutz Jaenicke]
|
||||
|
||||
*) Add information about CygWin 1.3 and on, and preserve proper
|
||||
configuration for the versions before that.
|
||||
[Corinna Vinschen <vinschen@redhat.com> and Richard Levitte]
|
||||
|
||||
*) Make removal from session cache (SSL_CTX_remove_session()) more robust:
|
||||
check whether we deal with a copy of a session and do not delete from
|
||||
the cache in this case. Problem reported by "Izhar Shoshani Levi"
|
||||
<izhar@checkpoint.com>.
|
||||
[Lutz Jaenicke]
|
||||
|
||||
*) Do not store session data into the internal session cache, if it
|
||||
is never intended to be looked up (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP
|
||||
flag is set). Proposed by Aslam <aslam@funk.com>.
|
||||
[Lutz Jaenicke]
|
||||
|
||||
*) Have ASN1_BIT_STRING_set_bit() really clear a bit when the requested
|
||||
value is 0.
|
||||
[Richard Levitte]
|
||||
|
||||
*) [In 0.9.6c-engine release:]
|
||||
Fix a crashbug and a logic bug in hwcrhk_load_pubkey()
|
||||
[Toomas Kiisk <vix@cyber.ee> via Richard Levitte]
|
||||
|
||||
*) Add the configuration target linux-s390x.
|
||||
[Neale Ferguson <Neale.Ferguson@SoftwareAG-USA.com> via Richard Levitte]
|
||||
|
||||
*) The earlier bugfix for the SSL3_ST_SW_HELLO_REQ_C case of
|
||||
ssl3_accept (ssl/s3_srvr.c) incorrectly used a local flag
|
||||
variable as an indication that a ClientHello message has been
|
||||
received. As the flag value will be lost between multiple
|
||||
invocations of ssl3_accept when using non-blocking I/O, the
|
||||
function may not be aware that a handshake has actually taken
|
||||
place, thus preventing a new session from being added to the
|
||||
session cache.
|
||||
|
||||
To avoid this problem, we now set s->new_session to 2 instead of
|
||||
using a local variable.
|
||||
[Lutz Jaenicke, Bodo Moeller]
|
||||
|
||||
*) Bugfix: Return -1 from ssl3_get_server_done (ssl3/s3_clnt.c)
|
||||
if the SSL_R_LENGTH_MISMATCH error is detected.
|
||||
[Geoff Thorpe, Bodo Moeller]
|
||||
|
||||
*) New 'shared_ldflag' column in Configure platform table.
|
||||
[Richard Levitte]
|
||||
|
||||
*) Fix EVP_CIPHER_mode macro.
|
||||
["Dan S. Camper" <dan@bti.net>]
|
||||
|
||||
*) Fix ssl3_read_bytes (ssl/s3_pkt.c): To ignore messages of unknown
|
||||
type, we must throw them away by setting rr->length to 0.
|
||||
[D P Chang <dpc@qualys.com>]
|
||||
|
||||
Changes between 0.9.6b and 0.9.6c [21 dec 2001]
|
||||
|
||||
*) Fix BN_rand_range bug pointed out by Dominikus Scherkl
|
||||
<Dominikus.Scherkl@biodata.com>. (The previous implementation
|
||||
worked incorrectly for those cases where range = 10..._2 and
|
||||
3*range is two bits longer than range.)
|
||||
[Bodo Moeller]
|
||||
|
||||
*) Only add signing time to PKCS7 structures if it is not already
|
||||
present.
|
||||
[Steve Henson]
|
||||
|
||||
*) Fix crypto/objects/objects.h: "ld-ce" should be "id-ce",
|
||||
OBJ_ld_ce should be OBJ_id_ce.
|
||||
Also some ip-pda OIDs in crypto/objects/objects.txt were
|
||||
incorrect (cf. RFC 3039).
|
||||
[Matt Cooper, Frederic Giudicelli, Bodo Moeller]
|
||||
|
||||
*) Release CRYPTO_LOCK_DYNLOCK when CRYPTO_destroy_dynlockid()
|
||||
returns early because it has nothing to do.
|
||||
[Andy Schneider <andy.schneider@bjss.co.uk>]
|
||||
|
||||
*) [In 0.9.6c-engine release:]
|
||||
Fix mutex callback return values in crypto/engine/hw_ncipher.c.
|
||||
[Andy Schneider <andy.schneider@bjss.co.uk>]
|
||||
|
||||
*) [In 0.9.6c-engine release:]
|
||||
Add support for Cryptographic Appliance's keyserver technology.
|
||||
(Use engine 'keyclient')
|
||||
[Cryptographic Appliances and Geoff Thorpe]
|
||||
|
||||
*) Add a configuration entry for OS/390 Unix. The C compiler 'c89'
|
||||
is called via tools/c89.sh because arguments have to be
|
||||
rearranged (all '-L' options must appear before the first object
|
||||
modules).
|
||||
[Richard Shapiro <rshapiro@abinitio.com>]
|
||||
|
||||
*) [In 0.9.6c-engine release:]
|
||||
Add support for Broadcom crypto accelerator cards, backported
|
||||
from 0.9.7.
|
||||
[Broadcom, Nalin Dahyabhai <nalin@redhat.com>, Mark Cox]
|
||||
|
||||
*) [In 0.9.6c-engine release:]
|
||||
Add support for SureWare crypto accelerator cards from
|
||||
Baltimore Technologies. (Use engine 'sureware')
|
||||
[Baltimore Technologies and Mark Cox]
|
||||
|
||||
*) [In 0.9.6c-engine release:]
|
||||
Add support for crypto accelerator cards from Accelerated
|
||||
Encryption Processing, www.aep.ie. (Use engine 'aep')
|
||||
[AEP Inc. and Mark Cox]
|
||||
|
||||
*) Add a configuration entry for gcc on UnixWare.
|
||||
[Gary Benson <gbenson@redhat.com>]
|
||||
|
||||
*) Change ssl/s2_clnt.c and ssl/s2_srvr.c so that received handshake
|
||||
messages are stored in a single piece (fixed-length part and
|
||||
variable-length part combined) and fix various bugs found on the way.
|
||||
[Bodo Moeller]
|
||||
|
||||
*) Disable caching in BIO_gethostbyname(), directly use gethostbyname()
|
||||
instead. BIO_gethostbyname() does not know what timeouts are
|
||||
appropriate, so entries would stay in cache even when they have
|
||||
become invalid.
|
||||
[Bodo Moeller; problem pointed out by Rich Salz <rsalz@zolera.com>
|
||||
|
||||
*) Change ssl23_get_client_hello (ssl/s23_srvr.c) behaviour when
|
||||
faced with a pathologically small ClientHello fragment that does
|
||||
not contain client_version: Instead of aborting with an error,
|
||||
simply choose the highest available protocol version (i.e.,
|
||||
TLS 1.0 unless it is disabled). In practice, ClientHello
|
||||
messages are never sent like this, but this change gives us
|
||||
strictly correct behaviour at least for TLS.
|
||||
[Bodo Moeller]
|
||||
|
||||
*) Fix SSL handshake functions and SSL_clear() such that SSL_clear()
|
||||
never resets s->method to s->ctx->method when called from within
|
||||
one of the SSL handshake functions.
|
||||
[Bodo Moeller; problem pointed out by Niko Baric]
|
||||
|
||||
*) In ssl3_get_client_hello (ssl/s3_srvr.c), generate a fatal alert
|
||||
(sent using the client's version number) if client_version is
|
||||
smaller than the protocol version in use. Also change
|
||||
ssl23_get_client_hello (ssl/s23_srvr.c) to select TLS 1.0 if
|
||||
the client demanded SSL 3.0 but only TLS 1.0 is enabled; then
|
||||
the client will at least see that alert.
|
||||
[Bodo Moeller]
|
||||
|
||||
*) Fix ssl3_get_message (ssl/s3_both.c) to handle message fragmentation
|
||||
correctly.
|
||||
[Bodo Moeller]
|
||||
|
||||
*) Avoid infinite loop in ssl3_get_message (ssl/s3_both.c) if a
|
||||
client receives HelloRequest while in a handshake.
|
||||
[Bodo Moeller; bug noticed by Andy Schneider <andy.schneider@bjss.co.uk>]
|
||||
|
||||
*) Bugfix in ssl3_accept (ssl/s3_srvr.c): Case SSL3_ST_SW_HELLO_REQ_C
|
||||
should end in 'break', not 'goto end' which circuments various
|
||||
cleanups done in state SSL_ST_OK. But session related stuff
|
||||
must be disabled for SSL_ST_OK in the case that we just sent a
|
||||
HelloRequest.
|
||||
|
||||
Also avoid some overhead by not calling ssl_init_wbio_buffer()
|
||||
before just sending a HelloRequest.
|
||||
[Bodo Moeller, Eric Rescorla <ekr@rtfm.com>]
|
||||
|
||||
*) Fix ssl/s3_enc.c, ssl/t1_enc.c and ssl/s3_pkt.c so that we don't
|
||||
reveal whether illegal block cipher padding was found or a MAC
|
||||
verification error occured. (Neither SSLerr() codes nor alerts
|
||||
are directly visible to potential attackers, but the information
|
||||
may leak via logfiles.)
|
||||
|
||||
Similar changes are not required for the SSL 2.0 implementation
|
||||
because the number of padding bytes is sent in clear for SSL 2.0,
|
||||
and the extra bytes are just ignored. However ssl/s2_pkt.c
|
||||
failed to verify that the purported number of padding bytes is in
|
||||
the legal range.
|
||||
[Bodo Moeller]
|
||||
|
||||
*) Add OpenUNIX-8 support including shared libraries
|
||||
(Boyd Lynn Gerber <gerberb@zenez.com>).
|
||||
[Lutz Jaenicke]
|
||||
|
||||
*) Improve RSA_padding_check_PKCS1_OAEP() check again to avoid
|
||||
'wristwatch attack' using huge encoding parameters (cf.
|
||||
James H. Manger's CRYPTO 2001 paper). Note that the
|
||||
RSA_PKCS1_OAEP_PADDING case of RSA_private_decrypt() does not use
|
||||
encoding parameters and hence was not vulnerable.
|
||||
[Bodo Moeller]
|
||||
|
||||
*) BN_sqr() bug fix.
|
||||
[Ulf M<>ller, reported by Jim Ellis <jim.ellis@cavium.com>]
|
||||
|
||||
*) Rabin-Miller test analyses assume uniformly distributed witnesses,
|
||||
so use BN_pseudo_rand_range() instead of using BN_pseudo_rand()
|
||||
followed by modular reduction.
|
||||
[Bodo Moeller; pointed out by Adam Young <AYoung1@NCSUS.JNJ.COM>]
|
||||
|
||||
*) Add BN_pseudo_rand_range() with obvious functionality: BN_rand_range()
|
||||
equivalent based on BN_pseudo_rand() instead of BN_rand().
|
||||
[Bodo Moeller]
|
||||
|
||||
*) s3_srvr.c: allow sending of large client certificate lists (> 16 kB).
|
||||
This function was broken, as the check for a new client hello message
|
||||
to handle SGC did not allow these large messages.
|
||||
(Tracked down by "Douglas E. Engert" <deengert@anl.gov>.)
|
||||
[Lutz Jaenicke]
|
||||
|
||||
*) Add alert descriptions for TLSv1 to SSL_alert_desc_string[_long]().
|
||||
[Lutz Jaenicke]
|
||||
|
||||
*) Fix buggy behaviour of BIO_get_num_renegotiates() and BIO_ctrl()
|
||||
for BIO_C_GET_WRITE_BUF_SIZE ("Stephen Hinton" <shinton@netopia.com>).
|
||||
[Lutz Jaenicke]
|
||||
|
||||
*) Rework the configuration and shared library support for Tru64 Unix.
|
||||
The configuration part makes use of modern compiler features and
|
||||
still retains old compiler behavior for those that run older versions
|
||||
of the OS. The shared library support part includes a variant that
|
||||
uses the RPATH feature, and is available through the special
|
||||
configuration target "alpha-cc-rpath", which will never be selected
|
||||
automatically.
|
||||
[Tim Mooney <mooney@dogbert.cc.ndsu.NoDak.edu> via Richard Levitte]
|
||||
|
||||
*) In ssl3_get_key_exchange (ssl/s3_clnt.c), call ssl3_get_message()
|
||||
with the same message size as in ssl3_get_certificate_request().
|
||||
Otherwise, if no ServerKeyExchange message occurs, CertificateRequest
|
||||
messages might inadvertently be reject as too long.
|
||||
[Petr Lampa <lampa@fee.vutbr.cz>]
|
||||
|
||||
*) Enhanced support for IA-64 Unix platforms (well, Linux and HP-UX).
|
||||
[Andy Polyakov]
|
||||
|
||||
*) Modified SSL library such that the verify_callback that has been set
|
||||
specificly for an SSL object with SSL_set_verify() is actually being
|
||||
used. Before the change, a verify_callback set with this function was
|
||||
ignored and the verify_callback() set in the SSL_CTX at the time of
|
||||
the call was used. New function X509_STORE_CTX_set_verify_cb() introduced
|
||||
to allow the necessary settings.
|
||||
[Lutz Jaenicke]
|
||||
|
||||
*) Initialize static variable in crypto/dsa/dsa_lib.c and crypto/dh/dh_lib.c
|
||||
explicitly to NULL, as at least on Solaris 8 this seems not always to be
|
||||
done automatically (in contradiction to the requirements of the C
|
||||
standard). This made problems when used from OpenSSH.
|
||||
[Lutz Jaenicke]
|
||||
|
||||
*) In OpenSSL 0.9.6a and 0.9.6b, crypto/dh/dh_key.c ignored
|
||||
dh->length and always used
|
||||
|
||||
BN_rand_range(priv_key, dh->p).
|
||||
|
||||
BN_rand_range() is not necessary for Diffie-Hellman, and this
|
||||
specific range makes Diffie-Hellman unnecessarily inefficient if
|
||||
dh->length (recommended exponent length) is much smaller than the
|
||||
length of dh->p. We could use BN_rand_range() if the order of
|
||||
the subgroup was stored in the DH structure, but we only have
|
||||
dh->length.
|
||||
|
||||
So switch back to
|
||||
|
||||
BN_rand(priv_key, l, ...)
|
||||
|
||||
where 'l' is dh->length if this is defined, or BN_num_bits(dh->p)-1
|
||||
otherwise.
|
||||
[Bodo Moeller]
|
||||
|
||||
*) In
|
||||
|
||||
RSA_eay_public_encrypt
|
||||
RSA_eay_private_decrypt
|
||||
RSA_eay_private_encrypt (signing)
|
||||
RSA_eay_public_decrypt (signature verification)
|
||||
|
||||
(default implementations for RSA_public_encrypt,
|
||||
RSA_private_decrypt, RSA_private_encrypt, RSA_public_decrypt),
|
||||
always reject numbers >= n.
|
||||
[Bodo Moeller]
|
||||
|
||||
*) In crypto/rand/md_rand.c, use a new short-time lock CRYPTO_LOCK_RAND2
|
||||
to synchronize access to 'locking_thread'. This is necessary on
|
||||
systems where access to 'locking_thread' (an 'unsigned long'
|
||||
variable) is not atomic.
|
||||
[Bodo Moeller]
|
||||
|
||||
*) In crypto/rand/md_rand.c, set 'locking_thread' to current thread's ID
|
||||
*before* setting the 'crypto_lock_rand' flag. The previous code had
|
||||
a race condition if 0 is a valid thread ID.
|
||||
[Travis Vitek <vitek@roguewave.com>]
|
||||
|
||||
*) Add support for shared libraries under Irix.
|
||||
[Albert Chin-A-Young <china@thewrittenword.com>]
|
||||
|
||||
*) Add configuration option to build on Linux on both big-endian and
|
||||
little-endian MIPS.
|
||||
[Ralf Baechle <ralf@uni-koblenz.de>]
|
||||
|
||||
*) Add the possibility to create shared libraries on HP-UX.
|
||||
[Richard Levitte]
|
||||
|
||||
Changes between 0.9.6a and 0.9.6b [9 Jul 2001]
|
||||
|
||||
*) Change ssleay_rand_bytes (crypto/rand/md_rand.c)
|
||||
to avoid a SSLeay/OpenSSL PRNG weakness pointed out by
|
||||
Markku-Juhani O. Saarinen <markku-juhani.saarinen@nokia.com>:
|
||||
PRNG state recovery was possible based on the output of
|
||||
one PRNG request appropriately sized to gain knowledge on
|
||||
'md' followed by enough consecutive 1-byte PRNG requests
|
||||
to traverse all of 'state'.
|
||||
|
||||
1. When updating 'md_local' (the current thread's copy of 'md')
|
||||
during PRNG output generation, hash all of the previous
|
||||
'md_local' value, not just the half used for PRNG output.
|
||||
|
||||
2. Make the number of bytes from 'state' included into the hash
|
||||
independent from the number of PRNG bytes requested.
|
||||
|
||||
The first measure alone would be sufficient to avoid
|
||||
Markku-Juhani's attack. (Actually it had never occurred
|
||||
to me that the half of 'md_local' used for chaining was the
|
||||
half from which PRNG output bytes were taken -- I had always
|
||||
assumed that the secret half would be used.) The second
|
||||
measure makes sure that additional data from 'state' is never
|
||||
mixed into 'md_local' in small portions; this heuristically
|
||||
further strengthens the PRNG.
|
||||
[Bodo Moeller]
|
||||
|
||||
*) Fix crypto/bn/asm/mips3.s.
|
||||
[Andy Polyakov]
|
||||
|
||||
*) When only the key is given to "enc", the IV is undefined. Print out
|
||||
an error message in this case.
|
||||
[Lutz Jaenicke]
|
||||
|
||||
*) Handle special case when X509_NAME is empty in X509 printing routines.
|
||||
[Steve Henson]
|
||||
|
||||
*) In dsa_do_verify (crypto/dsa/dsa_ossl.c), verify that r and s are
|
||||
positive and less than q.
|
||||
[Bodo Moeller]
|
||||
|
||||
*) Don't change *pointer in CRYPTO_add_lock() is add_lock_callback is
|
||||
used: it isn't thread safe and the add_lock_callback should handle
|
||||
that itself.
|
||||
[Paul Rose <Paul.Rose@bridge.com>]
|
||||
|
||||
*) Verify that incoming data obeys the block size in
|
||||
ssl3_enc (ssl/s3_enc.c) and tls1_enc (ssl/t1_enc.c).
|
||||
[Bodo Moeller]
|
||||
|
||||
*) Fix OAEP check.
|
||||
[Ulf M<>ller, Bodo M<>ller]
|
||||
|
||||
*) The countermeasure against Bleichbacher's attack on PKCS #1 v1.5
|
||||
RSA encryption was accidentally removed in s3_srvr.c in OpenSSL 0.9.5
|
||||
when fixing the server behaviour for backwards-compatible 'client
|
||||
hello' messages. (Note that the attack is impractical against
|
||||
SSL 3.0 and TLS 1.0 anyway because length and version checking
|
||||
means that the probability of guessing a valid ciphertext is
|
||||
around 2^-40; see section 5 in Bleichenbacher's CRYPTO '98
|
||||
paper.)
|
||||
|
||||
Before 0.9.5, the countermeasure (hide the error by generating a
|
||||
random 'decryption result') did not work properly because
|
||||
ERR_clear_error() was missing, meaning that SSL_get_error() would
|
||||
detect the supposedly ignored error.
|
||||
|
||||
Both problems are now fixed.
|
||||
[Bodo Moeller]
|
||||
|
||||
*) In crypto/bio/bf_buff.c, increase DEFAULT_BUFFER_SIZE to 4096
|
||||
(previously it was 1024).
|
||||
[Bodo Moeller]
|
||||
|
||||
*) Fix for compatibility mode trust settings: ignore trust settings
|
||||
unless some valid trust or reject settings are present.
|
||||
[Steve Henson]
|
||||
|
||||
*) Fix for blowfish EVP: its a variable length cipher.
|
||||
[Steve Henson]
|
||||
|
||||
*) Fix various bugs related to DSA S/MIME verification. Handle missing
|
||||
parameters in DSA public key structures and return an error in the
|
||||
DSA routines if parameters are absent.
|
||||
[Steve Henson]
|
||||
|
||||
*) In versions up to 0.9.6, RAND_file_name() resorted to file ".rnd"
|
||||
in the current directory if neither $RANDFILE nor $HOME was set.
|
||||
RAND_file_name() in 0.9.6a returned NULL in this case. This has
|
||||
caused some confusion to Windows users who haven't defined $HOME.
|
||||
Thus RAND_file_name() is changed again: e_os.h can define a
|
||||
DEFAULT_HOME, which will be used if $HOME is not set.
|
||||
For Windows, we use "C:"; on other platforms, we still require
|
||||
environment variables.
|
||||
|
||||
*) Move 'if (!initialized) RAND_poll()' into regions protected by
|
||||
CRYPTO_LOCK_RAND. This is not strictly necessary, but avoids
|
||||
having multiple threads call RAND_poll() concurrently.
|
||||
[Bodo Moeller]
|
||||
|
||||
*) In crypto/rand/md_rand.c, replace 'add_do_not_lock' flag by a
|
||||
combination of a flag and a thread ID variable.
|
||||
Otherwise while one thread is in ssleay_rand_bytes (which sets the
|
||||
flag), *other* threads can enter ssleay_add_bytes without obeying
|
||||
the CRYPTO_LOCK_RAND lock (and may even illegally release the lock
|
||||
that they do not hold after the first thread unsets add_do_not_lock).
|
||||
[Bodo Moeller]
|
||||
|
||||
*) Change bctest again: '-x' expressions are not available in all
|
||||
versions of 'test'.
|
||||
[Bodo Moeller]
|
||||
|
||||
Changes between 0.9.6 and 0.9.6a [5 Apr 2001]
|
||||
|
||||
*) Fix a couple of memory leaks in PKCS7_dataDecode()
|
||||
[Steve Henson, reported by Heyun Zheng <hzheng@atdsprint.com>]
|
||||
|
||||
*) Change Configure and Makefiles to provide EXE_EXT, which will contain
|
||||
the default extension for executables, if any. Also, make the perl
|
||||
scripts that use symlink() to test if it really exists and use "cp"
|
||||
if it doesn't. All this made OpenSSL compilable and installable in
|
||||
CygWin.
|
||||
[Richard Levitte]
|
||||
|
||||
*) Fix for asn1_GetSequence() for indefinite length constructed data.
|
||||
If SEQUENCE is length is indefinite just set c->slen to the total
|
||||
amount of data available.
|
||||
[Steve Henson, reported by shige@FreeBSD.org]
|
||||
[This change does not apply to 0.9.7.]
|
||||
|
||||
*) Change bctest to avoid here-documents inside command substitution
|
||||
(workaround for FreeBSD /bin/sh bug).
|
||||
For compatibility with Ultrix, avoid shell functions (introduced
|
||||
in the bctest version that searches along $PATH).
|
||||
[Bodo Moeller]
|
||||
|
||||
*) Rename 'des_encrypt' to 'des_encrypt1'. This avoids the clashes
|
||||
with des_encrypt() defined on some operating systems, like Solaris
|
||||
and UnixWare.
|
||||
[Richard Levitte]
|
||||
|
||||
*) Check the result of RSA-CRT (see D. Boneh, R. DeMillo, R. Lipton:
|
||||
On the Importance of Eliminating Errors in Cryptographic
|
||||
Computations, J. Cryptology 14 (2001) 2, 101-119,
|
||||
http://theory.stanford.edu/~dabo/papers/faults.ps.gz).
|
||||
[Ulf Moeller]
|
||||
|
||||
*) MIPS assembler BIGNUM division bug fix.
|
||||
[Andy Polyakov]
|
||||
|
||||
*) Disabled incorrect Alpha assembler code.
|
||||
[Richard Levitte]
|
||||
|
||||
*) Fix PKCS#7 decode routines so they correctly update the length
|
||||
after reading an EOC for the EXPLICIT tag.
|
||||
[Steve Henson]
|
||||
[This change does not apply to 0.9.7.]
|
||||
|
||||
*) Fix bug in PKCS#12 key generation routines. This was triggered
|
||||
if a 3DES key was generated with a 0 initial byte. Include
|
||||
PKCS12_BROKEN_KEYGEN compilation option to retain the old
|
||||
(but broken) behaviour.
|
||||
[Steve Henson]
|
||||
|
||||
*) Enhance bctest to search for a working bc along $PATH and print
|
||||
it when found.
|
||||
[Tim Rice <tim@multitalents.net> via Richard Levitte]
|
||||
|
||||
*) Fix memory leaks in err.c: free err_data string if necessary;
|
||||
don't write to the wrong index in ERR_set_error_data.
|
||||
[Bodo Moeller]
|
||||
|
||||
*) Implement ssl23_peek (analogous to ssl23_read), which previously
|
||||
did not exist.
|
||||
[Bodo Moeller]
|
||||
|
||||
*) Replace rdtsc with _emit statements for VC++ version 5.
|
||||
[Jeremy Cooper <jeremy@baymoo.org>]
|
||||
|
||||
*) Make it possible to reuse SSLv2 sessions.
|
||||
[Richard Levitte]
|
||||
|
||||
*) In copy_email() check for >= 0 as a return value for
|
||||
X509_NAME_get_index_by_NID() since 0 is a valid index.
|
||||
[Steve Henson reported by Massimiliano Pala <madwolf@opensca.org>]
|
||||
|
||||
*) Avoid coredump with unsupported or invalid public keys by checking if
|
||||
X509_get_pubkey() fails in PKCS7_verify(). Fix memory leak when
|
||||
PKCS7_verify() fails with non detached data.
|
||||
[Steve Henson]
|
||||
|
||||
*) Don't use getenv in library functions when run as setuid/setgid.
|
||||
New function OPENSSL_issetugid().
|
||||
[Ulf Moeller]
|
||||
|
||||
*) Avoid false positives in memory leak detection code (crypto/mem_dbg.c)
|
||||
due to incorrect handling of multi-threading:
|
||||
|
||||
1. Fix timing glitch in the MemCheck_off() portion of CRYPTO_mem_ctrl().
|
||||
|
||||
2. Fix logical glitch in is_MemCheck_on() aka CRYPTO_is_mem_check_on().
|
||||
|
||||
3. Count how many times MemCheck_off() has been called so that
|
||||
nested use can be treated correctly. This also avoids
|
||||
inband-signalling in the previous code (which relied on the
|
||||
assumption that thread ID 0 is impossible).
|
||||
[Bodo Moeller]
|
||||
|
||||
*) Add "-rand" option also to s_client and s_server.
|
||||
[Lutz Jaenicke]
|
||||
|
||||
*) Fix CPU detection on Irix 6.x.
|
||||
[Kurt Hockenbury <khockenb@stevens-tech.edu> and
|
||||
"Bruce W. Forsberg" <bruce.forsberg@baesystems.com>]
|
||||
|
||||
*) Fix X509_NAME bug which produced incorrect encoding if X509_NAME
|
||||
was empty.
|
||||
[Steve Henson]
|
||||
[This change does not apply to 0.9.7.]
|
||||
|
||||
*) Use the cached encoding of an X509_NAME structure rather than
|
||||
copying it. This is apparently the reason for the libsafe "errors"
|
||||
but the code is actually correct.
|
||||
[Steve Henson]
|
||||
|
||||
*) Add new function BN_rand_range(), and fix DSA_sign_setup() to prevent
|
||||
Bleichenbacher's DSA attack.
|
||||
Extend BN_[pseudo_]rand: As before, top=1 forces the highest two bits
|
||||
to be set and top=0 forces the highest bit to be set; top=-1 is new
|
||||
and leaves the highest bit random.
|
||||
[Ulf Moeller, Bodo Moeller]
|
||||
|
||||
*) In the NCONF_...-based implementations for CONF_... queries
|
||||
(crypto/conf/conf_lib.c), if the input LHASH is NULL, avoid using
|
||||
a temporary CONF structure with the data component set to NULL
|
||||
(which gives segmentation faults in lh_retrieve).
|
||||
Instead, use NULL for the CONF pointer in CONF_get_string and
|
||||
CONF_get_number (which may use environment variables) and directly
|
||||
return NULL from CONF_get_section.
|
||||
[Bodo Moeller]
|
||||
|
||||
*) Fix potential buffer overrun for EBCDIC.
|
||||
[Ulf Moeller]
|
||||
|
||||
*) Tolerate nonRepudiation as being valid for S/MIME signing and certSign
|
||||
keyUsage if basicConstraints absent for a CA.
|
||||
[Steve Henson]
|
||||
|
||||
*) Make SMIME_write_PKCS7() write mail header values with a format that
|
||||
is more generally accepted (no spaces before the semicolon), since
|
||||
some programs can't parse those values properly otherwise. Also make
|
||||
sure BIO's that break lines after each write do not create invalid
|
||||
headers.
|
||||
[Richard Levitte]
|
||||
|
||||
*) Make the CRL encoding routines work with empty SEQUENCE OF. The
|
||||
macros previously used would not encode an empty SEQUENCE OF
|
||||
and break the signature.
|
||||
[Steve Henson]
|
||||
[This change does not apply to 0.9.7.]
|
||||
|
||||
*) Zero the premaster secret after deriving the master secret in
|
||||
DH ciphersuites.
|
||||
[Steve Henson]
|
||||
|
||||
*) Add some EVP_add_digest_alias registrations (as found in
|
||||
OpenSSL_add_all_digests()) to SSL_library_init()
|
||||
aka OpenSSL_add_ssl_algorithms(). This provides improved
|
||||
compatibility with peers using X.509 certificates
|
||||
with unconventional AlgorithmIdentifier OIDs.
|
||||
[Bodo Moeller]
|
||||
|
||||
*) Fix for Irix with NO_ASM.
|
||||
["Bruce W. Forsberg" <bruce.forsberg@baesystems.com>]
|
||||
|
||||
*) ./config script fixes.
|
||||
[Ulf Moeller, Richard Levitte]
|
||||
|
||||
*) Fix 'openssl passwd -1'.
|
||||
[Bodo Moeller]
|
||||
|
||||
*) Change PKCS12_key_gen_asc() so it can cope with non null
|
||||
terminated strings whose length is passed in the passlen
|
||||
parameter, for example from PEM callbacks. This was done
|
||||
by adding an extra length parameter to asc2uni().
|
||||
[Steve Henson, reported by <oddissey@samsung.co.kr>]
|
||||
|
||||
*) Fix C code generated by 'openssl dsaparam -C': If a BN_bin2bn
|
||||
call failed, free the DSA structure.
|
||||
[Bodo Moeller]
|
||||
|
||||
*) Fix to uni2asc() to cope with zero length Unicode strings.
|
||||
These are present in some PKCS#12 files.
|
||||
[Steve Henson]
|
||||
|
||||
*) Increase s2->wbuf allocation by one byte in ssl2_new (ssl/s2_lib.c).
|
||||
Otherwise do_ssl_write (ssl/s2_pkt.c) will write beyond buffer limits
|
||||
when writing a 32767 byte record.
|
||||
[Bodo Moeller; problem reported by Eric Day <eday@concentric.net>]
|
||||
|
||||
*) In RSA_eay_public_{en,ed}crypt and RSA_eay_mod_exp (rsa_eay.c),
|
||||
obtain lock CRYPTO_LOCK_RSA before setting rsa->_method_mod_{n,p,q}.
|
||||
|
||||
(RSA objects have a reference count access to which is protected
|
||||
by CRYPTO_LOCK_RSA [see rsa_lib.c, s3_srvr.c, ssl_cert.c, ssl_rsa.c],
|
||||
so they are meant to be shared between threads.)
|
||||
[Bodo Moeller, Geoff Thorpe; original patch submitted by
|
||||
"Reddie, Steven" <Steven.Reddie@ca.com>]
|
||||
|
||||
*) Fix a deadlock in CRYPTO_mem_leaks().
|
||||
[Bodo Moeller]
|
||||
|
||||
*) Use better test patterns in bntest.
|
||||
[Ulf M<>ller]
|
||||
|
||||
*) rand_win.c fix for Borland C.
|
||||
[Ulf M<>ller]
|
||||
|
||||
*) BN_rshift bugfix for n == 0.
|
||||
[Bodo Moeller]
|
||||
|
||||
*) Add a 'bctest' script that checks for some known 'bc' bugs
|
||||
so that 'make test' does not abort just because 'bc' is broken.
|
||||
[Bodo Moeller]
|
||||
|
||||
*) Store verify_result within SSL_SESSION also for client side to
|
||||
avoid potential security hole. (Re-used sessions on the client side
|
||||
always resulted in verify_result==X509_V_OK, not using the original
|
||||
result of the server certificate verification.)
|
||||
[Lutz Jaenicke]
|
||||
|
||||
*) Fix ssl3_pending: If the record in s->s3->rrec is not of type
|
||||
SSL3_RT_APPLICATION_DATA, return 0.
|
||||
Similarly, change ssl2_pending to return 0 if SSL_in_init(s) is true.
|
||||
[Bodo Moeller]
|
||||
|
||||
*) Fix SSL_peek:
|
||||
Both ssl2_peek and ssl3_peek, which were totally broken in earlier
|
||||
releases, have been re-implemented by renaming the previous
|
||||
implementations of ssl2_read and ssl3_read to ssl2_read_internal
|
||||
and ssl3_read_internal, respectively, and adding 'peek' parameters
|
||||
to them. The new ssl[23]_{read,peek} functions are calls to
|
||||
ssl[23]_read_internal with the 'peek' flag set appropriately.
|
||||
A 'peek' parameter has also been added to ssl3_read_bytes, which
|
||||
does the actual work for ssl3_read_internal.
|
||||
[Bodo Moeller]
|
||||
|
||||
*) Initialise "ex_data" member of RSA/DSA/DH structures prior to calling
|
||||
the method-specific "init()" handler. Also clean up ex_data after
|
||||
calling the method-specific "finish()" handler. Previously, this was
|
||||
happening the other way round.
|
||||
[Geoff Thorpe]
|
||||
|
||||
*) Increase BN_CTX_NUM (the number of BIGNUMs in a BN_CTX) to 16.
|
||||
The previous value, 12, was not always sufficient for BN_mod_exp().
|
||||
[Bodo Moeller]
|
||||
|
||||
*) Make sure that shared libraries get the internal name engine with
|
||||
the full version number and not just 0. This should mark the
|
||||
shared libraries as not backward compatible. Of course, this should
|
||||
be changed again when we can guarantee backward binary compatibility.
|
||||
[Richard Levitte]
|
||||
|
||||
*) Fix typo in get_cert_by_subject() in by_dir.c
|
||||
[Jean-Marc Desperrier <jean-marc.desperrier@certplus.com>]
|
||||
|
||||
*) Rework the system to generate shared libraries:
|
||||
|
||||
- Make note of the expected extension for the shared libraries and
|
||||
if there is a need for symbolic links from for example libcrypto.so.0
|
||||
to libcrypto.so.0.9.7. There is extended info in Configure for
|
||||
that.
|
||||
|
||||
- Make as few rebuilds of the shared libraries as possible.
|
||||
|
||||
- Still avoid linking the OpenSSL programs with the shared libraries.
|
||||
|
||||
- When installing, install the shared libraries separately from the
|
||||
static ones.
|
||||
[Richard Levitte]
|
||||
|
||||
*) Fix SSL_CTX_set_read_ahead macro to actually use its argument.
|
||||
|
||||
Copy SSL_CTX's read_ahead flag to SSL object directly in SSL_new
|
||||
and not in SSL_clear because the latter is also used by the
|
||||
accept/connect functions; previously, the settings made by
|
||||
SSL_set_read_ahead would be lost during the handshake.
|
||||
[Bodo Moeller; problems reported by Anders Gertz <gertz@epact.se>]
|
||||
|
||||
*) Correct util/mkdef.pl to be selective about disabled algorithms.
|
||||
Previously, it would create entries for disableed algorithms no
|
||||
matter what.
|
||||
[Richard Levitte]
|
||||
|
||||
*) Added several new manual pages for SSL_* function.
|
||||
[Lutz Jaenicke]
|
||||
|
||||
Changes between 0.9.5a and 0.9.6 [24 Sep 2000]
|
||||
|
||||
*) In ssl23_get_client_hello, generate an error message when faced
|
||||
with an initial SSL 3.0/TLS record that is too small to contain the
|
||||
first two bytes of the ClientHello message, i.e. client_version.
|
||||
(Note that this is a pathologic case that probably has never happened
|
||||
in real life.) The previous approach was to use the version number
|
||||
from the record header as a substitute; but our protocol choice
|
||||
should not depend on that one because it is not authenticated
|
||||
by the Finished messages.
|
||||
[Bodo Moeller]
|
||||
|
||||
*) More robust randomness gathering functions for Windows.
|
||||
[Jeffrey Altman <jaltman@columbia.edu>]
|
||||
|
||||
*) For compatibility reasons if the flag X509_V_FLAG_ISSUER_CHECK is
|
||||
not set then we don't setup the error code for issuer check errors
|
||||
to avoid possibly overwriting other errors which the callback does
|
||||
handle. If an application does set the flag then we assume it knows
|
||||
what it is doing and can handle the new informational codes
|
||||
appropriately.
|
||||
[Steve Henson]
|
||||
|
||||
*) Fix for a nasty bug in ASN1_TYPE handling. ASN1_TYPE is used for
|
||||
a general "ANY" type, as such it should be able to decode anything
|
||||
including tagged types. However it didn't check the class so it would
|
||||
wrongly interpret tagged types in the same way as their universal
|
||||
counterpart and unknown types were just rejected. Changed so that the
|
||||
tagged and unknown types are handled in the same way as a SEQUENCE:
|
||||
that is the encoding is stored intact. There is also a new type
|
||||
"V_ASN1_OTHER" which is used when the class is not universal, in this
|
||||
case we have no idea what the actual type is so we just lump them all
|
||||
together.
|
||||
[Steve Henson]
|
||||
|
||||
*) On VMS, stdout may very well lead to a file that is written to
|
||||
in a record-oriented fashion. That means that every write() will
|
||||
write a separate record, which will be read separately by the
|
||||
programs trying to read from it. This can be very confusing.
|
||||
|
||||
The solution is to put a BIO filter in the way that will buffer
|
||||
text until a linefeed is reached, and then write everything a
|
||||
line at a time, so every record written will be an actual line,
|
||||
not chunks of lines and not (usually doesn't happen, but I've
|
||||
seen it once) several lines in one record. BIO_f_linebuffer() is
|
||||
the answer.
|
||||
|
||||
Currently, it's a VMS-only method, because that's where it has
|
||||
been tested well enough.
|
||||
[Richard Levitte]
|
||||
|
||||
*) Remove 'optimized' squaring variant in BN_mod_mul_montgomery,
|
||||
it can return incorrect results.
|
||||
(Note: The buggy variant was not enabled in OpenSSL 0.9.5a,
|
||||
but it was in 0.9.6-beta[12].)
|
||||
[Bodo Moeller]
|
||||
|
||||
*) Disable the check for content being present when verifying detached
|
||||
signatures in pk7_smime.c. Some versions of Netscape (wrongly)
|
||||
include zero length content when signing messages.
|
||||
[Steve Henson]
|
||||
|
||||
*) New BIO_shutdown_wr macro, which invokes the BIO_C_SHUTDOWN_WR
|
||||
BIO_ctrl (for BIO pairs).
|
||||
[Bodo M<>ller]
|
||||
|
||||
*) Add DSO method for VMS.
|
||||
[Richard Levitte]
|
||||
|
||||
*) Bug fix: Montgomery multiplication could produce results with the
|
||||
wrong sign.
|
||||
[Ulf M<>ller]
|
||||
|
||||
*) Add RPM specification openssl.spec and modify it to build three
|
||||
packages. The default package contains applications, application
|
||||
documentation and run-time libraries. The devel package contains
|
||||
include files, static libraries and function documentation. The
|
||||
doc package contains the contents of the doc directory. The original
|
||||
openssl.spec was provided by Damien Miller <djm@mindrot.org>.
|
||||
[Richard Levitte]
|
||||
|
||||
*) Add a large number of documentation files for many SSL routines.
|
||||
[Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>]
|
||||
|
||||
*) Add a configuration entry for Sony News 4.
|
||||
[NAKAJI Hiroyuki <nakaji@tutrp.tut.ac.jp>]
|
||||
|
||||
*) Don't set the two most significant bits to one when generating a
|
||||
random number < q in the DSA library.
|
||||
[Ulf M<>ller]
|
||||
|
||||
*) New SSL API mode 'SSL_MODE_AUTO_RETRY'. This disables the default
|
||||
behaviour that SSL_read may result in SSL_ERROR_WANT_READ (even if
|
||||
the underlying transport is blocking) if a handshake took place.
|
||||
(The default behaviour is needed by applications such as s_client
|
||||
and s_server that use select() to determine when to use SSL_read;
|
||||
but for applications that know in advance when to expect data, it
|
||||
just makes things more complicated.)
|
||||
[Bodo Moeller]
|
||||
|
||||
*) Add RAND_egd_bytes(), which gives control over the number of bytes read
|
||||
from EGD.
|
||||
[Ben Laurie]
|
||||
Changes between 0.9.5a and 0.9.6 [xx XXX 2000]
|
||||
|
||||
*) Add a few more EBCDIC conditionals that make `req' and `x509'
|
||||
work better on such systems.
|
||||
@@ -1128,7 +198,7 @@
|
||||
[Steve Henson]
|
||||
|
||||
*) Changes needed for Tandem NSK.
|
||||
[Scott Uroff <scott@xypro.com>]
|
||||
[Scott Uroff scott@xypro.com]
|
||||
|
||||
*) Fix SSL 2.0 rollback checking: Due to an off-by-one error in
|
||||
RSA_padding_check_SSLv23(), special padding was never detected
|
||||
@@ -1179,7 +249,7 @@
|
||||
default is static libraries only, and the OpenSSL programs
|
||||
are always statically linked for now, but there are
|
||||
preparations for dynamic linking in place.
|
||||
This has been tested on Linux and Tru64.
|
||||
This has been tested on Linux and True64.
|
||||
[Richard Levitte]
|
||||
|
||||
*) Randomness polling function for Win9x, as described in:
|
||||
@@ -2906,7 +1976,7 @@
|
||||
copied!)
|
||||
[Bodo Moeller]
|
||||
|
||||
*) Bugfix: SSL_set_options ignored its parameter, only SSL_CTX_set_options
|
||||
*) Bugfix: SSL_set_mode ignored its parameter, only SSL_CTX_set_mode
|
||||
worked.
|
||||
|
||||
*) Fix problems with no-hmac etc.
|
||||
|
||||
453
Configure
453
Configure
@@ -10,7 +10,7 @@ use strict;
|
||||
|
||||
# see INSTALL for instructions.
|
||||
|
||||
my $usage="Usage: Configure [no-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [rsaref] [no-threads] [no-asm] [no-dso] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--test-sanity] os/compiler[:flags]\n";
|
||||
my $usage="Usage: Configure [no-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [rsaref] [no-threads] [no-asm] [no-dso] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] os/compiler[:flags]\n";
|
||||
|
||||
# Options:
|
||||
#
|
||||
@@ -23,24 +23,11 @@ my $usage="Usage: Configure [no-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-
|
||||
# default). This needn't be set in advance, you can
|
||||
# just as well use "make INSTALL_PREFIX=/whatever install".
|
||||
#
|
||||
# no-hw-xxx do not compile support for specific crypto hardware.
|
||||
# Generic OpenSSL-style methods relating to this support
|
||||
# are always compiled but return NULL if the hardware
|
||||
# support isn't compiled.
|
||||
# no-hw do not compile support for any crypto hardware.
|
||||
#
|
||||
# --test-sanity Make a number of sanity checks on the data in this file.
|
||||
# This is a debugging tool for OpenSSL developers.
|
||||
#
|
||||
# rsaref use RSAref
|
||||
# [no-]threads [don't] try to create a library that is suitable for
|
||||
# multithreaded applications (default is "threads" if we
|
||||
# know how to do it)
|
||||
# [no-]shared [don't] try to create shared libraries when supported.
|
||||
# IT IS NOT RECOMMENDED TO USE "shared"! Since this is a
|
||||
# development branch, the positions of the ENGINE symbols
|
||||
# in the transfer vector are constantly moving, so binary
|
||||
# backward compatibility can't be guaranteed in any way.
|
||||
# no-asm do not use assembler
|
||||
# no-dso do not compile in any native shared-library methods. This
|
||||
# will ensure that all methods just return NULL.
|
||||
@@ -102,15 +89,10 @@ my $x86_elf_asm="asm/bn86-elf.o asm/co86-elf.o:asm/dx86-elf.o asm/yx86-elf.o:asm
|
||||
my $x86_out_asm="asm/bn86-out.o asm/co86-out.o:asm/dx86-out.o asm/yx86-out.o:asm/bx86-out.o:asm/mx86-out.o:asm/sx86-out.o:asm/cx86-out.o:asm/rx86-out.o:asm/rm86-out.o:asm/r586-out.o";
|
||||
my $x86_bsdi_asm="asm/bn86bsdi.o asm/co86bsdi.o:asm/dx86bsdi.o asm/yx86bsdi.o:asm/bx86bsdi.o:asm/mx86bsdi.o:asm/sx86bsdi.o:asm/cx86bsdi.o:asm/rx86bsdi.o:asm/rm86bsdi.o:asm/r586bsdi.o";
|
||||
|
||||
my $mips3_irix_asm="asm/mips3.o::::::::";
|
||||
# There seems to be boundary faults in asm/alpha.s.
|
||||
#my $alpha_asm="asm/alpha.o::::::::";
|
||||
my $alpha_asm="::::::::";
|
||||
|
||||
# -DB_ENDIAN slows things down on a sparc for md5, but helps sha1.
|
||||
# So the md5_locl.h file has an undef B_ENDIAN if sun is defined
|
||||
|
||||
#config-string $cc : $cflags : $unistd : $thread_cflag : $lflags : $bn_ops : $bn_obj : $des_obj : $bf_obj : $md5_obj : $sha1_obj : $cast_obj : $rc4_obj : $rmd160_obj : $rc5_obj : $dso_scheme : $shared_target : $shared_cflag : $shared_ldflag : $shared_extension : $ranlib
|
||||
#config-string $cc : $cflags : $unistd : $thread_cflag : $lflags : $bn_ops : $bn_obj : $des_obj : $bf_obj : $md5_obj : $sha1_obj : $cast_obj : $rc4_obj : $rmd160_obj : $rc5_obj : $dso_scheme : $shared_target : $shared_cflag
|
||||
|
||||
my %table=(
|
||||
# File 'TABLE' (created by 'make TABLE') contains the data from this list,
|
||||
@@ -129,10 +111,10 @@ my %table=(
|
||||
"debug-ben-debug", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown):::::",
|
||||
"debug-ben-strict", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DCONST_STRICT -O2 -Wall -Wshadow -Werror -Wpointer-arith -Wcast-qual -Wwrite-strings -pipe::(unknown):::::",
|
||||
"debug-rse","cc:-DTERMIOS -DL_ENDIAN -pipe -O -g -ggdb3 -Wall::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
|
||||
"debug-bodo", "gcc:-DL_ENDIAN -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -DPEDANTIC -DBIO_PAIR_DEBUG -g -m486 -pedantic -Wshadow -Wall::-D_REENTRANT::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
|
||||
"debug-ulf", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -O2 -m486 -Wall -Werror -Wshadow -pipe::-D_REENTRANT::${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
|
||||
"debug-bodo", "gcc:-DL_ENDIAN -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -DBIO_PAIR_DEBUG -g -m486 -pedantic -Wshadow -Wall::-D_REENTRANT::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
|
||||
"debug-ulf", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -g -O2 -m486 -Wall -Werror -Wshadow -pipe::-D_REENTRANT::${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
|
||||
"debug-steve", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -O2 -m486 -pedantic -Wall -Werror -Wshadow -pipe::-D_REENTRANT::${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
|
||||
"debug-levitte-linux-elf","gcc:-DUSE_ALLOCATING_PRINT -DRL_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DNO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -ggdb -g3 -m486 -pedantic -ansi -Wall -Wshadow -Wid-clash-31 -pipe::-D_REENTRANT:-ldl:::::::::::dlfcn",
|
||||
"debug-levitte-linux-elf","gcc:-DUSE_ALLOCATING_PRINT -DRL_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DNO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -ggdb -g3 -m486 -pedantic -ansi -Wall -Wshadow -Wid-clash-31 -pipe::-D_REENTRANT:-ldl:::::::::::dlfcn",
|
||||
"dist", "cc:-O::(unknown):::::",
|
||||
|
||||
# Basic configs that should work on any (32 and less bit) box
|
||||
@@ -145,45 +127,41 @@ my %table=(
|
||||
# surrounds it with #APP #NO_APP comment pair which (at least Solaris
|
||||
# 7_x86) /usr/ccs/bin/as fails to assemble with "Illegal mnemonic"
|
||||
# error message.
|
||||
"solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -m486 -Wall -DL_ENDIAN -DNO_INLINE_ASM::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_sol_asm}:dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
|
||||
#### Solaris x86 with Sun C setups
|
||||
"solaris-x86-cc","cc:-fast -O -Xa::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -m486 -Wall -DL_ENDIAN -DNO_INLINE_ASM::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_sol_asm}:dlfcn:solaris-shared:-fPIC",
|
||||
|
||||
#### SPARC Solaris with GNU C setups
|
||||
"solaris-sparcv7-gcc","gcc:-O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"solaris-sparcv8-gcc","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"solaris-sparcv9-gcc","gcc:-mcpu=ultrasparc -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"solaris64-sparcv9-gcc31","gcc:-mcpu=ultrasparc -m64 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::asm/md5-sparcv9.o::::::dlfcn:solaris-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"solaris-sparcv7-gcc","gcc:-O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-fPIC",
|
||||
"solaris-sparcv8-gcc","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-fPIC",
|
||||
"solaris-sparcv9-gcc","gcc:-mcpu=ultrasparc -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-fPIC",
|
||||
# gcc pre-2.8 doesn't understand -mcpu=ultrasparc, so fall down to -mv8
|
||||
# but keep the assembler modules.
|
||||
"solaris-sparcv9-gcc27","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus-gcc27.o:::asm/md5-sparcv8plus-gcc27.o::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"solaris-sparcv9-gcc27","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus-gcc27.o:::asm/md5-sparcv8plus-gcc27.o::::::dlfcn:solaris-shared:-fPIC",
|
||||
####
|
||||
"debug-solaris-sparcv8-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mv8 -Wall -DB_ENDIAN::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"debug-solaris-sparcv9-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mcpu=ultrasparc -Wall -DB_ENDIAN::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:::::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"debug-solaris-sparcv8-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mv8 -Wall -DB_ENDIAN::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-fPIC",
|
||||
"debug-solaris-sparcv9-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mcpu=ultrasparc -Wall -DB_ENDIAN::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:::::::::dlfcn:solaris-shared:-fPIC",
|
||||
|
||||
#### SPARC Solaris with Sun C setups
|
||||
# DO NOT use /xO[34] on sparc with SC3.0. It is broken, and will not pass the tests
|
||||
"solaris-sparc-sc3","cc:-fast -O -Xa -DB_ENDIAN::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"solaris-sparc-sc3","cc:-fast -O -Xa -DB_ENDIAN::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-KPIC",
|
||||
# SC4.0 doesn't pass 'make test', upgrade to SC5.0 or SC4.2.
|
||||
# SC4.2 is ok, better than gcc even on bn as long as you tell it -xarch=v8
|
||||
# SC5.0 note: Compiler common patch 107357-01 or later is required!
|
||||
"solaris-sparcv7-cc","cc:-xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"solaris-sparcv8-cc","cc:-xarch=v8 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"solaris-sparcv9-cc","cc:-xtarget=ultra -xarch=v8plus -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"solaris64-sparcv9-cc","cc:-xtarget=ultra -xarch=v9 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::asm/md5-sparcv9.o::::::dlfcn:solaris-shared:-KPIC:-xarch=v9:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):/usr/ccs/bin/ar rs",
|
||||
"solaris-sparcv7-cc","cc:-xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-KPIC",
|
||||
"solaris-sparcv8-cc","cc:-xarch=v8 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-KPIC",
|
||||
"solaris-sparcv9-cc","cc:-xtarget=ultra -xarch=v8plus -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-KPIC",
|
||||
"solaris64-sparcv9-cc","cc:-xtarget=ultra -xarch=v9 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::asm/md5-sparcv9.o::::::dlfcn:solaris-shared:-KPIC",
|
||||
####
|
||||
"debug-solaris-sparcv8-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xarch=v8 -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"debug-solaris-sparcv9-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xtarget=ultra -xarch=v8plus -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"debug-solaris-sparcv8-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xarch=v8 -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-KPIC",
|
||||
"debug-solaris-sparcv9-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xtarget=ultra -xarch=v8plus -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-KPIC",
|
||||
|
||||
#### SPARC Linux setups
|
||||
"linux-sparcv7","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::",
|
||||
# Ray Miller <ray.miller@computing-services.oxford.ac.uk> has patiently
|
||||
# assisted with debugging of following two configs.
|
||||
"linux-sparcv8","gcc:-mv8 -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"linux-sparcv8","gcc:-mv8 -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o::::",
|
||||
# it's a real mess with -mcpu=ultrasparc option under Linux, but
|
||||
# -Wa,-Av8plus should do the trick no matter what.
|
||||
"linux-sparcv9","gcc:-mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -Wa,-Av8plus -DULTRASPARC -DBN_DIV2W::-D_REENTRANT:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"linux-sparcv9","gcc:-mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -Wa,-Av8plus -DULTRASPARC -DBN_DIV2W::-D_REENTRANT::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o:",
|
||||
# !!!Folowing can't be even tested yet!!!
|
||||
# We have to wait till 64-bit glibc for SPARC is operational!!!
|
||||
#"linux64-sparcv9","sparc64-linux-gcc:-m64 -mcpu=v9 -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DULTRASPARC -DBN_DIV2W::-D_REENTRANT::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::::asm/md5-sparcv9.o:",
|
||||
@@ -194,17 +172,17 @@ my %table=(
|
||||
|
||||
#### IRIX 5.x configs
|
||||
# -mips2 flag is added by ./config when appropriate.
|
||||
"irix-gcc","gcc:-O3 -DTERMIOS -DB_ENDIAN::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK DES_UNROLL DES_RISC2 DES_PTR BF_PTR::::::::::dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"irix-cc", "cc:-O2 -use_readonly_const -DTERMIOS -DB_ENDIAN::(unknown)::BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC2 DES_UNROLL BF_PTR::::::::::dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"irix-gcc","gcc:-O3 -DTERMIOS -DB_ENDIAN::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK DES_UNROLL DES_RISC2 DES_PTR BF_PTR:::",
|
||||
"irix-cc", "cc:-O2 -use_readonly_const -DTERMIOS -DB_ENDIAN::(unknown)::BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC2 DES_UNROLL BF_PTR:::",
|
||||
#### IRIX 6.x configs
|
||||
# Only N32 and N64 ABIs are supported. If you need O32 ABI build, invoke
|
||||
# './Configure irix-[g]cc' manually.
|
||||
# -mips4 flag is added by ./config when appropriate.
|
||||
"irix-mips3-gcc","gcc:-mabi=n32 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE::MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK_LL DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT:${mips3_irix_asm}:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"irix-mips3-cc", "cc:-n32 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE::DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT:${mips3_irix_asm}:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"irix-mips3-gcc","gcc:-mabi=n32 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE::MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK_LL DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT:asm/mips3.o::",
|
||||
"irix-mips3-cc", "cc:-n32 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE::DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT:asm/mips3.o::",
|
||||
# N64 ABI builds.
|
||||
"irix64-mips4-gcc","gcc:-mabi=64 -mips4 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips3_irix_asm}:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"irix64-mips4-cc", "cc:-64 -mips4 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips3_irix_asm}:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"irix64-mips4-gcc","gcc:-mabi=64 -mips4 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:asm/mips3.o::",
|
||||
"irix64-mips4-cc", "cc:-64 -mips4 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:asm/mips3.o::",
|
||||
|
||||
#### Unified HP-UX ANSI C configs.
|
||||
# Special notes:
|
||||
@@ -234,47 +212,34 @@ my %table=(
|
||||
# crypto/sha/sha_lcl.h.
|
||||
# <appro@fy.chalmers.se>
|
||||
#
|
||||
#!#"hpux-parisc-cc","cc:-Ae +O3 +ESlit -z -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY:::-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl",
|
||||
"hpux-parisc-cc","cc:-Ae +O3 +ESlit -z -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY:::-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl",
|
||||
# Since there is mention of this in shlib/hpux10-cc.sh
|
||||
"hpux-parisc-cc-o4","cc:-Ae +O4 +ESlit -z -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY:::-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"hpux-parisc-gcc","gcc:-O3 -DB_ENDIAN -DBN_DIV2W:::-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"hpux64-parisc-cc","cc:-Ae +DD64 +O3 +ESlit -z -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT:-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dlfcn:hpux64-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"hpux64-parisc-gcc","gcc:-DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT:-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dlfcn:hpux64-shared:-fpic::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
|
||||
# More attempts at unified 10.X and 11.X targets for HP C compiler.
|
||||
#
|
||||
# Chris Ruemmler <ruemmler@cup.hp.com>
|
||||
# Kevin Steves <ks@hp.se>
|
||||
"hpux-parisc-cc","cc:+O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::-D_REENTRANT:-ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"hpux-parisc2-cc","cc:+DA2.0 +DS2.0 +O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT:-ldld:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/pa-risc2.o:::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"hpux64-parisc2-cc","cc:+DD64 +O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT:-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/pa-risc2W.o:::::::::dlfcn:hpux64-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"hpux-parisc1_1-cc","cc:+DA1.1 +DS1.1 +O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT:-ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"hpux-parisc-cc-o4","cc:-Ae +O4 +ESlit -z -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY:::-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl",
|
||||
"hpux-parisc-gcc","gcc:-O3 -DB_ENDIAN -DBN_DIV2W:::-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl",
|
||||
"hpux64-parisc-cc","cc:-Ae +DD64 +O3 +ESlit -z -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT:-ldld:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dl",
|
||||
|
||||
# HPUX 9.X config.
|
||||
# Don't use the bundled cc. It is broken. Use HP ANSI C if possible, or
|
||||
# egcs. gcc 2.8.1 is also broken.
|
||||
|
||||
"hpux-cc", "cc:-DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O3 -z::(unknown):-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"hpux-cc", "cc:-DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O3 -z::(unknown):-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl",
|
||||
# If hpux-cc fails (e.g. during "make test"), try the next one; otherwise,
|
||||
# please report your OS and compiler version to the openssl-bugs@openssl.org
|
||||
# mailing list.
|
||||
"hpux-brokencc", "cc:-DB_ENDIAN -DBN_DIV2W -Ae +ESlit +O2 -z::(unknown):-ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"hpux-brokencc", "cc:-DB_ENDIAN -DBN_DIV2W -Ae +ESlit +O2 -z::(unknown):-ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl",
|
||||
|
||||
"hpux-gcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown):-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"hpux-gcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown):-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl",
|
||||
# If hpux-gcc fails, try this one:
|
||||
"hpux-brokengcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown):-ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
|
||||
# HPUX 9.X on Motorola 68k platforms with gcc
|
||||
"hpux-m68k-gcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown)::BN_LLONG DES_PTR DES_UNROLL:::",
|
||||
"hpux-brokengcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown):-ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl",
|
||||
|
||||
# HPUX 10.X config. Supports threads.
|
||||
"hpux10-cc", "cc:-DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O3 -z::-D_REENTRANT:-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"hpux10-cc", "cc:-DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O3 -z::-D_REENTRANT:-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl",
|
||||
# If hpux10-cc fails, try this one (if still fails, try deleting BN_LLONG):
|
||||
"hpux10-brokencc", "cc:-DB_ENDIAN -DBN_DIV2W -Ae +ESlit +O2 -z::-D_REENTRANT:-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"hpux10-brokencc", "cc:-DB_ENDIAN -DBN_DIV2W -Ae +ESlit +O2 -z::-D_REENTRANT:-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl",
|
||||
|
||||
"hpux10-gcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::-D_REENTRANT:-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"hpux10-gcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::-D_REENTRANT:-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl",
|
||||
# If hpux10-gcc fails, try this one:
|
||||
"hpux10-brokengcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::-D_REENTRANT:-ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"hpux10-brokengcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::-D_REENTRANT:-ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl",
|
||||
|
||||
# HPUX 11.X from www.globus.org.
|
||||
# Only works on PA-RISC 2.0 cpus, and not optimized. Why?
|
||||
@@ -282,46 +247,13 @@ my %table=(
|
||||
#"hpux11-64bit-cc","cc:+DA2.0W -g -D_HPUX_SOURCE -Aa -Ae +ESlit::-D_REENTRANT::SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT :::",
|
||||
# Use unified settings above instead.
|
||||
|
||||
#### HP MPE/iX http://jazz.external.hp.com/src/openssl/
|
||||
"MPE/iX-gcc", "gcc:-D_ENDIAN -DBN_DIV2W -O3 -DMPE -D_POSIX_SOURCE -D_SOCKET_SOURCE -I/SYSLOG/PUB::(unknown):-L/SYSLOG/PUB -lsyslog -lsocket -lcurses:BN_LLONG DES_PTR DES_UNROLL DES_RISC1:::",
|
||||
|
||||
#### PARISC Linux setups
|
||||
"linux-parisc","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::",
|
||||
|
||||
# Dec Alpha, OSF/1 - the alpha164-cc is historical, for the conversion
|
||||
# from the older DEC C Compiler to the newer compiler. It's now the
|
||||
# same as the preferred entry, alpha-cc. If you are still using the
|
||||
# older compiler (you're at 3.x or earlier, or perhaps very early 4.x)
|
||||
# you should use `alphaold-cc'.
|
||||
#
|
||||
# "What's in a name? That which we call a rose
|
||||
# By any other word would smell as sweet."
|
||||
#
|
||||
# - William Shakespeare, "Romeo & Juliet", Act II, scene II.
|
||||
#
|
||||
# For OSF/1 3.2b and earlier, and Digital UNIX 3.2c - 3.2g, with the
|
||||
# vendor compiler, use alphaold-cc.
|
||||
# For Digital UNIX 4.0 - 4.0e, with the vendor compiler, use alpha-cc.
|
||||
# For Tru64 UNIX 4.f - current, with the vendor compiler, use alpha-cc.
|
||||
#
|
||||
# There's also an alternate target available (which `config' will never
|
||||
# select) called alpha-cc-rpath. This target builds an RPATH into the
|
||||
# shared libraries, which is very convenient on Tru64 since binaries
|
||||
# linked against that shared library will automatically inherit that RPATH,
|
||||
# and hence know where to look for the openssl libraries, even if they're in
|
||||
# an odd place.
|
||||
#
|
||||
# Dec Alpha, OSF/1 - the alpha164-cc is the flags for a 21164A with
|
||||
# the new compiler
|
||||
# For gcc, the following gave a %50 speedup on a 164 over the 'DES_INT' version
|
||||
#
|
||||
"alpha-gcc","gcc:-O3::(unknown)::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_RISC1:${alpha_asm}:dlfcn:alpha-osf1-shared:::.so",
|
||||
"alphaold-cc", "cc:-std1 -tune host -O4 -readonly_strings::(unknown)::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:alpha-osf1-shared:::.so",
|
||||
"alpha164-cc", "cc:-std1 -tune host -fast -readonly_strings::-pthread::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:tru64-shared:::.so",
|
||||
"alpha-cc", "cc:-std1 -tune host -fast -readonly_strings::-pthread::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:tru64-shared:::.so",
|
||||
"alpha-cc-rpath", "cc:-std1 -tune host -fast -readonly_strings::-pthread::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:tru64-shared-rpath:::.so",
|
||||
#
|
||||
# This probably belongs in a different section.
|
||||
#
|
||||
"FreeBSD-alpha","gcc:-DTERMIOS -O -fomit-frame-pointer::(unknown)::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC2::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"alpha-gcc","gcc:-O3::(unknown)::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_RISC1:asm/alpha.o:::::::::dlfcn:true64-shared",
|
||||
"alpha-cc", "cc:-std1 -tune host -O4 -readonly_strings::(unknown)::SIXTY_FOUR_BIT_LONG RC4_CHUNK:asm/alpha.o:::::::::dlfcn:true64-shared",
|
||||
"alpha164-cc", "cc:-std1 -tune host -fast -readonly_strings::(unknown)::SIXTY_FOUR_BIT_LONG RC4_CHUNK:asm/alpha.o:::::::::dlfcn:true64-shared",
|
||||
"FreeBSD-alpha","gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown)::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC2:::",
|
||||
|
||||
#### Alpha Linux with GNU C and Compaq C setups
|
||||
# Special notes:
|
||||
@@ -336,34 +268,31 @@ my %table=(
|
||||
#
|
||||
# <appro@fy.chalmers.se>
|
||||
#
|
||||
"linux-alpha-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT:-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"linux-alpha+bwx-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT:-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
|
||||
"linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
|
||||
"linux-alpha-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:asm/alpha.o::",
|
||||
"linux-alpha+bwx-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:asm/alpha.o::",
|
||||
"linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:asm/alpha.o::",
|
||||
"linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:asm/alpha.o::",
|
||||
|
||||
# assembler versions -- currently defunct:
|
||||
##"OpenBSD-alpha","gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown):SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2:${alpha_asm}",
|
||||
##"OpenBSD-alpha","gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown):SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2:asm/alpha.o::",
|
||||
|
||||
# The intel boxes :-), It would be worth seeing if bsdi-gcc can use the
|
||||
# bn86-elf.o file file since it is hand tweaked assembler.
|
||||
"linux-elf", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT:-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"debug-linux-elf","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall::-D_REENTRANT:-lefence -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"debug-linux-elf-noefence","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall::-D_REENTRANT:-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn",
|
||||
"linux-elf", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT:-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC",
|
||||
"debug-linux-elf","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall::-D_REENTRANT:-lefence:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn",
|
||||
"debug-linux-elf-noefence","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall::-D_REENTRANT::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn",
|
||||
"linux-aout", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}",
|
||||
"linux-mipsel", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::(unknown)::BN_LLONG:::",
|
||||
"linux-mips", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::(unknown)::BN_LLONG:::",
|
||||
"linux-ppc", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"linux-mips", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::(unknown)::BN_LLONG:::",
|
||||
"linux-ppc", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::BN_LLONG::",
|
||||
"linux-m68k", "gcc:-DB_ENDIAN -DTERMIO -O2 -fomit-frame-pointer -Wall::-D_REENTRANT::BN_LLONG::",
|
||||
"linux-s390", "gcc:-DB_ENDIAN -DTERMIO -DNO_ASM -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR),\$(SHLIB_MINOR)",
|
||||
"linux-s390x", "gcc:-DB_ENDIAN -DTERMIO -DNO_ASM -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:-ldl:SIXTY_FOUR_BIT_LONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"linux-ia64", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR:asm/ia64.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"NetBSD-sparc", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"NetBSD-m68", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"NetBSD-x86", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"FreeBSD-elf", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::-pthread -D_REENTRANT -D_THREAD_SAFE -D_THREADSAFE::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"linux-ia64", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::(unknown)::SIXTY_FOUR_BIT_LONG::",
|
||||
"NetBSD-sparc", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:::",
|
||||
"NetBSD-m68", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:::",
|
||||
"NetBSD-x86", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:",
|
||||
"FreeBSD-elf", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
|
||||
"FreeBSD", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}",
|
||||
"bsdi-gcc", "gcc:-O3 -ffast-math -DL_ENDIAN -DPERL5 -m486::(unknown)::RSA_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_bsdi_asm}",
|
||||
"bsdi-elf-gcc", "gcc:-DPERL5 -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown):-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"bsdi-elf-gcc", "gcc:-DPERL5 -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
|
||||
"nextstep", "cc:-O -Wall:<libc.h>:(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::",
|
||||
"nextstep3.3", "cc:-O3 -Wall:<libc.h>:(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::",
|
||||
# NCR MP-RAS UNIX ver 02.03.01
|
||||
@@ -372,43 +301,22 @@ my %table=(
|
||||
# QNX 4
|
||||
"qnx4", "cc:-DL_ENDIAN -DTERMIO::(unknown)::${x86_gcc_des} ${x86_gcc_opts}:",
|
||||
|
||||
# QNX 6
|
||||
"qnx6", "cc:-DL_ENDIAN -DTERMIOS::(unknown):-lsocket:${x86_gcc_des} ${x86_gcc_opts}:",
|
||||
|
||||
# Linux on ARM
|
||||
"linux-elf-arm","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"linux-elf-arm","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::BN_LLONG::::::::::dlfcn:linux-shared:-fPIC",
|
||||
|
||||
# UnixWare 2.0x fails destest with -O
|
||||
"unixware-2.0","cc:-DFILIO_H::-Kthread:-lsocket -lnsl -lx:${x86_gcc_des} ${x86_gcc_opts}:::",
|
||||
"unixware-2.0-pentium","cc:-DFILIO_H -Kpentium::-Kthread:-lsocket -lnsl -lx:MD2_CHAR RC4_INDEX ${x86_gcc_des}::",
|
||||
|
||||
# UnixWare 2.1
|
||||
"unixware-2.1","cc:-O -DFILIO_H::-Kthread:-lsocket -lnsl -lx:${x86_gcc_des} ${x86_gcc_opts}:::",
|
||||
"unixware-2.1-pentium","cc:-O -DFILIO_H -Kpentium::-Kthread:-lsocket -lnsl -lx:MD2_CHAR RC4_INDEX ${x86_gcc_des}::",
|
||||
"unixware-2.1-p6","cc:-O -DFILIO_H -Kp6::-Kthread:-lsocket -lnsl -lx:MD2_CHAR RC4_INDEX ${x86_gcc_des}::",
|
||||
# UnixWare 2.0
|
||||
"unixware-2.0","cc:-O -DFILIO_H::(unknown):-lsocket -lnsl:${x86_gcc_des} ${x86_gcc_opts}:::",
|
||||
"unixware-2.0-pentium","cc:-O -DFILIO_H -Kpentium -Kthread::(unknown):-lsocket -lnsl:MD2_CHAR RC4_INDEX ${x86_gcc_des}::",
|
||||
|
||||
# UnixWare 7
|
||||
"unixware-7","cc:-O -DFILIO_H -Kalloca::-Kthread:-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}::",
|
||||
"unixware-7-pentium","cc:-O -DFILIO_H -Kalloca -Kpentium::-Kthread:-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}::",
|
||||
"unixware-7-pentium_pro","cc:-O -DFILIO_H -Kalloca -Kpentium_pro::-Kthread:-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}::",
|
||||
"unixware-7-gcc","gcc:-DL_ENDIAN -DFILIO_H -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT:-lsocket -lnsl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:gnu-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
|
||||
# OpenUNIX 8
|
||||
"OpenUNIX-8","cc:-O -DFILIO_H -Kalloca::-Kthread:-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}::",
|
||||
"OpenUNIX-8-gcc","gcc:-O -DFILIO_H -fomit-frame-pointer::-pthread:-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}::",
|
||||
"OpenUNIX-8-pentium","cc:-O -DFILIO_H -Kalloca -Kpentium::-Kthread:-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}::",
|
||||
"OpenUNIX-8-pentium_pro","cc:-O -DFILIO_H -Kalloca -Kpentium_pro::-Kthread:-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}::",
|
||||
"OpenUNIX-8-shared","cc:-O -DFILIO_H -Kalloca::-Kthread:-lsocket -lnsl:MD2_CHAR RC4_INDEX ${x86_gcc_des}::::::::::dlfcn:svr5-shared:-Kpic",
|
||||
"OpenUNIX-8-gcc-shared","gcc:-O3 -DFILIO_H -fomit-frame-pointer::-pthread:-lsocket -lnsl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:svr5-shared:-fPIC",
|
||||
"unixware-7","cc:-O -DFILIO_H -Kalloca::-Kthread:-lsocket -lnsl:MD2_CHAR RC4_INDEX ${x86_gcc_des}::",
|
||||
|
||||
# IBM's AIX.
|
||||
"aix-cc", "cc:-O -DAIX -DB_ENDIAN -qmaxmem=16384::(unknown)::BN_LLONG RC4_CHAR:::",
|
||||
"aix-gcc", "gcc:-O3 -DAIX -DB_ENDIAN::(unknown)::BN_LLONG RC4_CHAR:::",
|
||||
"aix43-cc", "cc:-O -DAIX -DB_ENDIAN -qmaxmem=16384::(unknown)::BN_LLONG RC4_CHAR::::::::::dlfcn:",
|
||||
"aix43-gcc", "gcc:-O3 -DAIX -DB_ENDIAN::(unknown)::BN_LLONG RC4_CHAR::::::::::dlfcn:",
|
||||
|
||||
#
|
||||
# Cray T90 and similar (SDSC)
|
||||
# Cray T90 (SDSC)
|
||||
# It's Big-endian, but the algorithms work properly when B_ENDIAN is NOT
|
||||
# defined. The T90 ints and longs are 8 bytes long, and apparently the
|
||||
# B_ENDIAN code assumes 4 byte ints. Fortunately, the non-B_ENDIAN and
|
||||
@@ -418,10 +326,7 @@ my %table=(
|
||||
#'Taking the address of a bit field is not allowed. '
|
||||
#'An expression with bit field exists as the operand of "sizeof" '
|
||||
# (written by Wayne Schroeder <schroede@SDSC.EDU>)
|
||||
#
|
||||
# j90 is considered the base machine type for unicos machines,
|
||||
# so this configuration is now called "cray-j90" ...
|
||||
"cray-j90", "cc: -DBIT_FIELD_LIMITS -DTERMIOS::(unknown)::SIXTY_FOUR_BIT_LONG DES_INT:::",
|
||||
"cray-t90-cc", "cc: -DBIT_FIELD_LIMITS -DTERMIOS::(unknown)::SIXTY_FOUR_BIT_LONG DES_INT:::",
|
||||
|
||||
#
|
||||
# Cray T3E (Research Center Juelich, beckman@acl.lanl.gov)
|
||||
@@ -435,19 +340,13 @@ my %table=(
|
||||
|
||||
# DGUX, 88100.
|
||||
"dgux-R3-gcc", "gcc:-O3 -fomit-frame-pointer::(unknown)::RC4_INDEX DES_UNROLL:::",
|
||||
"dgux-R4-gcc", "gcc:-O3 -fomit-frame-pointer::(unknown):-lnsl -lsocket:RC4_INDEX DES_UNROLL:::",
|
||||
"dgux-R4-gcc", "gcc:-O3 -fomit-frame-pointer::(unknown):-lnsl -lsocket:RC4_INDEX:RC4_INDEX DES_UNROLL:::",
|
||||
"dgux-R4-x86-gcc", "gcc:-O3 -fomit-frame-pointer -DL_ENDIAN::(unknown):-lnsl -lsocket:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
|
||||
|
||||
# SCO 3 - Tim Rice <tim@multitalents.net>
|
||||
"sco3-gcc", "gcc:-O3 -fomit-frame-pointer -Dssize_t=int -DNO_SYS_UN_H::(unknown):-lsocket:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::", # the SCO assembler doesn't seem to like our assembler files ...
|
||||
|
||||
# SCO 5 - Ben Laurie <ben@algroup.co.uk> says the -O breaks the
|
||||
# SCO cc.
|
||||
"sco5-cc", "cc:-belf::(unknown):-lsocket -lresolv:${x86_gcc_des} ${x86_gcc_opts}:::", # des options?
|
||||
"sco5-cc-pentium", "cc:-Kpentium::(unknown):-lsocket:${x86_gcc_des} ${x86_gcc_opts}:::", # des options?
|
||||
"sco5-cc", "cc:::(unknown):-lsocket:${x86_gcc_des} ${x86_gcc_opts}:::", # des options?
|
||||
"sco5-gcc", "gcc:-O3 -fomit-frame-pointer::(unknown):-lsocket:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::", # the SCO assembler doesn't seem to like our assembler files ...
|
||||
"sco5-cc-shared","cc:-belf:::-lsocket -lresolv -lnsl:MD2_CHAR RC4_INDEX ${x86_gcc_des}::::::::::dlfcn:svr3-shared:-Kpic",
|
||||
"sco5-gcc-shared","gcc:-O3 -fomit-frame-pointer:::-lsocket -lresolv -lnsl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:svr3-shared:-fPIC", # the SCO assembler doesn't seem to like our assembler files ...
|
||||
|
||||
# Sinix/ReliantUNIX RM400
|
||||
# NOTE: The CDS++ Compiler up to V2.0Bsomething has the IRIX_CC_BUG optimizer problem. Better use -g */
|
||||
@@ -458,36 +357,26 @@ my %table=(
|
||||
# SIEMENS BS2000/OSD: an EBCDIC-based mainframe
|
||||
"BS2000-OSD","c89:-O -XLLML -XLLMK -XL -DB_ENDIAN -DTERMIOS -DCHARSET_EBCDIC::(unknown):-lsocket -lnsl:THIRTY_TWO_BIT DES_PTR DES_UNROLL MD2_CHAR RC4_INDEX RC4_CHAR BF_PTR:::",
|
||||
|
||||
# OS/390 Unix an EBCDIC-based Unix system on IBM mainframe
|
||||
# You need to compile using the c89.sh wrapper in the tools directory, because the
|
||||
# IBM compiler does not like the -L switch after any object modules.
|
||||
#
|
||||
"OS390-Unix","c89.sh:-O -DB_ENDIAN -DCHARSET_EBCDIC -DNO_SYS_PARAM_H -D_ALL_SOURCE::(unknown)::THIRTY_TWO_BIT DES_PTR DES_UNROLL MD2_CHAR RC4_INDEX RC4_CHAR BF_PTR:::",
|
||||
|
||||
# Windows NT, Microsoft Visual C++ 4.0
|
||||
|
||||
"VC-NT","cl:::::BN_LLONG RC4_INDEX ${x86_gcc_opts}::::::::::win32",
|
||||
"VC-WIN32","cl:::::BN_LLONG RC4_INDEX ${x86_gcc_opts}::::::::::win32",
|
||||
"VC-NT","cl:::::BN_LLONG RC4_INDEX ${x86_gcc_opts}:::",
|
||||
"VC-WIN32","cl:::::BN_LLONG RC4_INDEX ${x86_gcc_opts}:::",
|
||||
"VC-WIN16","cl:::(unknown)::MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX THIRTY_TWO_BIT:::",
|
||||
"VC-W31-16","cl:::(unknown)::BN_LLONG MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX SIXTEEN_BIT:::",
|
||||
"VC-W31-32","cl:::::BN_LLONG MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX THIRTY_TWO_BIT:::",
|
||||
"VC-MSDOS","cl:::(unknown)::BN_LLONG MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX SIXTEEN_BIT:::",
|
||||
|
||||
# Borland C++ 4.5
|
||||
"BC-32","bcc32:::::BN_LLONG DES_PTR RC4_INDEX::::::::::win32",
|
||||
"BC-32","bcc32:::::BN_LLONG DES_PTR RC4_INDEX:::",
|
||||
"BC-16","bcc:::(unknown)::BN_LLONG DES_PTR RC4_INDEX SIXTEEN_BIT:::",
|
||||
|
||||
# Mingw32
|
||||
# (Note: the real CFLAGS for Windows builds are defined by util/mk1mf.pl
|
||||
# and its library files in util/pl/*)
|
||||
"Mingw32", "gcc:-DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::win32",
|
||||
"Mingw32", "gcc:-DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:",
|
||||
|
||||
# UWIN
|
||||
"UWIN", "cc:-DTERMIOS -DL_ENDIAN -O -Wall::::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::win32",
|
||||
|
||||
# Cygwin
|
||||
"Cygwin-pre1.3", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -m486 -Wall::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::win32",
|
||||
"Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -m486 -Wall::::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::win32:cygwin-shared:::.dll",
|
||||
# CygWin32
|
||||
"CygWin32", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:",
|
||||
|
||||
# Ultrix from Bernhard Simon <simon@zid.tuwien.ac.at>
|
||||
"ultrix-cc","cc:-std1 -O -Olimit 1000 -DL_ENDIAN::(unknown)::::::",
|
||||
@@ -496,52 +385,21 @@ my %table=(
|
||||
##"ultrix","cc:-O2 -DNOPROTO -DNOCONST -DL_ENDIAN::(unknown)::::::",
|
||||
|
||||
# Some OpenBSD from Bob Beck <beck@obtuse.com>
|
||||
"OpenBSD-alpha","gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown)::SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"OpenBSD-x86", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"OpenBSD", "gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown)::BN_LLONG RC2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"OpenBSD-mips","gcc:-O2 -DL_ENDIAN::(unknown):BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR:::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"OpenBSD-alpha","gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown)::SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2:::",
|
||||
"OpenBSD-x86", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:dlfcn",
|
||||
"OpenBSD", "gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown)::BN_LLONG RC2_CHAR RC4_INDEX DES_UNROLL:::",
|
||||
"OpenBSD-mips","gcc:-O2 -DL_ENDIAN::(unknown):BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR::::",
|
||||
|
||||
##### MacOS X (a.k.a. Rhapsody or Darwin) setup
|
||||
##### MacOS X (a.k.a. Rhapsody) setup
|
||||
"rhapsody-ppc-cc","cc:-O3 -DB_ENDIAN::(unknown)::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::",
|
||||
"darwin-ppc-cc","cc:-O3 -D_DARWIN -DB_ENDIAN -fno-common::-D_REENTRANT::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::::::::::darwin-shared:-fPIC::.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
|
||||
|
||||
##### Sony NEWS-OS 4.x
|
||||
"newsos4-gcc","gcc:-O -DB_ENDIAN -DNEWS4::(unknown):-lmld -liberty:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::",
|
||||
|
||||
##### VxWorks for various targets
|
||||
"vxworks-ppc405","ccppc:-g -msoft-float -mlongcall -DVXWORKS -DCPU=PPC405 -I\$(WIND_BASE)/target/h:::-r:::::",
|
||||
|
||||
);
|
||||
|
||||
my @WinTargets=qw(VC-NT VC-WIN32 VC-WIN16 VC-W31-16 VC-W31-32 VC-MSDOS BC-32
|
||||
BC-16 Mingw32);
|
||||
|
||||
my $idx = 0;
|
||||
my $idx_cc = $idx++;
|
||||
my $idx_cflags = $idx++;
|
||||
my $idx_unistd = $idx++;
|
||||
my $idx_thread_cflag = $idx++;
|
||||
my $idx_lflags = $idx++;
|
||||
my $idx_bn_ops = $idx++;
|
||||
my $idx_bn_obj = $idx++;
|
||||
my $idx_des_obj = $idx++;
|
||||
my $idx_bf_obj = $idx++;
|
||||
my $idx_md5_obj = $idx++;
|
||||
my $idx_sha1_obj = $idx++;
|
||||
my $idx_cast_obj = $idx++;
|
||||
my $idx_rc4_obj = $idx++;
|
||||
my $idx_rmd160_obj = $idx++;
|
||||
my $idx_rc5_obj = $idx++;
|
||||
my $idx_dso_scheme = $idx++;
|
||||
my $idx_shared_target = $idx++;
|
||||
my $idx_shared_cflag = $idx++;
|
||||
my $idx_shared_ldflag = $idx++;
|
||||
my $idx_shared_extension = $idx++;
|
||||
my $idx_ranlib = $idx++;
|
||||
|
||||
my $prefix="";
|
||||
my $openssldir="";
|
||||
my $exe_ext="";
|
||||
my $install_prefix="";
|
||||
my $no_threads=0;
|
||||
my $no_shared=1;
|
||||
@@ -569,10 +427,10 @@ my $md5_obj="";
|
||||
my $sha1_obj="";
|
||||
my $rmd160_obj="";
|
||||
my $processor="";
|
||||
my $default_ranlib;
|
||||
my $ranlib;
|
||||
my $perl;
|
||||
|
||||
$default_ranlib= &which("ranlib") or $default_ranlib="true";
|
||||
$ranlib=&which("ranlib") or $ranlib="true";
|
||||
$perl=$ENV{'PERL'} or $perl=&which("perl5") or $perl=&which("perl")
|
||||
or $perl="perl";
|
||||
|
||||
@@ -611,28 +469,12 @@ PROCESS_ARGS:
|
||||
foreach (@argvcopy)
|
||||
{
|
||||
s /^-no-/no-/; # some people just can't read the instructions
|
||||
if (/^--test-sanity$/)
|
||||
{
|
||||
exit(&test_sanity());
|
||||
}
|
||||
elsif (/^no-asm$/)
|
||||
if (/^no-asm$/)
|
||||
{
|
||||
$no_asm=1;
|
||||
$flags .= "-DNO_ASM ";
|
||||
$openssl_other_defines .= "#define NO_ASM\n";
|
||||
}
|
||||
elsif (/^no-hw-(.+)$/)
|
||||
{
|
||||
my $hw=$1;
|
||||
$hw =~ tr/[a-z]/[A-Z]/;
|
||||
$flags .= "-DNO_HW_$hw ";
|
||||
$openssl_other_defines .= "#define NO_HW_$hw\n";
|
||||
}
|
||||
elsif (/^no-hw$/)
|
||||
{
|
||||
$flags .= "-DNO_HW ";
|
||||
$openssl_other_defines .= "#define NO_HW\n";
|
||||
}
|
||||
elsif (/^no-dso$/)
|
||||
{ $no_dso=1; }
|
||||
elsif (/^no-threads$/)
|
||||
@@ -756,17 +598,12 @@ if ($target eq "LIST") {
|
||||
exit 0;
|
||||
}
|
||||
|
||||
if ($target =~ m/^CygWin32(-.*)$/) {
|
||||
$target = "Cygwin".$1;
|
||||
}
|
||||
|
||||
print "Configuring for $target\n";
|
||||
|
||||
&usage if (!defined($table{$target}));
|
||||
|
||||
my $IsWindows=scalar grep /^$target$/,@WinTargets;
|
||||
|
||||
$exe_ext=".exe" if ($target eq "Cygwin");
|
||||
$openssldir="/usr/local/ssl" if ($openssldir eq "" and $prefix eq "");
|
||||
$prefix=$openssldir if $prefix eq "";
|
||||
|
||||
@@ -779,29 +616,9 @@ $openssldir=$prefix . "/" . $openssldir if $openssldir !~ /^\//;
|
||||
|
||||
print "IsWindows=$IsWindows\n";
|
||||
|
||||
my @fields = split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);
|
||||
my $cc = $fields[$idx_cc];
|
||||
my $cflags = $fields[$idx_cflags];
|
||||
my $unistd = $fields[$idx_unistd];
|
||||
my $thread_cflag = $fields[$idx_thread_cflag];
|
||||
my $lflags = $fields[$idx_lflags];
|
||||
my $bn_ops = $fields[$idx_bn_ops];
|
||||
my $bn_obj = $fields[$idx_bn_obj];
|
||||
my $des_obj = $fields[$idx_des_obj];
|
||||
my $bf_obj = $fields[$idx_bf_obj];
|
||||
my $md5_obj = $fields[$idx_md5_obj];
|
||||
my $sha1_obj = $fields[$idx_sha1_obj];
|
||||
my $cast_obj = $fields[$idx_cast_obj];
|
||||
my $rc4_obj = $fields[$idx_rc4_obj];
|
||||
my $rmd160_obj = $fields[$idx_rmd160_obj];
|
||||
my $rc5_obj = $fields[$idx_rc5_obj];
|
||||
my $dso_scheme = $fields[$idx_dso_scheme];
|
||||
my $shared_target = $fields[$idx_shared_target];
|
||||
my $shared_cflag = $fields[$idx_shared_cflag];
|
||||
my $shared_ldflag = $fields[$idx_shared_ldflag];
|
||||
my $shared_extension = $fields[$idx_shared_extension];
|
||||
my $ranlib = $fields[$idx_ranlib];
|
||||
|
||||
(my $cc,my $cflags,my $unistd,my $thread_cflag,my $lflags,my $bn_ops,my $bn_obj,my $des_obj,my $bf_obj,
|
||||
$md5_obj,$sha1_obj,my $cast_obj,my $rc4_obj,$rmd160_obj,my $rc5_obj,my $dso_scheme,my $shared_target,my $shared_cflag)=
|
||||
split(/\s*:\s*/,$table{$target} . ":" x 22 , -1);
|
||||
$cflags="$flags$cflags" if ($flags ne "");
|
||||
|
||||
# The DSO code currently always implements all functions so that no
|
||||
@@ -876,27 +693,17 @@ if ($threads)
|
||||
}
|
||||
|
||||
# You will find shlib_mark1 and shlib_mark2 explained in Makefile.org
|
||||
my $shared_mark = "";
|
||||
if ($shared_target ne "")
|
||||
my $shared_mark1 = "";
|
||||
my $shared_mark2 = "";
|
||||
if ($shared_cflag ne "")
|
||||
{
|
||||
if ($shared_cflag ne "")
|
||||
{
|
||||
$cflags = "$shared_cflag $cflags";
|
||||
}
|
||||
$cflags = "$shared_cflag $cflags";
|
||||
if (!$no_shared)
|
||||
{
|
||||
#$shared_mark = "\$(SHARED_LIBS)";
|
||||
$shared_mark1 = ".shlib-clean.";
|
||||
$shared_mark2 = ".shlib.";
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
$no_shared = 1;
|
||||
}
|
||||
|
||||
if ($ranlib eq "")
|
||||
{
|
||||
$ranlib = $default_ranlib;
|
||||
}
|
||||
|
||||
#my ($bn1)=split(/\s+/,$bn_obj);
|
||||
#$bn1 = "" unless defined $bn1;
|
||||
@@ -926,10 +733,6 @@ if ($rmd160_obj =~ /\.o$/)
|
||||
$cflags.=" -DRMD160_ASM";
|
||||
}
|
||||
|
||||
# "Stringify" the C flags string. This permits it to be made part of a string
|
||||
# and works as well on command lines.
|
||||
$cflags =~ s/([\\\"])/\\\1/g;
|
||||
|
||||
my $version = "unknown";
|
||||
my $major = "unknown";
|
||||
my $minor = "unknown";
|
||||
@@ -982,7 +785,6 @@ while (<IN>)
|
||||
s/^SHLIB_VERSION_HISTORY=.*/SHLIB_VERSION_HISTORY=$shlib_version_history/;
|
||||
s/^SHLIB_MAJOR=.*/SHLIB_MAJOR=$shlib_major/;
|
||||
s/^SHLIB_MINOR=.*/SHLIB_MINOR=$shlib_minor/;
|
||||
s/^SHLIB_EXT=.*/SHLIB_EXT=$shared_extension/;
|
||||
s/^INSTALLTOP=.*$/INSTALLTOP=$prefix/;
|
||||
s/^OPENSSLDIR=.*$/OPENSSLDIR=$openssldir/;
|
||||
s/^INSTALL_PREFIX=.*$/INSTALL_PREFIX=$install_prefix/;
|
||||
@@ -993,7 +795,6 @@ while (<IN>)
|
||||
s/^CFLAG=.*$/CFLAG= $cflags/;
|
||||
s/^DEPFLAG=.*$/DEPFLAG= $depflags/;
|
||||
s/^EX_LIBS=.*$/EX_LIBS= $lflags/;
|
||||
s/^EXE_EXT=.*$/EXE_EXT= $exe_ext/;
|
||||
s/^BN_ASM=.*$/BN_ASM= $bn_obj/;
|
||||
s/^DES_ENC=.*$/DES_ENC= $des_obj/;
|
||||
s/^BF_ENC=.*$/BF_ENC= $bf_obj/;
|
||||
@@ -1007,27 +808,9 @@ while (<IN>)
|
||||
s/^RANLIB=.*/RANLIB= $ranlib/;
|
||||
s/^PERL=.*/PERL= $perl/;
|
||||
s/^SHLIB_TARGET=.*/SHLIB_TARGET=$shared_target/;
|
||||
s/^SHLIB_MARK=.*/SHLIB_MARK=$shared_mark/;
|
||||
s/^SHARED_LIBS=.*/SHARED_LIBS=\$(SHARED_CRYPTO) \$(SHARED_SSL)/ if (!$no_shared);
|
||||
if ($shared_extension ne "" && $shared_extension =~ /^\.s([ol])\.[^\.]*$/)
|
||||
{
|
||||
my $sotmp = $1;
|
||||
s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp/;
|
||||
}
|
||||
elsif ($shared_extension ne "" && $shared_extension =~ /^\.[^\.]*\.dylib$/)
|
||||
{
|
||||
s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.dylib/;
|
||||
}
|
||||
elsif ($shared_extension ne "" && $shared_extension =~ /^\.s([ol])\.[^\.]*\.[^\.]*$/)
|
||||
{
|
||||
my $sotmp = $1;
|
||||
s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp.\$(SHLIB_MAJOR) .s$sotmp/;
|
||||
}
|
||||
elsif ($shared_extension ne "" && $shared_extension =~ /^\.[^\.]*\.[^\.]*\.dylib$/)
|
||||
{
|
||||
s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.\$(SHLIB_MAJOR).dylib .dylib/;
|
||||
}
|
||||
s/^SHARED_LDFLAGS=.*/SHARED_LDFLAGS=$shared_ldflag/;
|
||||
s/^SHLIB_MARK1=.*/SHLIB_MARK1=$shared_mark1/;
|
||||
s/^SHLIB_MARK2=.*/SHLIB_MARK2=$shared_mark2/;
|
||||
s/^LIBS=.*/LIBS=libcrypto\.so\* libssl\.so\*/ if (!$no_shared);
|
||||
print OUT $_."\n";
|
||||
}
|
||||
close(IN);
|
||||
@@ -1314,9 +1097,8 @@ sub print_table_entry
|
||||
(my $cc,my $cflags,my $unistd,my $thread_cflag,my $lflags,my $bn_ops,
|
||||
my $bn_obj,my $des_obj,my $bf_obj,
|
||||
my $md5_obj,my $sha1_obj,my $cast_obj,my $rc4_obj,my $rmd160_obj,
|
||||
my $rc5_obj,my $dso_scheme,my $shared_target,my $shared_cflag,
|
||||
my $shared_ldflag,my $shared_extension,my $ranlib)=
|
||||
split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);
|
||||
my $rc5_obj,my $dso_scheme,my $shared_target,my $shared_cflag)=
|
||||
split(/\s*:\s*/,$table{$target} . ":" x 22 , -1);
|
||||
|
||||
print <<EOF
|
||||
|
||||
@@ -1339,44 +1121,5 @@ sub print_table_entry
|
||||
\$dso_scheme = $dso_scheme
|
||||
\$shared_target= $shared_target
|
||||
\$shared_cflag = $shared_cflag
|
||||
\$shared_ldflag = $shared_ldflag
|
||||
\$shared_extension = $shared_extension
|
||||
\$ranlib = $ranlib
|
||||
EOF
|
||||
}
|
||||
|
||||
sub test_sanity
|
||||
{
|
||||
my $errorcnt = 0;
|
||||
|
||||
print STDERR "=" x 70, "\n";
|
||||
print STDERR "=== SANITY TESTING!\n";
|
||||
print STDERR "=== No configuration will be done, all other arguments will be ignored!\n";
|
||||
print STDERR "=" x 70, "\n";
|
||||
|
||||
foreach $target (sort keys %table)
|
||||
{
|
||||
@fields = split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);
|
||||
|
||||
if ($fields[$idx_dso_scheme-1] =~ /^(dl|dlfcn|win32|vms)$/)
|
||||
{
|
||||
$errorcnt++;
|
||||
print STDERR "SANITY ERROR: '$target' has the dso_scheme [$idx_dso_scheme] values\n";
|
||||
print STDERR " in the previous field\n";
|
||||
}
|
||||
elsif ($fields[$idx_dso_scheme+1] =~ /^(dl|dlfcn|win32|vms)$/)
|
||||
{
|
||||
$errorcnt++;
|
||||
print STDERR "SANITY ERROR: '$target' has the dso_scheme [$idx_dso_scheme] values\n";
|
||||
print STDERR " in the following field\n";
|
||||
}
|
||||
elsif ($fields[$idx_dso_scheme] !~ /^(dl|dlfcn|win32|vms|)$/)
|
||||
{
|
||||
$errorcnt++;
|
||||
print STDERR "SANITY ERROR: '$target' has the dso_scheme [$idx_dso_scheme] field = ",$fields[$idx_dso_scheme],"\n";
|
||||
print STDERR " valid values are 'dl', 'dlfcn', 'win32' and 'vms'\n";
|
||||
}
|
||||
}
|
||||
print STDERR "No sanity errors detected!\n" if $errorcnt == 0;
|
||||
return $errorcnt;
|
||||
}
|
||||
|
||||
653
FAQ
653
FAQ
@@ -1,24 +1,20 @@
|
||||
OpenSSL - Frequently Asked Questions
|
||||
--------------------------------------
|
||||
|
||||
[MISC] Miscellaneous questions
|
||||
|
||||
* Which is the current version of OpenSSL?
|
||||
* Where is the documentation?
|
||||
* How can I contact the OpenSSL developers?
|
||||
* Where can I get a compiled version of OpenSSL?
|
||||
* Why aren't tools like 'autoconf' and 'libtool' used?
|
||||
* What is an 'engine' version?
|
||||
|
||||
[LEGAL] Legal questions
|
||||
|
||||
* Do I need patent licenses to use OpenSSL?
|
||||
* Can I use OpenSSL with GPL software?
|
||||
|
||||
[USER] Questions on using the OpenSSL applications
|
||||
|
||||
* Is OpenSSL thread-safe?
|
||||
* Why do I get a "PRNG not seeded" error message?
|
||||
* Why do I get an "unable to write 'random state'" error message?
|
||||
* Why does the linker complain about undefined symbols?
|
||||
* Where can I get a compiled version of OpenSSL?
|
||||
* I've compiled a program under Windows and it crashes: why?
|
||||
* How do I read or write a DER encoded buffer using the ASN1 functions?
|
||||
* I've tried using <M_some_evil_pkcs12_macro> and I get errors why?
|
||||
* I've called <some function> and it fails, why?
|
||||
* I just get a load of numbers for the error output, what do they mean?
|
||||
* Why do I get errors about unknown algorithms?
|
||||
* How do I create certificates or certificate requests?
|
||||
* Why can't I create certificate requests?
|
||||
* Why does <SSL program> fail with a certificate verify error?
|
||||
@@ -26,42 +22,17 @@ OpenSSL - Frequently Asked Questions
|
||||
* How can I create DSA certificates?
|
||||
* Why can't I make an SSL connection using a DSA certificate?
|
||||
* How can I remove the passphrase on a private key?
|
||||
* Why can't I use OpenSSL certificates with SSL client authentication?
|
||||
* Why does my browser give a warning about a mismatched hostname?
|
||||
* How do I install a CA certificate into a browser?
|
||||
|
||||
[BUILD] Questions about building and testing OpenSSL
|
||||
|
||||
* Why does the linker complain about undefined symbols?
|
||||
* Why can't the OpenSSH configure script detect OpenSSL?
|
||||
* Why does the OpenSSL test fail with "bc: command not found"?
|
||||
* Why does the OpenSSL test fail with "bc: 1 no implemented"?
|
||||
* Why does the OpenSSL compilation fail on Alpha Tru64 Unix?
|
||||
* Why does the OpenSSL compilation fail on Alpha True64 Unix?
|
||||
* Why does the OpenSSL compilation fail with "ar: command not found"?
|
||||
* Why does the OpenSSL compilation fail on Win32 with VC++?
|
||||
* What is special about OpenSSL on Redhat?
|
||||
* Why does the OpenSSL test suite fail on MacOS X?
|
||||
|
||||
[PROG] Questions about programming with OpenSSL
|
||||
|
||||
* Is OpenSSL thread-safe?
|
||||
* I've compiled a program under Windows and it crashes: why?
|
||||
* How do I read or write a DER encoded buffer using the ASN1 functions?
|
||||
* I've tried using <M_some_evil_pkcs12_macro> and I get errors why?
|
||||
* I've called <some function> and it fails, why?
|
||||
* I just get a load of numbers for the error output, what do they mean?
|
||||
* Why do I get errors about unknown algorithms?
|
||||
* Why can't the OpenSSH configure script detect OpenSSL?
|
||||
* Can I use OpenSSL's SSL library with non-blocking I/O?
|
||||
* Why doesn't my server application receive a client certificate?
|
||||
|
||||
===============================================================================
|
||||
|
||||
[MISC] ========================================================================
|
||||
|
||||
* Which is the current version of OpenSSL?
|
||||
|
||||
The current version is available from <URL: http://www.openssl.org>.
|
||||
OpenSSL 0.9.6g was released on 9 August 2002.
|
||||
OpenSSL 0.9.5a was released on April 1st, 2000.
|
||||
|
||||
In addition to the current stable release, you can also access daily
|
||||
snapshots of the OpenSSL development version at <URL:
|
||||
@@ -107,33 +78,6 @@ OpenSSL. Information on the OpenSSL mailing lists is available from
|
||||
<URL: http://www.openssl.org>.
|
||||
|
||||
|
||||
* Where can I get a compiled version of OpenSSL?
|
||||
|
||||
Some applications that use OpenSSL are distributed in binary form.
|
||||
When using such an application, you don't need to install OpenSSL
|
||||
yourself; the application will include the required parts (e.g. DLLs).
|
||||
|
||||
If you want to install OpenSSL on a Windows system and you don't have
|
||||
a C compiler, read the "Mingw32" section of INSTALL.W32 for information
|
||||
on how to obtain and install the free GNU C compiler.
|
||||
|
||||
A number of Linux and *BSD distributions include OpenSSL.
|
||||
|
||||
|
||||
* Why aren't tools like 'autoconf' and 'libtool' used?
|
||||
|
||||
autoconf will probably be used in future OpenSSL versions. If it was
|
||||
less Unix-centric, it might have been used much earlier.
|
||||
|
||||
* What is an 'engine' version?
|
||||
|
||||
With version 0.9.6 OpenSSL was extended to interface to external crypto
|
||||
hardware. This was realized in a special release '0.9.6-engine'. With
|
||||
version 0.9.7 (not yet released) the changes were merged into the main
|
||||
development line, so that the special release is no longer necessary.
|
||||
|
||||
[LEGAL] =======================================================================
|
||||
|
||||
* Do I need patent licenses to use OpenSSL?
|
||||
|
||||
The patents section of the README file lists patents that may apply to
|
||||
@@ -145,25 +89,17 @@ You can configure OpenSSL so as not to use RC5 and IDEA by using
|
||||
./config no-rc5 no-idea
|
||||
|
||||
|
||||
* Can I use OpenSSL with GPL software?
|
||||
* Is OpenSSL thread-safe?
|
||||
|
||||
On many systems including the major Linux and BSD distributions, yes (the
|
||||
GPL does not place restrictions on using libraries that are part of the
|
||||
normal operating system distribution).
|
||||
Yes (with limitations: an SSL connection may not concurrently be used
|
||||
by multiple threads). On Windows and many Unix systems, OpenSSL
|
||||
automatically uses the multi-threaded versions of the standard
|
||||
libraries. If your platform is not one of these, consult the INSTALL
|
||||
file.
|
||||
|
||||
On other systems, the situation is less clear. Some GPL software copyright
|
||||
holders claim that you infringe on their rights if you use OpenSSL with
|
||||
their software on operating systems that don't normally include OpenSSL.
|
||||
Multi-threaded applications must provide two callback functions to
|
||||
OpenSSL. This is described in the threads(3) manpage.
|
||||
|
||||
If you develop open source software that uses OpenSSL, you may find it
|
||||
useful to choose an other license than the GPL, or state explicitly that
|
||||
"This program is released under the GPL with the additional exemption that
|
||||
compiling, linking, and/or using OpenSSL is allowed." If you are using
|
||||
GPL software developed by others, you may want to ask the copyright holder
|
||||
for permission to use their software with OpenSSL.
|
||||
|
||||
|
||||
[USER] ========================================================================
|
||||
|
||||
* Why do I get a "PRNG not seeded" error message?
|
||||
|
||||
@@ -172,7 +108,6 @@ correctly. Many open source operating systems provide a "randomness
|
||||
device" that serves this purpose. On other systems, applications have
|
||||
to call the RAND_add() or RAND_seed() function with appropriate data
|
||||
before generating keys or performing public key encryption.
|
||||
(These functions initialize the pseudo-random number generator, PRNG.)
|
||||
|
||||
Some broken applications do not do this. As of version 0.9.5, the
|
||||
OpenSSL functions that need randomness report an error if the random
|
||||
@@ -182,175 +117,27 @@ application you are using. It is likely that it never worked
|
||||
correctly. OpenSSL 0.9.5 and later make the error visible by refusing
|
||||
to perform potentially insecure encryption.
|
||||
|
||||
On systems without /dev/urandom and /dev/random, it is a good idea to
|
||||
use the Entropy Gathering Demon (EGD); see the RAND_egd() manpage for
|
||||
details. Starting with version 0.9.7, OpenSSL will automatically look
|
||||
for an EGD socket at /var/run/egd-pool, /dev/egd-pool, /etc/egd-pool and
|
||||
/etc/entropy.
|
||||
On systems without /dev/urandom, it is a good idea to use the Entropy
|
||||
Gathering Demon; see the RAND_egd() manpage for details.
|
||||
|
||||
Most components of the openssl command line utility automatically try
|
||||
to seed the random number generator from a file. The name of the
|
||||
default seeding file is determined as follows: If environment variable
|
||||
RANDFILE is set, then it names the seeding file. Otherwise if
|
||||
environment variable HOME is set, then the seeding file is $HOME/.rnd.
|
||||
If neither RANDFILE nor HOME is set, versions up to OpenSSL 0.9.6 will
|
||||
use file .rnd in the current directory while OpenSSL 0.9.6a uses no
|
||||
default seeding file at all. OpenSSL 0.9.6b and later will behave
|
||||
similarly to 0.9.6a, but will use a default of "C:\" for HOME on
|
||||
Windows systems if the environment variable has not been set.
|
||||
Most components of the openssl command line tool try to use the
|
||||
file $HOME/.rnd (or $RANDFILE, if this environment variable is set)
|
||||
for seeding the PRNG. If this file does not exist or is too short,
|
||||
the "PRNG not seeded" error message may occur.
|
||||
|
||||
If the default seeding file does not exist or is too short, the "PRNG
|
||||
not seeded" error message may occur.
|
||||
|
||||
The openssl command line utility will write back a new state to the
|
||||
default seeding file (and create this file if necessary) unless
|
||||
there was no sufficient seeding.
|
||||
|
||||
Pointing $RANDFILE to an Entropy Gathering Daemon socket does not work.
|
||||
Use the "-rand" option of the OpenSSL command line tools instead.
|
||||
The $RANDFILE environment variable and $HOME/.rnd are only used by the
|
||||
OpenSSL command line tools. Applications using the OpenSSL library
|
||||
provide their own configuration options to specify the entropy source,
|
||||
please check out the documentation coming the with application.
|
||||
[Note to OpenSSL 0.9.5 users: The command "openssl rsa" in version
|
||||
0.9.5 does not do this and will fail on systems without /dev/urandom
|
||||
when trying to password-encrypt an RSA key! This is a bug in the
|
||||
library; try a later version instead.]
|
||||
|
||||
For Solaris 2.6, Tim Nibbe <tnibbe@sprint.net> and others have suggested
|
||||
installing the SUNski package from Sun patch 105710-01 (Sparc) which
|
||||
adds a /dev/random device and make sure it gets used, usually through
|
||||
$RANDFILE. There are probably similar patches for the other Solaris
|
||||
versions. An official statement from Sun with respect to /dev/random
|
||||
support can be found at
|
||||
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsrdb/27606&zone_32=SUNWski
|
||||
However, be warned that /dev/random is usually a blocking device, which
|
||||
may have some effects on OpenSSL.
|
||||
versions. However, be warned that /dev/random is usually a blocking
|
||||
device, which may have som effects on OpenSSL.
|
||||
|
||||
|
||||
* Why do I get an "unable to write 'random state'" error message?
|
||||
|
||||
|
||||
Sometimes the openssl command line utility does not abort with
|
||||
a "PRNG not seeded" error message, but complains that it is
|
||||
"unable to write 'random state'". This message refers to the
|
||||
default seeding file (see previous answer). A possible reason
|
||||
is that no default filename is known because neither RANDFILE
|
||||
nor HOME is set. (Versions up to 0.9.6 used file ".rnd" in the
|
||||
current directory in this case, but this has changed with 0.9.6a.)
|
||||
|
||||
|
||||
* How do I create certificates or certificate requests?
|
||||
|
||||
Check out the CA.pl(1) manual page. This provides a simple wrapper round
|
||||
the 'req', 'verify', 'ca' and 'pkcs12' utilities. For finer control check
|
||||
out the manual pages for the individual utilities and the certificate
|
||||
extensions documentation (currently in doc/openssl.txt).
|
||||
|
||||
|
||||
* Why can't I create certificate requests?
|
||||
|
||||
You typically get the error:
|
||||
|
||||
unable to find 'distinguished_name' in config
|
||||
problems making Certificate Request
|
||||
|
||||
This is because it can't find the configuration file. Check out the
|
||||
DIAGNOSTICS section of req(1) for more information.
|
||||
|
||||
|
||||
* Why does <SSL program> fail with a certificate verify error?
|
||||
|
||||
This problem is usually indicated by log messages saying something like
|
||||
"unable to get local issuer certificate" or "self signed certificate".
|
||||
When a certificate is verified its root CA must be "trusted" by OpenSSL
|
||||
this typically means that the CA certificate must be placed in a directory
|
||||
or file and the relevant program configured to read it. The OpenSSL program
|
||||
'verify' behaves in a similar way and issues similar error messages: check
|
||||
the verify(1) program manual page for more information.
|
||||
|
||||
|
||||
* Why can I only use weak ciphers when I connect to a server using OpenSSL?
|
||||
|
||||
This is almost certainly because you are using an old "export grade" browser
|
||||
which only supports weak encryption. Upgrade your browser to support 128 bit
|
||||
ciphers.
|
||||
|
||||
|
||||
* How can I create DSA certificates?
|
||||
|
||||
Check the CA.pl(1) manual page for a DSA certificate example.
|
||||
|
||||
|
||||
* Why can't I make an SSL connection to a server using a DSA certificate?
|
||||
|
||||
Typically you'll see a message saying there are no shared ciphers when
|
||||
the same setup works fine with an RSA certificate. There are two possible
|
||||
causes. The client may not support connections to DSA servers most web
|
||||
browsers (including Netscape and MSIE) only support connections to servers
|
||||
supporting RSA cipher suites. The other cause is that a set of DH parameters
|
||||
has not been supplied to the server. DH parameters can be created with the
|
||||
dhparam(1) command and loaded using the SSL_CTX_set_tmp_dh() for example:
|
||||
check the source to s_server in apps/s_server.c for an example.
|
||||
|
||||
|
||||
* How can I remove the passphrase on a private key?
|
||||
|
||||
Firstly you should be really *really* sure you want to do this. Leaving
|
||||
a private key unencrypted is a major security risk. If you decide that
|
||||
you do have to do this check the EXAMPLES sections of the rsa(1) and
|
||||
dsa(1) manual pages.
|
||||
|
||||
|
||||
* Why can't I use OpenSSL certificates with SSL client authentication?
|
||||
|
||||
What will typically happen is that when a server requests authentication
|
||||
it will either not include your certificate or tell you that you have
|
||||
no client certificates (Netscape) or present you with an empty list box
|
||||
(MSIE). The reason for this is that when a server requests a client
|
||||
certificate it includes a list of CAs names which it will accept. Browsers
|
||||
will only let you select certificates from the list on the grounds that
|
||||
there is little point presenting a certificate which the server will
|
||||
reject.
|
||||
|
||||
The solution is to add the relevant CA certificate to your servers "trusted
|
||||
CA list". How you do this depends on the server software in uses. You can
|
||||
print out the servers list of acceptable CAs using the OpenSSL s_client tool:
|
||||
|
||||
openssl s_client -connect www.some.host:443 -prexit
|
||||
|
||||
If your server only requests certificates on certain URLs then you may need
|
||||
to manually issue an HTTP GET command to get the list when s_client connects:
|
||||
|
||||
GET /some/page/needing/a/certificate.html
|
||||
|
||||
If your CA does not appear in the list then this confirms the problem.
|
||||
|
||||
|
||||
* Why does my browser give a warning about a mismatched hostname?
|
||||
|
||||
Browsers expect the server's hostname to match the value in the commonName
|
||||
(CN) field of the certificate. If it does not then you get a warning.
|
||||
|
||||
|
||||
* How do I install a CA certificate into a browser?
|
||||
|
||||
The usual way is to send the DER encoded certificate to the browser as
|
||||
MIME type application/x-x509-ca-cert, for example by clicking on an appropriate
|
||||
link. On MSIE certain extensions such as .der or .cacert may also work, or you
|
||||
can import the certificate using the certificate import wizard.
|
||||
|
||||
You can convert a certificate to DER form using the command:
|
||||
|
||||
openssl x509 -in ca.pem -outform DER -out ca.der
|
||||
|
||||
Occasionally someone suggests using a command such as:
|
||||
|
||||
openssl pkcs12 -export -out cacert.p12 -in cacert.pem -inkey cakey.pem
|
||||
|
||||
DO NOT DO THIS! This command will give away your CAs private key and
|
||||
reduces its security to zero: allowing anyone to forge certificates in
|
||||
whatever name they choose.
|
||||
|
||||
|
||||
[BUILD] =======================================================================
|
||||
|
||||
* Why does the linker complain about undefined symbols?
|
||||
|
||||
Maybe the compilation was interrupted, and make doesn't notice that
|
||||
@@ -375,186 +162,25 @@ If none of these helps, you may want to try using the current snapshot.
|
||||
If the problem persists, please submit a bug report.
|
||||
|
||||
|
||||
* Why does the OpenSSL test fail with "bc: command not found"?
|
||||
* Where can I get a compiled version of OpenSSL?
|
||||
|
||||
You didn't install "bc", the Unix calculator. If you want to run the
|
||||
tests, get GNU bc from ftp://ftp.gnu.org or from your OS distributor.
|
||||
Some applications that use OpenSSL are distributed in binary form.
|
||||
When using such an application, you don't need to install OpenSSL
|
||||
yourself; the application will include the required parts (e.g. DLLs).
|
||||
|
||||
If you want to install OpenSSL on a Windows system and you don't have
|
||||
a C compiler, read the "Mingw32" section of INSTALL.W32 for information
|
||||
on how to obtain and install the free GNU C compiler.
|
||||
|
||||
* Why does the OpenSSL test fail with "bc: 1 no implemented"?
|
||||
|
||||
On some SCO installations or versions, bc has a bug that gets triggered
|
||||
when you run the test suite (using "make test"). The message returned is
|
||||
"bc: 1 not implemented".
|
||||
|
||||
The best way to deal with this is to find another implementation of bc
|
||||
and compile/install it. GNU bc (see http://www.gnu.org/software/software.html
|
||||
for download instructions) can be safely used, for example.
|
||||
|
||||
|
||||
* Why does the OpenSSL compilation fail on Alpha Tru64 Unix?
|
||||
|
||||
On some Alpha installations running Tru64 Unix and Compaq C, the compilation
|
||||
of crypto/sha/sha_dgst.c fails with the message 'Fatal: Insufficient virtual
|
||||
memory to continue compilation.' As far as the tests have shown, this may be
|
||||
a compiler bug. What happens is that it eats up a lot of resident memory
|
||||
to build something, probably a table. The problem is clearly in the
|
||||
optimization code, because if one eliminates optimization completely (-O0),
|
||||
the compilation goes through (and the compiler consumes about 2MB of resident
|
||||
memory instead of 240MB or whatever one's limit is currently).
|
||||
|
||||
There are three options to solve this problem:
|
||||
|
||||
1. set your current data segment size soft limit higher. Experience shows
|
||||
that about 241000 kbytes seems to be enough on an AlphaServer DS10. You do
|
||||
this with the command 'ulimit -Sd nnnnnn', where 'nnnnnn' is the number of
|
||||
kbytes to set the limit to.
|
||||
|
||||
2. If you have a hard limit that is lower than what you need and you can't
|
||||
get it changed, you can compile all of OpenSSL with -O0 as optimization
|
||||
level. This is however not a very nice thing to do for those who expect to
|
||||
get the best result from OpenSSL. A bit more complicated solution is the
|
||||
following:
|
||||
|
||||
----- snip:start -----
|
||||
make DIRS=crypto SDIRS=sha "`grep '^CFLAG=' Makefile.ssl | \
|
||||
sed -e 's/ -O[0-9] / -O0 /'`"
|
||||
rm `ls crypto/*.o crypto/sha/*.o | grep -v 'sha_dgst\.o'`
|
||||
make
|
||||
----- snip:end -----
|
||||
|
||||
This will only compile sha_dgst.c with -O0, the rest with the optimization
|
||||
level chosen by the configuration process. When the above is done, do the
|
||||
test and installation and you're set.
|
||||
|
||||
|
||||
* Why does the OpenSSL compilation fail with "ar: command not found"?
|
||||
|
||||
Getting this message is quite usual on Solaris 2, because Sun has hidden
|
||||
away 'ar' and other development commands in directories that aren't in
|
||||
$PATH by default. One of those directories is '/usr/ccs/bin'. The
|
||||
quickest way to fix this is to do the following (it assumes you use sh
|
||||
or any sh-compatible shell):
|
||||
|
||||
----- snip:start -----
|
||||
PATH=${PATH}:/usr/ccs/bin; export PATH
|
||||
----- snip:end -----
|
||||
|
||||
and then redo the compilation. What you should really do is make sure
|
||||
'/usr/ccs/bin' is permanently in your $PATH, for example through your
|
||||
'.profile' (again, assuming you use a sh-compatible shell).
|
||||
|
||||
|
||||
* Why does the OpenSSL compilation fail on Win32 with VC++?
|
||||
|
||||
Sometimes, you may get reports from VC++ command line (cl) that it
|
||||
can't find standard include files like stdio.h and other weirdnesses.
|
||||
One possible cause is that the environment isn't correctly set up.
|
||||
To solve that problem, one should run VCVARS32.BAT which is found in
|
||||
the 'bin' subdirectory of the VC++ installation directory (somewhere
|
||||
under 'Program Files'). This needs to be done prior to running NMAKE,
|
||||
and the changes are only valid for the current DOS session.
|
||||
|
||||
|
||||
* What is special about OpenSSL on Redhat?
|
||||
|
||||
Red Hat Linux (release 7.0 and later) include a preinstalled limited
|
||||
version of OpenSSL. For patent reasons, support for IDEA, RC5 and MDC2
|
||||
is disabled in this version. The same may apply to other Linux distributions.
|
||||
Users may therefore wish to install more or all of the features left out.
|
||||
|
||||
To do this you MUST ensure that you do not overwrite the openssl that is in
|
||||
/usr/bin on your Red Hat machine. Several packages depend on this file,
|
||||
including sendmail and ssh. /usr/local/bin is a good alternative choice. The
|
||||
libraries that come with Red Hat 7.0 onwards have different names and so are
|
||||
not affected. (eg For Red Hat 7.2 they are /lib/libssl.so.0.9.6b and
|
||||
/lib/libcrypto.so.0.9.6b with symlinks /lib/libssl.so.2 and
|
||||
/lib/libcrypto.so.2 respectively).
|
||||
|
||||
Please note that we have been advised by Red Hat attempting to recompile the
|
||||
openssl rpm with all the cryptography enabled will not work. All other
|
||||
packages depend on the original Red Hat supplied openssl package. It is also
|
||||
worth noting that due to the way Red Hat supplies its packages, updates to
|
||||
openssl on each distribution never change the package version, only the
|
||||
build number. For example, on Red Hat 7.1, the latest openssl package has
|
||||
version number 0.9.6 and build number 9 even though it contains all the
|
||||
relevant updates in packages up to and including 0.9.6b.
|
||||
|
||||
A possible way around this is to persuade Red Hat to produce a non-US
|
||||
version of Red Hat Linux.
|
||||
|
||||
FYI: Patent numbers and expiry dates of US patents:
|
||||
MDC-2: 4,908,861 13/03/2007
|
||||
IDEA: 5,214,703 25/05/2010
|
||||
RC5: 5,724,428 03/03/2015
|
||||
|
||||
|
||||
* Why does the OpenSSL test suite fail on MacOS X?
|
||||
|
||||
If the failure happens when running 'make test' and the RC4 test fails,
|
||||
it's very probable that you have OpenSSL 0.9.6b delivered with the
|
||||
operating system (you can find out by running '/usr/bin/openssl version')
|
||||
and that you were trying to build OpenSSL 0.9.6d. The problem is that
|
||||
the loader ('ld') in MacOS X has a misfeature that's quite difficult to
|
||||
go around and has linked the programs "openssl" and the test programs
|
||||
with /usr/lib/libcrypto.dylib and /usr/lib/libssl.dylib instead of the
|
||||
libraries you just built.
|
||||
Look in the file PROBLEMS for a more detailed explanation and for possible
|
||||
solutions.
|
||||
|
||||
[PROG] ========================================================================
|
||||
|
||||
* Is OpenSSL thread-safe?
|
||||
|
||||
Yes (with limitations: an SSL connection may not concurrently be used
|
||||
by multiple threads). On Windows and many Unix systems, OpenSSL
|
||||
automatically uses the multi-threaded versions of the standard
|
||||
libraries. If your platform is not one of these, consult the INSTALL
|
||||
file.
|
||||
|
||||
Multi-threaded applications must provide two callback functions to
|
||||
OpenSSL. This is described in the threads(3) manpage.
|
||||
A number of Linux and *BSD distributions include OpenSSL.
|
||||
|
||||
|
||||
* I've compiled a program under Windows and it crashes: why?
|
||||
|
||||
This is usually because you've missed the comment in INSTALL.W32.
|
||||
Your application must link against the same version of the Win32
|
||||
C-Runtime against which your openssl libraries were linked. The
|
||||
default version for OpenSSL is /MD - "Multithreaded DLL".
|
||||
|
||||
If you are using Microsoft Visual C++'s IDE (Visual Studio), in
|
||||
many cases, your new project most likely defaulted to "Debug
|
||||
Singlethreaded" - /ML. This is NOT interchangeable with /MD and your
|
||||
program will crash, typically on the first BIO related read or write
|
||||
operation.
|
||||
|
||||
For each of the six possible link stage configurations within Win32,
|
||||
your application must link against the same by which OpenSSL was
|
||||
built. If you are using MS Visual C++ (Studio) this can be changed
|
||||
by:
|
||||
|
||||
1. Select Settings... from the Project Menu.
|
||||
2. Select the C/C++ Tab.
|
||||
3. Select "Code Generation from the "Category" drop down list box
|
||||
4. Select the Appropriate library (see table below) from the "Use
|
||||
run-time library" drop down list box. Perform this step for both
|
||||
your debug and release versions of your application (look at the
|
||||
top left of the settings panel to change between the two)
|
||||
|
||||
Single Threaded /ML - MS VC++ often defaults to
|
||||
this for the release
|
||||
version of a new project.
|
||||
Debug Single Threaded /MLd - MS VC++ often defaults to
|
||||
this for the debug version
|
||||
of a new project.
|
||||
Multithreaded /MT
|
||||
Debug Multithreaded /MTd
|
||||
Multithreaded DLL /MD - OpenSSL defaults to this.
|
||||
Debug Multithreaded DLL /MDd
|
||||
|
||||
Note that debug and release libraries are NOT interchangeable. If you
|
||||
built OpenSSL with /MD your application must use /MD and cannot use /MDd.
|
||||
This is usually because you've missed the comment in INSTALL.W32. You
|
||||
must link with the multithreaded DLL version of the VC++ runtime library
|
||||
otherwise the conflict will cause a program to crash: typically on the
|
||||
first BIO related read or write operation.
|
||||
|
||||
|
||||
* How do I read or write a DER encoded buffer using the ASN1 functions?
|
||||
@@ -568,7 +194,7 @@ unsigned char *buf, *p;
|
||||
int len;
|
||||
|
||||
len = i2d_PKCS7(p7, NULL);
|
||||
buf = OPENSSL_malloc(len); /* or Malloc, error checking omitted */
|
||||
buf = OPENSSL_Malloc(len); /* or Malloc, error checking omitted */
|
||||
p = buf;
|
||||
i2d_PKCS7(p7, &p);
|
||||
|
||||
@@ -633,39 +259,174 @@ is forgetting to load OpenSSL's table of algorithms with
|
||||
OpenSSL_add_all_algorithms(). See the manual page for more information.
|
||||
|
||||
|
||||
* How do I create certificates or certificate requests?
|
||||
|
||||
Check out the CA.pl(1) manual page. This provides a simple wrapper round
|
||||
the 'req', 'verify', 'ca' and 'pkcs12' utilities. For finer control check
|
||||
out the manual pages for the individual utilities and the certificate
|
||||
extensions documentation (currently in doc/openssl.txt).
|
||||
|
||||
|
||||
* Why can't I create certificate requests?
|
||||
|
||||
You typically get the error:
|
||||
|
||||
unable to find 'distinguished_name' in config
|
||||
problems making Certificate Request
|
||||
|
||||
This is because it can't find the configuration file. Check out the
|
||||
DIAGNOSTICS section of req(1) for more information.
|
||||
|
||||
|
||||
* Why does <SSL program> fail with a certificate verify error?
|
||||
|
||||
This problem is usually indicated by log messages saying something like
|
||||
"unable to get local issuer certificate" or "self signed certificate".
|
||||
When a certificate is verified its root CA must be "trusted" by OpenSSL
|
||||
this typically means that the CA certificate must be placed in a directory
|
||||
or file and the relevant program configured to read it. The OpenSSL program
|
||||
'verify' behaves in a similar way and issues similar error messages: check
|
||||
the verify(1) program manual page for more information.
|
||||
|
||||
|
||||
* Why can I only use weak ciphers when I connect to a server using OpenSSL?
|
||||
|
||||
This is almost certainly because you are using an old "export grade" browser
|
||||
which only supports weak encryption. Upgrade your browser to support 128 bit
|
||||
ciphers.
|
||||
|
||||
|
||||
* How can I create DSA certificates?
|
||||
|
||||
Check the CA.pl(1) manual page for a DSA certificate example.
|
||||
|
||||
|
||||
* Why can't I make an SSL connection to a server using a DSA certificate?
|
||||
|
||||
Typically you'll see a message saying there are no shared ciphers when
|
||||
the same setup works fine with an RSA certificate. There are two possible
|
||||
causes. The client may not support connections to DSA servers most web
|
||||
browsers (including Netscape and MSIE) only support connections to servers
|
||||
supporting RSA cipher suites. The other cause is that a set of DH parameters
|
||||
has not been supplied to the server. DH parameters can be created with the
|
||||
dhparam(1) command and loaded using the SSL_CTX_set_tmp_dh() for example:
|
||||
check the source to s_server in apps/s_server.c for an example.
|
||||
|
||||
|
||||
* How can I remove the passphrase on a private key?
|
||||
|
||||
Firstly you should be really *really* sure you want to do this. Leaving
|
||||
a private key unencrypted is a major security risk. If you decide that
|
||||
you do have to do this check the EXAMPLES sections of the rsa(1) and
|
||||
dsa(1) manual pages.
|
||||
|
||||
|
||||
* Why can't the OpenSSH configure script detect OpenSSL?
|
||||
|
||||
Several reasons for problems with the automatic detection exist.
|
||||
OpenSSH requires at least version 0.9.5a of the OpenSSL libraries.
|
||||
Sometimes the distribution has installed an older version in the system
|
||||
locations that is detected instead of a new one installed. The OpenSSL
|
||||
library might have been compiled for another CPU or another mode (32/64 bits).
|
||||
Permissions might be wrong.
|
||||
There is a problem with OpenSSH 1.2.2p1, in that the configure script
|
||||
can't find the installed OpenSSL libraries. The problem is actually
|
||||
a small glitch that is easily solved with the following patch to be
|
||||
applied to the OpenSSH distribution:
|
||||
|
||||
The general answer is to check the config.log file generated when running
|
||||
the OpenSSH configure script. It should contain the detailed information
|
||||
on why the OpenSSL library was not detected or considered incompatible.
|
||||
|
||||
* Can I use OpenSSL's SSL library with non-blocking I/O?
|
||||
|
||||
Yes; make sure to read the SSL_get_error(3) manual page!
|
||||
|
||||
A pitfall to avoid: Don't assume that SSL_read() will just read from
|
||||
the underlying transport or that SSL_write() will just write to it --
|
||||
it is also possible that SSL_write() cannot do any useful work until
|
||||
there is data to read, or that SSL_read() cannot do anything until it
|
||||
is possible to send data. One reason for this is that the peer may
|
||||
request a new TLS/SSL handshake at any time during the protocol,
|
||||
requiring a bi-directional message exchange; both SSL_read() and
|
||||
SSL_write() will try to continue any pending handshake.
|
||||
----- snip:start -----
|
||||
--- openssh-1.2.2p1/configure.in.orig Thu Mar 23 18:56:58 2000
|
||||
+++ openssh-1.2.2p1/configure.in Thu Mar 23 18:55:05 2000
|
||||
@@ -152,10 +152,10 @@
|
||||
AC_MSG_CHECKING([for OpenSSL/SSLeay directory])
|
||||
for ssldir in "" $tryssldir /usr /usr/local/openssl /usr/lib/openssl /usr/local/ssl /usr/lib/ssl /usr/local /usr/pkg /opt /opt/openssl ; do
|
||||
if test ! -z "$ssldir" ; then
|
||||
- LIBS="$saved_LIBS -L$ssldir"
|
||||
+ LIBS="$saved_LIBS -L$ssldir/lib"
|
||||
CFLAGS="$CFLAGS -I$ssldir/include"
|
||||
if test "x$need_dash_r" = "x1" ; then
|
||||
- LIBS="$LIBS -R$ssldir"
|
||||
+ LIBS="$LIBS -R$ssldir/lib"
|
||||
fi
|
||||
fi
|
||||
LIBS="$LIBS -lcrypto"
|
||||
--- openssh-1.2.2p1/configure.orig Thu Mar 23 18:55:02 2000
|
||||
+++ openssh-1.2.2p1/configure Thu Mar 23 18:57:08 2000
|
||||
@@ -1890,10 +1890,10 @@
|
||||
echo "configure:1891: checking for OpenSSL/SSLeay directory" >&5
|
||||
for ssldir in "" $tryssldir /usr /usr/local/openssl /usr/lib/openssl /usr/local/ssl /usr/lib/ssl /usr/local /usr/pkg /opt /opt/openssl ; do
|
||||
if test ! -z "$ssldir" ; then
|
||||
- LIBS="$saved_LIBS -L$ssldir"
|
||||
+ LIBS="$saved_LIBS -L$ssldir/lib"
|
||||
CFLAGS="$CFLAGS -I$ssldir/include"
|
||||
if test "x$need_dash_r" = "x1" ; then
|
||||
- LIBS="$LIBS -R$ssldir"
|
||||
+ LIBS="$LIBS -R$ssldir/lib"
|
||||
fi
|
||||
fi
|
||||
LIBS="$LIBS -lcrypto"
|
||||
----- snip:end -----
|
||||
|
||||
|
||||
* Why doesn't my server application receive a client certificate?
|
||||
* Why does the OpenSSL test fail with "bc: command not found"?
|
||||
|
||||
Due to the TLS protocol definition, a client will only send a certificate,
|
||||
if explicitly asked by the server. Use the SSL_VERIFY_PEER flag of the
|
||||
SSL_CTX_set_verify() function to enable the use of client certificates.
|
||||
You didn't install "bc", the Unix calculator. If you want to run the
|
||||
tests, get GNU bc from ftp://ftp.gnu.org or from your OS distributor.
|
||||
|
||||
|
||||
===============================================================================
|
||||
* Why does the OpenSSL test fail with "bc: 1 no implemented"?
|
||||
|
||||
On some SCO installations or versions, bc has a bug that gets triggered when
|
||||
you run the test suite (using "make test"). The message returned is "bc:
|
||||
1 not implemented". The best way to deal with this is to find another
|
||||
implementation of bc and compile/install it. For example, GNU bc (see
|
||||
http://www.gnu.org/software/software.html for download instructions) can
|
||||
be safely used.
|
||||
|
||||
|
||||
* Why does the OpenSSL compilation fail on Alpha True64 Unix?
|
||||
|
||||
On some Alpha installations running True64 Unix and Compaq C, the compilation
|
||||
of crypto/sha/sha_dgst.c fails with the message 'Fatal: Insufficient virtual
|
||||
memory to continue compilation.' As far as the tests have shown, this may be
|
||||
a compiler bug. What happens is that it eats up a lot of resident memory
|
||||
to build something, probably a table. The problem is clearly in the
|
||||
optimization code, because if one eliminates optimization completely (-O0),
|
||||
the compilation goes through (and the compiler consumes about 2MB of resident
|
||||
memory instead of 240MB or whatever one's limit is currently).
|
||||
|
||||
There are three options to solve this problem:
|
||||
|
||||
1. set your current data segment size soft limit higher. Experience shows
|
||||
that about 241000 kbytes seems to be enough on an AlphaServer DS10. You do
|
||||
this with the command 'ulimit -Sd nnnnnn', where 'nnnnnn' is the number of
|
||||
kbytes to set the limit to.
|
||||
|
||||
2. If you have a hard limit that is lower than what you need and you can't
|
||||
get it changed, you can compile all of OpenSSL with -O0 as optimization
|
||||
level. This is however not a very nice thing to do for those who expect to
|
||||
get the best result from OpenSSL. A bit more complicated solution is the
|
||||
following:
|
||||
|
||||
----- snip:start -----
|
||||
make DIRS=crypto SDIRS=sha "`grep '^CFLAG=' Makefile.ssl | \
|
||||
sed -e 's/ -O[0-9] / -O0 /'`"
|
||||
rm `ls crypto/*.o crypto/sha/*.o | grep -v 'sha_dgst\.o'`
|
||||
make
|
||||
----- snip:end -----
|
||||
|
||||
This will only compile sha_dgst.c with -O0, the rest with the optimization
|
||||
level chosen by the configuration process. When the above is done, do the
|
||||
test and installation and you're set.
|
||||
|
||||
|
||||
* Why does the OpenSSL compilation fail with "ar: command not found"?
|
||||
|
||||
Getting this message is quite usual on Solaris 2, because Sun has hidden
|
||||
away 'ar' and other development commands in directories that aren't in
|
||||
$PATH by default. One of those directories is '/usr/ccs/bin'. The
|
||||
quickest way to fix this is to do the following (it assumes you use sh
|
||||
or any sh-compatible shell):
|
||||
|
||||
----- snip:start -----
|
||||
PATH=${PATH}:/usr/ccs/bin; export PATH
|
||||
----- snip:end -----
|
||||
|
||||
and then redo the compilation. What you should really do is make sure
|
||||
'/usr/ccs/bin' is permanently in your $PATH, for example through your
|
||||
'.profile' (again, assuming you use a sh-compatible shell).
|
||||
|
||||
|
||||
28
INSTALL
28
INSTALL
@@ -7,11 +7,8 @@
|
||||
|
||||
To install OpenSSL, you will need:
|
||||
|
||||
* make
|
||||
* Perl 5
|
||||
* an ANSI C compiler
|
||||
* a development environment in form of development libraries and C
|
||||
header files
|
||||
* a supported Unix operating system
|
||||
|
||||
Quick Start
|
||||
@@ -46,6 +43,9 @@
|
||||
--openssldir=DIR Directory for OpenSSL files. If no prefix is specified,
|
||||
the library files and binaries are also installed there.
|
||||
|
||||
rsaref Build with RSADSI's RSAREF toolkit (this assumes that
|
||||
librsaref.a is in the library search path).
|
||||
|
||||
no-threads Don't try to build with support for multi-threaded
|
||||
applications.
|
||||
|
||||
@@ -57,10 +57,7 @@
|
||||
|
||||
shared In addition to the usual static libraries, create shared
|
||||
libraries on platforms where it's supported. See "Note on
|
||||
shared libraries" below. THIS IS NOT RECOMMENDED! Since
|
||||
this is a development branch, the positions of the ENGINE
|
||||
symbols in the transfer vector are constantly moving, so
|
||||
binary backward compatibility can't be guaranteed in any way.
|
||||
shared libraries" below.
|
||||
|
||||
no-asm Do not use assembler code.
|
||||
|
||||
@@ -128,14 +125,11 @@
|
||||
directory, and the binary will be in the "apps" directory.
|
||||
|
||||
If "make" fails, look at the output. There may be reasons for
|
||||
the failure that aren't problems in OpenSSL itself (like missing
|
||||
the failure that isn't a problem in OpenSSL itself (like missing
|
||||
standard headers). If it is a problem with OpenSSL itself, please
|
||||
report the problem to <openssl-bugs@openssl.org> (note that your
|
||||
message will be recorded in the request tracker publicly readable
|
||||
via http://www.openssl.org/rt2.html and will be forwarded to a public
|
||||
mailing list). Include the output of "make report" in your message.
|
||||
Please check out the request tracker. Maybe the bug was already
|
||||
reported or has already been fixed.
|
||||
message will be forwarded to a public mailing list). Include the
|
||||
output of "make report" in your message.
|
||||
|
||||
[If you encounter assembler error messages, try the "no-asm"
|
||||
configuration option as an immediate fix.]
|
||||
@@ -153,8 +147,7 @@
|
||||
try removing any compiler optimization flags from the CFLAGS line
|
||||
in Makefile.ssl and run "make clean; make". Please send a bug
|
||||
report to <openssl-bugs@openssl.org>, including the output of
|
||||
"make report" in order to be added to the request tracker at
|
||||
http://www.openssl.org/rt2.html.
|
||||
"make report".
|
||||
|
||||
4. If everything tests ok, install OpenSSL with
|
||||
|
||||
@@ -276,11 +269,6 @@
|
||||
Note on shared libraries
|
||||
------------------------
|
||||
|
||||
Shared library is currently an experimental feature. The only reason to
|
||||
have them would be to conserve memory on systems where several program
|
||||
are using OpenSSL. Binary backward compatibility can't be guaranteed
|
||||
before OpenSSL version 1.0.
|
||||
|
||||
For some systems, the OpenSSL Configure script knows what is needed to
|
||||
build shared libraries for libcrypto and libssl. On these systems,
|
||||
the shared libraries are currently not created by default, but giving
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
OpenSSL - Port To The Macintosh OS 9 or Earlier
|
||||
===============================================
|
||||
OpenSSL - Port To The Macintosh
|
||||
===============================
|
||||
|
||||
Thanks to Roy Wood <roy@centricsystems.ca> initial support for Mac OS (pre
|
||||
Thanks to Roy Wood <roy@centricsystems.ca> initial support for MacOS (pre
|
||||
X) is now provided. "Initial" means that unlike other platforms where you
|
||||
get an SDK and a "swiss army" openssl application, on Macintosh you only
|
||||
get one sample application which fetches a page over HTTPS(*) and dumps it
|
||||
@@ -42,7 +42,7 @@ Installation procedure:
|
||||
BSD sockets and some other POSIX APIs. The GUSI distribution is
|
||||
expected to be found in the same directory as openssl source tree,
|
||||
i.e. in the parent directory to the one where this very file,
|
||||
namely INSTALL.MacOS. For more information about GUSI, see
|
||||
namely INSTALL.MacOS. For more informations about GUSI, see
|
||||
http://www.iis.ee.ethz.ch/~neeri/macintosh/gusi-qa.html
|
||||
|
||||
Finally some essential comments from our generous contributor:-)
|
||||
|
||||
29
INSTALL.VMS
29
INSTALL.VMS
@@ -8,7 +8,6 @@ Intro:
|
||||
|
||||
This file is divided in the following parts:
|
||||
|
||||
Requirements - Mandatory reading.
|
||||
Checking the distribution - Mandatory reading.
|
||||
Compilation - Mandatory reading.
|
||||
Logical names - Mandatory reading.
|
||||
@@ -20,15 +19,6 @@ This file is divided in the following parts:
|
||||
TODO - Things that are to come.
|
||||
|
||||
|
||||
Requirements:
|
||||
=============
|
||||
|
||||
To build and install OpenSSL, you will need:
|
||||
|
||||
* DEC C or some other ANSI C compiler. VAX C is *not* supported.
|
||||
[Note: OpenSSL has only been tested with DEC C. Compiling with
|
||||
a different ANSI C compiler may require some work]
|
||||
|
||||
Checking the distribution:
|
||||
==========================
|
||||
|
||||
@@ -92,17 +82,12 @@ directory. The syntax is trhe following:
|
||||
RSAREF compile using the RSAREF Library
|
||||
NORSAREF compile without using RSAREF
|
||||
|
||||
Note 0: The RASREF library IS NO LONGER NEEDED. The RSA patent
|
||||
expires September 20, 2000, and RSA Security chose to make
|
||||
the algorithm public domain two weeks before that.
|
||||
|
||||
Note 1: If you still want to use RSAREF, the library is NOT INCLUDED
|
||||
and you have to download it. RSA Security doesn't carry it
|
||||
any more, but there are a number of places where you can find
|
||||
it. You have to get the ".tar-Z" file as the ".zip" file
|
||||
doesn't have the directory structure stored. You have to
|
||||
extract the file into the [.RSAREF] directory as that is where
|
||||
the scripts will look for the files.
|
||||
Note 1: The RSAREF libraries are NOT INCLUDED and you have to
|
||||
download it from "ftp://ftp.rsa.com/rsaref". You have to
|
||||
get the ".tar-Z" file as the ".zip" file doesn't have the
|
||||
directory structure stored. You have to extract the file
|
||||
into the [.RSAREF] directory as that is where the scripts
|
||||
will look for the files.
|
||||
|
||||
Note 2: I have never done this, so I've no idea if it works or not.
|
||||
|
||||
@@ -144,7 +129,7 @@ Currently, the logical names supported are:
|
||||
used. This is good to try if something doesn't work.
|
||||
OPENSSL_NO_'alg' with value YES, the corresponding crypto algorithm
|
||||
will not be implemented. Supported algorithms to
|
||||
do this with are: RSA, DSA, DH, MD2, MD4, MD5, RIPEMD,
|
||||
do this with are: RSA, DSA, DH, MD2, MD5, RIPEMD,
|
||||
SHA, DES, MDC2, CR2, RC4, RC5, IDEA, BF, CAST, HMAC,
|
||||
SSL2. So, for example, having the logical name
|
||||
OPENSSL_NO_RSA with the value YES means that the
|
||||
|
||||
66
INSTALL.W32
66
INSTALL.W32
@@ -2,19 +2,16 @@
|
||||
INSTALLATION ON THE WIN32 PLATFORM
|
||||
----------------------------------
|
||||
|
||||
Heres a few comments about building OpenSSL in Windows environments. Most
|
||||
of this is tested on Win32 but it may also work in Win 3.1 with some
|
||||
Heres a few comments about building OpenSSL in Windows environments. Most of
|
||||
this is tested on Win32 but it may also work in Win 3.1 with some
|
||||
modification.
|
||||
|
||||
You need Perl for Win32. Unless you will build on Cygwin, you will need
|
||||
ActiveState Perl, available from http://www.activestate.com/ActivePerl.
|
||||
For Cygwin users, there's more info in the Cygwin section.
|
||||
|
||||
You need Perl for Win32 (available from http://www.activestate.com/ActivePerl)
|
||||
and one of the following C compilers:
|
||||
|
||||
* Visual C++
|
||||
* Borland C
|
||||
* GNU C (Mingw32 or Cygwin)
|
||||
* GNU C (Mingw32 or Cygwin32)
|
||||
|
||||
If you want to compile in the assembly language routines with Visual C++ then
|
||||
you will need an assembler. This is worth doing because it will result in
|
||||
@@ -81,7 +78,7 @@
|
||||
|
||||
There are various changes you can make to the Win32 compile environment. By
|
||||
default the library is not compiled with debugging symbols. If you add 'debug'
|
||||
to the mk1mf.pl lines in the do_* batch file then debugging symbols will be
|
||||
to the mk1mk.pl lines in the do_* batch file then debugging symbols will be
|
||||
compiled in.
|
||||
|
||||
The default Win32 environment is to leave out any Windows NT specific
|
||||
@@ -94,18 +91,6 @@
|
||||
You can also build a static version of the library using the Makefile
|
||||
ms\nt.mak
|
||||
|
||||
Borland C++ builder 5
|
||||
---------------------
|
||||
|
||||
* Configure for building with Borland Builder:
|
||||
> perl Configure BC-32
|
||||
|
||||
* Create the appropriate makefile
|
||||
> ms\do_nasm
|
||||
|
||||
* Build
|
||||
> make -f ms\bcb.mak
|
||||
|
||||
Borland C++ builder 3 and 4
|
||||
---------------------------
|
||||
|
||||
@@ -123,8 +108,8 @@
|
||||
|
||||
* Compiler installation:
|
||||
|
||||
Mingw32 is available from <ftp://ftp.xraylith.wisc.edu/pub/khan/
|
||||
gnu-win32/mingw32/gcc-2.95.2/gcc-2.95.2-msvcrt.exe>. GNU make is at
|
||||
Mingw32 is available from <ftp://ftp.xraylith.wisc.edu/pub/khan/gnu-win32/
|
||||
mingw32/egcs-1.1.2/egcs-1.1.2-mingw32.zip>. GNU make is at
|
||||
<ftp://agnes.dida.physik.uni-essen.de/home/janjaap/mingw32/binaries/
|
||||
make-3.76.1.zip>. Install both of them in C:\egcs-1.1.2 and run
|
||||
C:\egcs-1.1.2\mingw32.bat to set the PATH.
|
||||
@@ -149,30 +134,28 @@
|
||||
> cd out
|
||||
> ..\ms\test
|
||||
|
||||
GNU C (Cygwin)
|
||||
--------------
|
||||
GNU C (CygWin32)
|
||||
---------------
|
||||
|
||||
Cygwin provides a bash shell and GNU tools environment running on
|
||||
CygWin32 provides a bash shell and GNU tools environment running on
|
||||
NT 4.0, Windows 9x and Windows 2000. Consequently, a make of OpenSSL
|
||||
with Cygwin is closer to a GNU bash environment such as Linux rather
|
||||
with CygWin is closer to a GNU bash environment such as Linux rather
|
||||
than other W32 makes that are based on a single makefile approach.
|
||||
Cygwin implements Posix/Unix calls through cygwin1.dll, and is
|
||||
CygWin32 implements Posix/Unix calls through cygwin1.dll, and is
|
||||
contrasted to Mingw32 which links dynamically to msvcrt.dll or
|
||||
crtdll.dll.
|
||||
|
||||
To build OpenSSL using Cygwin:
|
||||
To build OpenSSL using CygWin32:
|
||||
|
||||
* Install Cygwin (see http://sourceware.cygnus.com/cygwin)
|
||||
* Install CygWin32 (see http://sourceware.cygnus.com/cygwin)
|
||||
|
||||
* Install Perl and ensure it is in the path (recent Cygwin perl
|
||||
(version 5.6.1-2 of the latter has been reported to work) or
|
||||
ActivePerl)
|
||||
* Install Perl and ensure it is in the path
|
||||
|
||||
* Run the Cygwin bash shell
|
||||
* Run the CygWin bash shell
|
||||
|
||||
* $ tar zxvf openssl-x.x.x.tar.gz
|
||||
$ cd openssl-x.x.x
|
||||
$ ./config
|
||||
$ ./Configure no-threads CygWin32
|
||||
[...]
|
||||
$ make
|
||||
[...]
|
||||
@@ -181,28 +164,27 @@
|
||||
|
||||
This will create a default install in /usr/local/ssl.
|
||||
|
||||
Cygwin Notes:
|
||||
CygWin32 Notes:
|
||||
|
||||
"make test" and normal file operations may fail in directories
|
||||
mounted as text (i.e. mount -t c:\somewhere /home) due to Cygwin
|
||||
mounted as text (i.e. mount -t c:\somewhere /home) due to CygWin
|
||||
stripping of carriage returns. To avoid this ensure that a binary
|
||||
mount is used, e.g. mount -b c:\somewhere /home.
|
||||
|
||||
As of version 1.1.1 Cygwin is relatively unstable in its handling
|
||||
As of version 1.1.1 CygWin32 is relatively unstable in its handling
|
||||
of cr/lf issues. These make procedures succeeded with versions 1.1 and
|
||||
the snapshot 20000524 (Slow!).
|
||||
|
||||
"bc" is not provided in the Cygwin distribution. This causes a
|
||||
"bc" is not provided in the CygWin32 distribution. This causes a
|
||||
non-fatal error in "make test" but is otherwise harmless. If
|
||||
desired, GNU bc can be built with Cygwin without change.
|
||||
desired, GNU bc can be built with CygWin32 without change.
|
||||
|
||||
|
||||
Installation
|
||||
------------
|
||||
|
||||
If you used the Cygwin procedure above, you have already installed and
|
||||
can skip this section. For all other procedures, there's currently no real
|
||||
installation procedure for Win32. There are, however, some suggestions:
|
||||
There's currently no real installation procedure for Win32. There are,
|
||||
however, some suggestions:
|
||||
|
||||
- do nothing. The include files are found in the inc32/ subdirectory,
|
||||
all binaries are found in out32dll/ or out32/ depending if you built
|
||||
|
||||
2
LICENSE
2
LICENSE
@@ -12,7 +12,7 @@
|
||||
---------------
|
||||
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
|
||||
* Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
|
||||
472
Makefile.org
472
Makefile.org
@@ -9,7 +9,6 @@ SHLIB_VERSION_NUMBER=
|
||||
SHLIB_VERSION_HISTORY=
|
||||
SHLIB_MAJOR=
|
||||
SHLIB_MINOR=
|
||||
SHLIB_EXT=
|
||||
PLATFORM=dist
|
||||
OPTIONS=
|
||||
CONFIGURE_ARGS=
|
||||
@@ -57,14 +56,13 @@ CC= gcc
|
||||
#CFLAG= -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DSHA1_ASM -DMD5_ASM -DRMD160_ASM
|
||||
CFLAG= -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall -DSHA1_ASM -DMD5_ASM -DRMD160_ASM
|
||||
DEPFLAG=
|
||||
PEX_LIBS=
|
||||
PEX_LIBS= -L. -L.. -L../.. -L../../..
|
||||
EX_LIBS=
|
||||
EXE_EXT=
|
||||
AR=ar r
|
||||
RANLIB= ranlib
|
||||
PERL= perl
|
||||
TAR= tar
|
||||
TARFLAGS= --no-recursion
|
||||
TARFLAGS= --norecurse
|
||||
|
||||
# Set BN_ASM to bn_asm.o if you want to use the C version
|
||||
BN_ASM= bn_asm.o
|
||||
@@ -151,18 +149,21 @@ RMD160_ASM_OBJ= asm/rm86-out.o
|
||||
#RMD160_ASM_OBJ= asm/rm86-out.o # a.out, FreeBSD
|
||||
#RMD160_ASM_OBJ= asm/rm86bsdi.o # bsdi
|
||||
|
||||
# To do special treatment, use "directory names" starting with a period.
|
||||
# When we're prepared to use shared libraries in the programs we link here
|
||||
# we might set SHLIB_MARK to '$(SHARED_LIBS)'.
|
||||
SHLIB_MARK=
|
||||
# we might have SHLIB_MARK1 get the value ".shlib." and SHLIB_MARK2 be empty,
|
||||
# or have that configurable.
|
||||
SHLIB_MARK1=.shlib-clean.
|
||||
SHLIB_MARK2=.shlib.
|
||||
|
||||
DIRS= crypto ssl rsaref $(SHLIB_MARK) apps test tools
|
||||
DIRS= crypto ssl rsaref $(SHLIB_MARK1) apps test tools $(SHLIB_MARK2)
|
||||
SHLIBDIRS= crypto ssl
|
||||
|
||||
# dirs in crypto to build
|
||||
SDIRS= \
|
||||
md2 md4 md5 sha mdc2 hmac ripemd \
|
||||
des rc2 rc4 rc5 idea bf cast \
|
||||
bn rsa dsa dh dso engine \
|
||||
bn rsa dsa dh dso \
|
||||
buffer bio stack lhash rand err objects \
|
||||
evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp
|
||||
|
||||
@@ -179,11 +180,7 @@ ONEDIRS=out tmp
|
||||
EDIRS= times doc bugs util include certs ms shlib mt demos perl sf dep VMS
|
||||
WDIRS= windows
|
||||
LIBS= libcrypto.a libssl.a
|
||||
SHARED_CRYPTO=libcrypto$(SHLIB_EXT)
|
||||
SHARED_SSL=libssl$(SHLIB_EXT)
|
||||
SHARED_LIBS=
|
||||
SHARED_LIBS_LINK_EXTS=
|
||||
SHARED_LDFLAGS=
|
||||
SHARED_LIBS=libcrypto.so libssl.so
|
||||
|
||||
GENERAL= Makefile
|
||||
BASENAME= openssl
|
||||
@@ -193,290 +190,108 @@ WTARFILE= $(NAME)-win.tar
|
||||
EXHEADER= e_os.h e_os2.h
|
||||
HEADER= e_os.h
|
||||
|
||||
# When we're prepared to use shared libraries in the programs we link here
|
||||
# we might remove 'clean-shared' from the targets to perform at this stage
|
||||
|
||||
all: clean-shared Makefile.ssl sub_all
|
||||
|
||||
sub_all:
|
||||
@for i in $(DIRS); \
|
||||
all: Makefile.ssl
|
||||
@need_shlib=true; \
|
||||
for i in $(DIRS) ;\
|
||||
do \
|
||||
if [ -d "$$i" ]; then \
|
||||
(cd $$i && echo "making all in $$i..." && \
|
||||
$(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' EXE_EXT='${EXE_EXT}' all ) || exit 1; \
|
||||
if [ "$$i" = ".shlib-clean." ]; then \
|
||||
if [ "$(SHLIB_TARGET)" != "" ]; then \
|
||||
$(MAKE) clean-shared; \
|
||||
fi; \
|
||||
elif [ "$$i" = ".shlib." ]; then \
|
||||
if [ "$(SHLIB_TARGET)" != "" ]; then \
|
||||
$(MAKE) $(SHARED_LIBS); \
|
||||
fi; \
|
||||
need_shlib=false; \
|
||||
else \
|
||||
$(MAKE) $$i; \
|
||||
(cd $$i && echo "making all in $$i..." && \
|
||||
$(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' SDIRS='${SDIRS}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' all ) || exit 1; \
|
||||
fi; \
|
||||
done; \
|
||||
if echo "$(DIRS)" | \
|
||||
egrep '(^| )(crypto|ssl)( |$$)' > /dev/null 2>&1 && \
|
||||
[ -n "$(SHARED_LIBS)" ]; then \
|
||||
if $$need_shlib && [ "$(SHLIB_MARK1)" != "" -o "$(SHLIB_MARK1)" != "" ]; then \
|
||||
$(MAKE) $(SHARED_LIBS); \
|
||||
fi
|
||||
|
||||
libcrypto$(SHLIB_EXT): libcrypto.a
|
||||
sub_all:
|
||||
@need_shlib=true; \
|
||||
for i in $(DIRS) ;\
|
||||
do \
|
||||
if [ "$$i" = ".shlib-clean." ]; then \
|
||||
if [ "$(SHLIB_TARGET)" != "" ]; then \
|
||||
$(MAKE) clean-shared; \
|
||||
fi; \
|
||||
elif [ "$$i" = ".shlib." ]; then \
|
||||
if [ "$(SHLIB_TARGET)" != "" ]; then \
|
||||
$(MAKE) $(SHARED_LIBS); \
|
||||
fi; \
|
||||
need_shlib=false; \
|
||||
else \
|
||||
(cd $$i && echo "making all in $$i..." && \
|
||||
$(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' all ) || exit 1; \
|
||||
fi; \
|
||||
done; \
|
||||
if $$need_shlib && [ "$(SHLIB_MARK1)" != "" -o "$(SHLIB_MARK1)" != "" ]; then \
|
||||
$(MAKE) $(SHARED_LIBS); \
|
||||
fi
|
||||
|
||||
libcrypto.so: libcrypto.a
|
||||
@if [ "$(SHLIB_TARGET)" != "" ]; then \
|
||||
$(MAKE) SHLIBDIRS=crypto build-shared; \
|
||||
$(MAKE) SHLIBDIRS=crypto $(SHLIB_TARGET); \
|
||||
else \
|
||||
echo "There's no support for shared libraries on this platform" >&2; \
|
||||
fi
|
||||
libssl$(SHLIB_EXT): libcrypto$(SHLIB_EXT) libssl.a
|
||||
libssl.so: libcrypto.so libssl.a
|
||||
@if [ "$(SHLIB_TARGET)" != "" ]; then \
|
||||
$(MAKE) SHLIBDIRS=ssl SHLIBDEPS='-lcrypto' build-shared; \
|
||||
$(MAKE) SHLIBDIRS=ssl SHLIBDEPS='-L. -lcrypto' $(SHLIB_TARGET); \
|
||||
else \
|
||||
echo "There's no support for shared libraries on this platform" >&2; \
|
||||
fi
|
||||
|
||||
clean-shared:
|
||||
@for i in $(SHLIBDIRS); do \
|
||||
if [ -n "$(SHARED_LIBS_LINK_EXTS)" ]; then \
|
||||
tmp="$(SHARED_LIBS_LINK_EXTS)"; \
|
||||
for j in $${tmp:-x}; do \
|
||||
( set -x; rm -f lib$$i$$j ); \
|
||||
done; \
|
||||
fi; \
|
||||
( set -x; rm -f lib$$i$(SHLIB_EXT) ); \
|
||||
if [ "$(PLATFORM)" = "Cygwin" ]; then \
|
||||
( set -x; rm -f cyg$$i$(SHLIB_EXT) lib$$i$(SHLIB_EXT).a ); \
|
||||
fi; \
|
||||
for i in ${SHLIBDIRS}; do \
|
||||
rm -f lib$$i.so \
|
||||
lib$$i.so.${SHLIB_MAJOR} \
|
||||
lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR}; \
|
||||
done
|
||||
|
||||
link-shared:
|
||||
@if [ -n "$(SHARED_LIBS_LINK_EXTS)" ]; then \
|
||||
tmp="$(SHARED_LIBS_LINK_EXTS)"; \
|
||||
for i in $(SHLIBDIRS); do \
|
||||
prev=lib$$i$(SHLIB_EXT); \
|
||||
for j in $${tmp:-x}; do \
|
||||
( set -x; \
|
||||
rm -f lib$$i$$j; ln -s $$prev lib$$i$$j ); \
|
||||
prev=lib$$i$$j; \
|
||||
done; \
|
||||
done; \
|
||||
fi
|
||||
|
||||
build-shared: clean-shared do_$(SHLIB_TARGET) link-shared
|
||||
|
||||
do_bsd-gcc-shared: do_gnu-shared
|
||||
do_linux-shared: do_gnu-shared
|
||||
do_gnu-shared:
|
||||
libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
|
||||
( set -x; ${CC} ${SHARED_LDFLAGS} \
|
||||
-shared -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
|
||||
-Wl,-soname=lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
|
||||
-Wl,-Bsymbolic \
|
||||
linux-shared:
|
||||
libs='${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
|
||||
rm -f lib$$i.so \
|
||||
lib$$i.so.${SHLIB_MAJOR} \
|
||||
lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR}; \
|
||||
( set -x; ${CC} -shared -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
|
||||
-Wl,-S,-soname=lib$$i.so.${SHLIB_MAJOR} \
|
||||
-Wl,--whole-archive lib$$i.a \
|
||||
-Wl,--no-whole-archive $$libs ${EX_LIBS} -lc ) || exit 1; \
|
||||
libs="$$libs -l$$i"; \
|
||||
done
|
||||
|
||||
DETECT_GNU_LD=${CC} -v 2>&1 | grep '^gcc' >/dev/null 2>&1 && \
|
||||
collect2=`gcc -print-prog-name=collect2 2>&1` && \
|
||||
[ -n "$$collect2" ] && \
|
||||
my_ld=`$$collect2 --help 2>&1 | grep Usage: | sed 's/^Usage: *\([^ ][^ ]*\).*/\1/'` && \
|
||||
[ -n "$$my_ld" ] && \
|
||||
$$my_ld -v 2>&1 | grep 'GNU ld' >/dev/null 2>&1
|
||||
|
||||
# For Darwin AKA Mac OS/X (dyld)
|
||||
do_darwin-shared:
|
||||
libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
|
||||
( set -x ; ${CC} --verbose -dynamiclib -o lib$$i${SHLIB_EXT} \
|
||||
lib$$i.a $$libs -all_load -current_version ${SHLIB_MAJOR}.${SHLIB_MINOR} \
|
||||
-compatibility_version ${SHLIB_MAJOR}.`echo ${SHLIB_MINOR} | cut -d. -f1` \
|
||||
-install_name ${INSTALLTOP}/lib/lib$$i${SHLIB_EXT} ) || exit 1; \
|
||||
libs="$$libs -l`basename $$i${SHLIB_EXT} .dylib`"; \
|
||||
echo "" ; \
|
||||
done
|
||||
|
||||
do_cygwin-shared:
|
||||
libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
|
||||
( set -x; ${CC} -shared -o cyg$$i.dll \
|
||||
-Wl,-Bsymbolic \
|
||||
-Wl,--whole-archive lib$$i.a \
|
||||
-Wl,--out-implib,lib$$i.dll.a \
|
||||
-Wl,--no-whole-archive $$libs ) || exit 1; \
|
||||
libs="$$libs -l$$i"; \
|
||||
done
|
||||
|
||||
# This assumes that GNU utilities are *not* used
|
||||
do_alpha-osf1-shared:
|
||||
if ${DETECT_GNU_LD}; then \
|
||||
$(MAKE) do_gnu-shared; \
|
||||
else \
|
||||
libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
|
||||
( set -x; ${CC} ${SHARED_LDFLAGS} \
|
||||
-shared -o lib$$i.so \
|
||||
-set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" \
|
||||
-all lib$$i.a -none $$libs ${EX_LIBS} -lc ) || exit 1; \
|
||||
libs="$$libs -l$$i"; \
|
||||
done; \
|
||||
fi
|
||||
|
||||
# This assumes that GNU utilities are *not* used
|
||||
# The difference between alpha-osf1-shared and tru64-shared is the `-msym'
|
||||
# option passed to the linker.
|
||||
do_tru64-shared:
|
||||
if ${DETECT_GNU_LD}; then \
|
||||
$(MAKE) do_gnu-shared; \
|
||||
else \
|
||||
libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
|
||||
( set -x; ${CC} ${SHARED_LDFLAGS} \
|
||||
-shared -msym -o lib$$i.so \
|
||||
-set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" \
|
||||
-all lib$$i.a -none $$libs ${EX_LIBS} -lc ) || exit 1; \
|
||||
libs="$$libs -l$$i"; \
|
||||
done; \
|
||||
fi
|
||||
|
||||
# This assumes that GNU utilities are *not* used
|
||||
# The difference between tru64-shared and tru64-shared-rpath is the
|
||||
# -rpath ${INSTALLTOP}/lib passed to the linker.
|
||||
do_tru64-shared-rpath:
|
||||
if ${DETECT_GNU_LD}; then \
|
||||
$(MAKE) do_gnu-shared; \
|
||||
else \
|
||||
libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
|
||||
( set -x; ${CC} ${SHARED_LDFLAGS} \
|
||||
-shared -msym -o lib$$i.so \
|
||||
-rpath ${INSTALLTOP}/lib \
|
||||
-set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" \
|
||||
-all lib$$i.a -none $$libs ${EX_LIBS} -lc ) || exit 1; \
|
||||
libs="$$libs -l$$i"; \
|
||||
done; \
|
||||
fi
|
||||
|
||||
|
||||
# This assumes that GNU utilities are *not* used
|
||||
do_solaris-shared:
|
||||
if ${DETECT_GNU_LD}; then \
|
||||
$(MAKE) do_gnu-shared; \
|
||||
else \
|
||||
libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
|
||||
( PATH=/usr/ccs/bin:$$PATH ; export PATH; \
|
||||
set -x; ${CC} ${SHARED_LDFLAGS} \
|
||||
-G -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
|
||||
-h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
|
||||
-z allextract lib$$i.a $$libs ${EX_LIBS} -lc ) || exit 1; \
|
||||
libs="$$libs -l$$i"; \
|
||||
done; \
|
||||
fi
|
||||
|
||||
# OpenServer 5 native compilers used
|
||||
do_svr3-shared:
|
||||
if ${DETECT_GNU_LD}; then \
|
||||
$(MAKE) do_gnu-shared; \
|
||||
else \
|
||||
libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
|
||||
( PATH=/usr/ccs/bin:$$PATH ; export PATH; \
|
||||
find . -name "*.o" -print > allobjs ; \
|
||||
OBJS= ; export OBJS ; \
|
||||
for obj in `ar t lib$$i.a` ; do \
|
||||
OBJS="$${OBJS} `grep $$obj allobjs`" ; \
|
||||
done ; \
|
||||
set -x; ${CC} -G -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
|
||||
-h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
|
||||
$${OBJS} $$libs ${EX_LIBS} ) || exit 1; \
|
||||
libs="$$libs -l$$i"; \
|
||||
done; \
|
||||
fi
|
||||
|
||||
# UnixWare 7 and OpenUNIX 8 native compilers used
|
||||
do_svr5-shared:
|
||||
if ${DETECT_GNU_LD}; then \
|
||||
$(MAKE) do_gnu-shared; \
|
||||
else \
|
||||
libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
|
||||
( PATH=/usr/ccs/bin:$$PATH ; export PATH; \
|
||||
find . -name "*.o" -print > allobjs ; \
|
||||
OBJS= ; export OBJS ; \
|
||||
for obj in `ar t lib$$i.a` ; do \
|
||||
OBJS="$${OBJS} `grep $$obj allobjs`" ; \
|
||||
done ; \
|
||||
set -x; ${CC} ${SHARED_LDFLAGS} \
|
||||
-G -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
|
||||
-h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
|
||||
$${OBJS} $$libs ${EX_LIBS} ) || exit 1; \
|
||||
libs="$$libs -l$$i"; \
|
||||
done; \
|
||||
fi
|
||||
|
||||
# This assumes that GNU utilities are *not* used
|
||||
do_irix-shared:
|
||||
if ${DETECT_GNU_LD}; then \
|
||||
$(MAKE) do_gnu-shared; \
|
||||
else \
|
||||
libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
|
||||
( set -x; ${CC} ${SHARED_LDFLAGS} \
|
||||
-shared -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
|
||||
-Wl,-soname,lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
|
||||
-all lib$$i.a $$libs ${EX_LIBS} -lc) || exit 1; \
|
||||
libs="$$libs -l$$i"; \
|
||||
done; \
|
||||
fi
|
||||
|
||||
# This assumes that GNU utilities are *not* used
|
||||
do_hpux-shared:
|
||||
libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
|
||||
( set -x; /usr/ccs/bin/ld ${SHARED_LDFLAGS} \
|
||||
+vnocompatwarnings \
|
||||
-b -z -o lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} \
|
||||
+h lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} \
|
||||
-Fl lib$$i.a $$libs ${EX_LIBS} -lc ) || exit 1; \
|
||||
chmod a=rx lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} ; \
|
||||
libs="$$libs -L. -l$$i"; \
|
||||
done
|
||||
|
||||
# This assumes that GNU utilities are *not* used
|
||||
do_hpux64-shared:
|
||||
libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
|
||||
( set -x; /usr/ccs/bin/ld ${SHARED_LDFLAGS} \
|
||||
-b -z -o lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} \
|
||||
+h lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} \
|
||||
+forceload lib$$i.a $$libs ${EX_LIBS} -lc ) || exit 1; \
|
||||
chmod a=rx lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} ; \
|
||||
libs="$$libs -L. -l$$i"; \
|
||||
done
|
||||
|
||||
# The following method is said to work on all platforms. Tests will
|
||||
# determine if that's how it's gong to be used.
|
||||
# This assumes that for all but GNU systems, GNU utilities are *not* used.
|
||||
# ALLSYMSFLAGS would be:
|
||||
# GNU systems: --whole-archive
|
||||
# Tru64 Unix: -all
|
||||
# Solaris: -z allextract
|
||||
# Irix: -all
|
||||
# HP/UX-32bit: -Fl
|
||||
# HP/UX-64bit: +forceload
|
||||
# AIX: -bnogc
|
||||
# SHAREDFLAGS would be:
|
||||
# GNU systems: -shared -Wl,-soname=lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR}
|
||||
# Tru64 Unix: -shared \
|
||||
# -set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}"
|
||||
# Solaris: -G -h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR}
|
||||
# Irix: -shared -Wl,-soname,lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR}
|
||||
# HP/UX-32bit: +vnocompatwarnings -b -z +s \
|
||||
# +h lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR}
|
||||
# HP/UX-64bit: -b -z +h lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR}
|
||||
# AIX: -G -bE:lib$$i.exp -bM:SRE
|
||||
# SHAREDCMD would be:
|
||||
# GNU systems: $(CC)
|
||||
# Tru64 Unix: $(CC)
|
||||
# Solaris: $(CC)
|
||||
# Irix: $(CC)
|
||||
# HP/UX-32bit: /usr/ccs/bin/ld
|
||||
# HP/UX-64bit: /usr/ccs/bin/ld
|
||||
# AIX: $(CC)
|
||||
ALLSYMSFLAG=-bnogc
|
||||
SHAREDFLAGS=${SHARED_LDFLAGS} -G -bE:lib$$i.exp -bM:SRE
|
||||
SHAREDCMD=$(CC)
|
||||
do_aix-shared:
|
||||
libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
|
||||
( set -x; \
|
||||
ld -r -o $$i.o $(ALLSYMSFLAG) lib$$i.a && \
|
||||
( nm -Pg lib$$i.o | grep ' [BD] ' | cut -f1 -d' ' > lib$$i.exp; \
|
||||
$(SHAREDCMD) $(SHAREDFLAG) -o lib$$i.so lib$$i.o \
|
||||
$$libs ${EX_LIBS} ) ) \
|
||||
|| exit 1; \
|
||||
libs="$$libs -l$$i"; \
|
||||
ln -s lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
|
||||
lib$$i.so.${SHLIB_MAJOR}; \
|
||||
ln -s lib$$i.so.${SHLIB_MAJOR} lib$$i.so ); \
|
||||
done
|
||||
|
||||
# This assumes that GNU utilities are *not* used
|
||||
true64-shared:
|
||||
libs='${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
|
||||
( set -x; ${CC} -shared -no_archive -o lib$$i.so \
|
||||
-set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" \
|
||||
-all lib$$i.a -none $$libs ${EX_LIBS} -lc ) || exit 1; \
|
||||
libs="$$libs -L. -l$$i"; \
|
||||
done
|
||||
|
||||
# This assumes that GNU utilities are *not* used
|
||||
solaris-shared:
|
||||
libs='${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
|
||||
rm -f lib$$i.so \
|
||||
lib$$i.so.${SHLIB_MAJOR} \
|
||||
lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR}; \
|
||||
( set -x; ${CC} -G -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
|
||||
-h lib$$i.so.${SHLIB_MAJOR} \
|
||||
-z allextract lib$$i.a $$libs ${EX_LIBS} -lc ) || exit 1; \
|
||||
libs="$$libs -L. -l$$i"; \
|
||||
ln -s lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
|
||||
lib$$i.so.${SHLIB_MAJOR}; \
|
||||
ln -s lib$$i.so.${SHLIB_MAJOR} lib$$i.so; \
|
||||
done
|
||||
|
||||
Makefile.ssl: Makefile.org
|
||||
@@ -491,7 +306,7 @@ clean:
|
||||
rm -f shlib/*.o *.o core a.out fluff *.map rehash.time testlog make.log cctest cctest.c
|
||||
@for i in $(DIRS) ;\
|
||||
do \
|
||||
if [ -d "$$i" ]; then \
|
||||
if echo "$$i" | grep -v '^\.'; then \
|
||||
(cd $$i && echo "making clean in $$i..." && \
|
||||
$(MAKE) SDIRS='${SDIRS}' clean ) || exit 1; \
|
||||
rm -f $(LIBS); \
|
||||
@@ -512,7 +327,7 @@ files:
|
||||
$(PERL) $(TOP)/util/files.pl Makefile.ssl > $(TOP)/MINFO
|
||||
@for i in $(DIRS) ;\
|
||||
do \
|
||||
if [ -d "$$i" ]; then \
|
||||
if echo "$$i" | grep -v '^\.'; then \
|
||||
(cd $$i && echo "making 'files' in $$i..." && \
|
||||
$(MAKE) SDIRS='${SDIRS}' PERL='${PERL}' files ) || exit 1; \
|
||||
fi; \
|
||||
@@ -523,7 +338,7 @@ links:
|
||||
@$(PERL) $(TOP)/util/mkdir-p.pl include/openssl
|
||||
@$(PERL) $(TOP)/util/mklink.pl include/openssl $(EXHEADER)
|
||||
@for i in $(DIRS); do \
|
||||
if [ -d "$$i" ]; then \
|
||||
if echo "$$i" | grep -v '^\.'; then \
|
||||
(cd $$i && echo "making links in $$i..." && \
|
||||
$(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PERL='${PERL}' links ) || exit 1; \
|
||||
fi; \
|
||||
@@ -533,7 +348,7 @@ dclean:
|
||||
rm -f *.bak
|
||||
@for i in $(DIRS) ;\
|
||||
do \
|
||||
if [ -d "$$i" ]; then \
|
||||
if echo "$$i" | grep -v '^\.'; then \
|
||||
(cd $$i && echo "making dclean in $$i..." && \
|
||||
$(MAKE) SDIRS='${SDIRS}' PERL='${PERL}' dclean ) || exit 1; \
|
||||
fi; \
|
||||
@@ -548,7 +363,7 @@ test: tests
|
||||
|
||||
tests: rehash
|
||||
@(cd test && echo "testing..." && \
|
||||
$(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' TESTS='${TESTS}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' OPENSSL_DEBUG_MEMORY=on tests );
|
||||
$(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SDIRS='${SDIRS}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' tests );
|
||||
@apps/openssl version -a
|
||||
|
||||
report:
|
||||
@@ -557,16 +372,16 @@ report:
|
||||
depend:
|
||||
@for i in $(DIRS) ;\
|
||||
do \
|
||||
if [ -d "$$i" ]; then \
|
||||
if echo "$$i" | grep -v '^\.'; then \
|
||||
(cd $$i && echo "making dependencies $$i..." && \
|
||||
$(MAKE) SDIRS='${SDIRS}' DEPFLAG='${DEPFLAG}' PERL='${PERL}' depend ) || exit 1; \
|
||||
$(MAKE) SDIRS='${SDIRS}' DEPFLAG='${DEPFLAG}' depend ) || exit 1; \
|
||||
fi; \
|
||||
done;
|
||||
|
||||
lint:
|
||||
@for i in $(DIRS) ;\
|
||||
do \
|
||||
if [ -d "$$i" ]; then \
|
||||
if echo "$$i" | grep -v '^\.'; then \
|
||||
(cd $$i && echo "making lint $$i..." && \
|
||||
$(MAKE) SDIRS='${SDIRS}' lint ) || exit 1; \
|
||||
fi; \
|
||||
@@ -575,55 +390,49 @@ lint:
|
||||
tags:
|
||||
@for i in $(DIRS) ;\
|
||||
do \
|
||||
if [ -d "$$i" ]; then \
|
||||
if echo "$$i" | grep -v '^\.'; then \
|
||||
(cd $$i && echo "making tags $$i..." && \
|
||||
$(MAKE) SDIRS='${SDIRS}' tags ) || exit 1; \
|
||||
fi; \
|
||||
done;
|
||||
|
||||
errors:
|
||||
$(PERL) util/mkerr.pl -recurse -write
|
||||
perl util/mkerr.pl -recurse -write
|
||||
|
||||
stacks:
|
||||
$(PERL) util/mkstack.pl -write
|
||||
perl util/mkstack.pl -write
|
||||
|
||||
util/libeay.num::
|
||||
$(PERL) util/mkdef.pl crypto update
|
||||
perl util/mkdef.pl crypto update
|
||||
|
||||
util/ssleay.num::
|
||||
$(PERL) util/mkdef.pl ssl update
|
||||
perl util/mkdef.pl ssl update
|
||||
|
||||
crypto/objects/obj_dat.h: crypto/objects/obj_mac.h crypto/objects/obj_dat.pl
|
||||
$(PERL) crypto/objects/obj_dat.pl crypto/objects/obj_mac.h crypto/objects/obj_dat.h
|
||||
perl crypto/objects/obj_dat.pl crypto/objects/obj_mac.h crypto/objects/obj_dat.h
|
||||
crypto/objects/obj_mac.h: crypto/objects/objects.pl crypto/objects/objects.txt
|
||||
$(PERL) crypto/objects/objects.pl crypto/objects/objects.txt crypto/objects/obj_mac.num crypto/objects/obj_mac.h
|
||||
perl crypto/objects/objects.pl crypto/objects/objects.txt crypto/objects/obj_mac.num crypto/objects/obj_mac.h
|
||||
|
||||
TABLE: Configure
|
||||
(echo 'Output of `Configure TABLE'"':"; \
|
||||
$(PERL) Configure TABLE) > TABLE
|
||||
perl Configure TABLE) > TABLE
|
||||
|
||||
update: depend errors stacks util/libeay.num util/ssleay.num crypto/objects/obj_dat.h TABLE
|
||||
|
||||
# Build distribution tar-file. As the list of files returned by "find" is
|
||||
# pretty long, on several platforms a "too many arguments" error or similar
|
||||
# would occur. Therefore the list of files is temporarily stored into a file
|
||||
# and read directly, requiring GNU-Tar. Call "make TAR=gtar dist" if the normal
|
||||
# tar does not support the --files-from option.
|
||||
tar:
|
||||
find * \! -path CVS/\* \! -path \*/CVS/\* \! -name CVS \! -name .cvsignore \! -name STATUS \! -name TABLE | sort > ../$(TARFILE).list; \
|
||||
$(TAR) $(TARFLAGS) --files-from ../$(TARFILE).list -cvf - | \
|
||||
@$(TAR) $(TARFLAGS) -cvf - \
|
||||
`find * \! -path CVS/\* \! -path \*/CVS/\* \! -name CVS \! -name .cvsignore \! -name STATUS \! -name TABLE | sort` |\
|
||||
tardy --user_number=0 --user_name=openssl \
|
||||
--group_number=0 --group_name=openssl \
|
||||
--prefix=openssl-$(VERSION) - |\
|
||||
gzip --best >../$(TARFILE).gz; \
|
||||
rm -f ../$(TARFILE).list; \
|
||||
ls -l ../$(TARFILE).gz
|
||||
|
||||
dist:
|
||||
$(PERL) Configure dist
|
||||
@$(MAKE) dist_pem_h
|
||||
@$(MAKE) SDIRS='${SDIRS}' clean
|
||||
@$(MAKE) TAR='${TAR}' TARFLAGS='${TARFLAGS}' tar
|
||||
@$(MAKE) tar
|
||||
|
||||
dist_pem_h:
|
||||
(cd crypto/pem; $(MAKE) CC='${CC}' SDIRS='${SDIRS}' CFLAG='${CFLAG}' pem.h; $(MAKE) clean)
|
||||
@@ -643,9 +452,9 @@ install: all install_docs
|
||||
done;
|
||||
@for i in $(DIRS) ;\
|
||||
do \
|
||||
if [ -d "$$i" ]; then \
|
||||
if echo "$$i" | grep -v '^\.'; then \
|
||||
(cd $$i; echo "installing $$i..."; \
|
||||
$(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALL_PREFIX='${INSTALL_PREFIX}' INSTALLTOP='${INSTALLTOP}' OPENSSLDIR='${OPENSSLDIR}' EX_LIBS='${EX_LIBS}' SDIRS='${SDIRS}' RANLIB='${RANLIB}' EXE_EXT='${EXE_EXT}' install ); \
|
||||
$(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALL_PREFIX='${INSTALL_PREFIX}' INSTALLTOP='${INSTALLTOP}' OPENSSLDIR='${OPENSSLDIR}' EX_LIBS='${EX_LIBS}' SDIRS='${SDIRS}' RANLIB='${RANLIB}' install ); \
|
||||
fi; \
|
||||
done
|
||||
@for i in $(LIBS) ;\
|
||||
@@ -655,31 +464,8 @@ install: all install_docs
|
||||
cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib; \
|
||||
$(RANLIB) $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i; \
|
||||
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i ); \
|
||||
fi; \
|
||||
fi \
|
||||
done
|
||||
@if [ -n "$(SHARED_LIBS)" ]; then \
|
||||
tmp="$(SHARED_LIBS)"; \
|
||||
for i in $${tmp:-x}; \
|
||||
do \
|
||||
if [ -f "$$i" -o -f "$$i.a" ]; then \
|
||||
( echo installing $$i; \
|
||||
if [ "$(PLATFORM)" != "Cygwin" ]; then \
|
||||
cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib; \
|
||||
chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i; \
|
||||
else \
|
||||
c=`echo $$i | sed 's/^lib/cyg/'`; \
|
||||
cp $$c $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c; \
|
||||
chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c; \
|
||||
cp $$i.a $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.a; \
|
||||
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.a; \
|
||||
fi ); \
|
||||
fi; \
|
||||
done; \
|
||||
( here="`pwd`"; \
|
||||
cd $(INSTALL_PREFIX)$(INSTALLTOP)/lib; \
|
||||
set $(MAKE); \
|
||||
$$1 -f $$here/Makefile link-shared ); \
|
||||
fi
|
||||
|
||||
install_docs:
|
||||
@$(PERL) $(TOP)/util/mkdir-p.pl \
|
||||
@@ -687,26 +473,30 @@ install_docs:
|
||||
$(INSTALL_PREFIX)$(MANDIR)/man3 \
|
||||
$(INSTALL_PREFIX)$(MANDIR)/man5 \
|
||||
$(INSTALL_PREFIX)$(MANDIR)/man7
|
||||
@pod2man=`cd util; ./pod2mantest ignore`; \
|
||||
for i in doc/apps/*.pod; do \
|
||||
@echo installing man 1 and man 5
|
||||
@for i in doc/apps/*.pod; do \
|
||||
fn=`basename $$i .pod`; \
|
||||
if [ "$$fn" = "config" ]; then sec=5; else sec=1; fi; \
|
||||
echo "installing man$$sec/`basename $$i .pod`.$$sec"; \
|
||||
(cd `$(PERL) util/dirname.pl $$i`; \
|
||||
sh -c "$(PERL) $$pod2man \
|
||||
--section=$$sec --center=OpenSSL \
|
||||
--release=$(VERSION) `basename $$i`") \
|
||||
sec=`[ "$$fn" = "config" ] && echo 5 || echo 1`; \
|
||||
(cd `dirname $$i`; \
|
||||
$(PERL) ../../util/pod2man.pl --section=$$sec --center=OpenSSL \
|
||||
--release=$(VERSION) `basename $$i`) \
|
||||
> $(INSTALL_PREFIX)$(MANDIR)/man$$sec/`basename $$i .pod`.$$sec; \
|
||||
done; \
|
||||
for i in doc/crypto/*.pod doc/ssl/*.pod; do \
|
||||
done
|
||||
@echo installing man 3 and man 7
|
||||
@for i in doc/crypto/*.pod doc/ssl/*.pod; do \
|
||||
fn=`basename $$i .pod`; \
|
||||
if [ "$$fn" = "des_modes" ]; then sec=7; else sec=3; fi; \
|
||||
echo "installing man$$sec/`basename $$i .pod`.$$sec"; \
|
||||
(cd `$(PERL) util/dirname.pl $$i`; \
|
||||
sh -c "$(PERL) $$pod2man \
|
||||
--section=$$sec --center=OpenSSL \
|
||||
--release=$(VERSION) `basename $$i`") \
|
||||
sec=`[ "$$fn" = "des_modes" ] && echo 7 || echo 3`; \
|
||||
(cd `dirname $$i`; \
|
||||
$(PERL) ../../util/pod2man.pl --section=$$sec --center=OpenSSL \
|
||||
--release=$(VERSION) `basename $$i`) \
|
||||
> $(INSTALL_PREFIX)$(MANDIR)/man$$sec/`basename $$i .pod`.$$sec; \
|
||||
done
|
||||
|
||||
shlib: all
|
||||
if [ ! -d shlib_dir ] ; then mkdir shlib_dir ; else rm -f shlib_dir/* ; fi
|
||||
cd shlib_dir ; ar -x ../libcrypto.a && $(CC) -shared ./*.o -Wl,-soname -Wl,libcrypto.so.0.9 \
|
||||
-o ./libcrypto.so.0.9.4 && rm *.o
|
||||
cd shlib_dir ; ar -x ../libssl.a && $(CC) -shared ./*.o -Wl,-soname -Wl,libssl.so.0.9 \
|
||||
-o ./libssl.so.0.9.4 && rm *.o
|
||||
|
||||
# DO NOT DELETE THIS LINE -- make depend depends on it.
|
||||
|
||||
88
NEWS
88
NEWS
@@ -5,94 +5,6 @@
|
||||
This file gives a brief overview of the major changes between each OpenSSL
|
||||
release. For more details please read the CHANGES file.
|
||||
|
||||
Major changes between OpenSSL 0.9.6f and OpenSSL 0.9.6g:
|
||||
|
||||
o Important building fixes on Unix.
|
||||
|
||||
Major changes between OpenSSL 0.9.6e and OpenSSL 0.9.6f:
|
||||
|
||||
o Various important bugfixes.
|
||||
|
||||
Major changes between OpenSSL 0.9.6d and OpenSSL 0.9.6e:
|
||||
|
||||
o Important security related bugfixes.
|
||||
o Various SSL/TLS library bugfixes.
|
||||
|
||||
Major changes between OpenSSL 0.9.6c and OpenSSL 0.9.6d:
|
||||
|
||||
o Various SSL/TLS library bugfixes.
|
||||
o Fix DH parameter generation for 'non-standard' generators.
|
||||
|
||||
Major changes between OpenSSL 0.9.6b and OpenSSL 0.9.6c:
|
||||
|
||||
o Various SSL/TLS library bugfixes.
|
||||
o BIGNUM library fixes.
|
||||
o RSA OAEP and random number generation fixes.
|
||||
o Object identifiers corrected and added.
|
||||
o Add assembler BN routines for IA64.
|
||||
o Add support for OS/390 Unix, UnixWare with gcc, OpenUNIX 8,
|
||||
MIPS Linux; shared library support for Irix, HP-UX.
|
||||
o Add crypto accelerator support for AEP, Baltimore SureWare,
|
||||
Broadcom and Cryptographic Appliance's keyserver
|
||||
[in 0.9.6c-engine release].
|
||||
|
||||
Major changes between OpenSSL 0.9.6a and OpenSSL 0.9.6b:
|
||||
|
||||
o Security fix: PRNG improvements.
|
||||
o Security fix: RSA OAEP check.
|
||||
o Security fix: Reinsert and fix countermeasure to Bleichbacher's
|
||||
attack.
|
||||
o MIPS bug fix in BIGNUM.
|
||||
o Bug fix in "openssl enc".
|
||||
o Bug fix in X.509 printing routine.
|
||||
o Bug fix in DSA verification routine and DSA S/MIME verification.
|
||||
o Bug fix to make PRNG thread-safe.
|
||||
o Bug fix in RAND_file_name().
|
||||
o Bug fix in compatibility mode trust settings.
|
||||
o Bug fix in blowfish EVP.
|
||||
o Increase default size for BIO buffering filter.
|
||||
o Compatibility fixes in some scripts.
|
||||
|
||||
Major changes between OpenSSL 0.9.6 and OpenSSL 0.9.6a:
|
||||
|
||||
o Security fix: change behavior of OpenSSL to avoid using
|
||||
environment variables when running as root.
|
||||
o Security fix: check the result of RSA-CRT to reduce the
|
||||
possibility of deducing the private key from an incorrectly
|
||||
calculated signature.
|
||||
o Security fix: prevent Bleichenbacher's DSA attack.
|
||||
o Security fix: Zero the premaster secret after deriving the
|
||||
master secret in DH ciphersuites.
|
||||
o Reimplement SSL_peek(), which had various problems.
|
||||
o Compatibility fix: the function des_encrypt() renamed to
|
||||
des_encrypt1() to avoid clashes with some Unixen libc.
|
||||
o Bug fixes for Win32, HP/UX and Irix.
|
||||
o Bug fixes in BIGNUM, SSL, PKCS#7, PKCS#12, X.509, CONF and
|
||||
memory checking routines.
|
||||
o Bug fixes for RSA operations in threaded environments.
|
||||
o Bug fixes in misc. openssl applications.
|
||||
o Remove a few potential memory leaks.
|
||||
o Add tighter checks of BIGNUM routines.
|
||||
o Shared library support has been reworked for generality.
|
||||
o More documentation.
|
||||
o New function BN_rand_range().
|
||||
o Add "-rand" option to openssl s_client and s_server.
|
||||
|
||||
Major changes between OpenSSL 0.9.5a and OpenSSL 0.9.6:
|
||||
|
||||
o Some documentation for BIO and SSL libraries.
|
||||
o Enhanced chain verification using key identifiers.
|
||||
o New sign and verify options to 'dgst' application.
|
||||
o Support for DER and PEM encoded messages in 'smime' application.
|
||||
o New 'rsautl' application, low level RSA utility.
|
||||
o MD4 now included.
|
||||
o Bugfix for SSL rollback padding check.
|
||||
o Support for external crypto devices [1].
|
||||
o Enhanced EVP interface.
|
||||
|
||||
[1] The support for external crypto devices is currently a separate
|
||||
distribution. See the file README.ENGINE.
|
||||
|
||||
Major changes between OpenSSL 0.9.5 and OpenSSL 0.9.5a:
|
||||
|
||||
o Bug fixes for Win32, SuSE Linux, NeXTSTEP and FreeBSD 2.2.8
|
||||
|
||||
42
PROBLEMS
42
PROBLEMS
@@ -1,42 +0,0 @@
|
||||
* System libcrypto.dylib and libssl.dylib are used by system ld on MacOS X.
|
||||
[NOTE: This is currently undergoing tests, and may be removed soon]
|
||||
|
||||
This is really a misfeature in ld, which seems to look for .dylib libraries
|
||||
along the whole library path before it bothers looking for .a libraries. This
|
||||
means that -L switches won't matter unless OpenSSL is built with shared
|
||||
library support.
|
||||
|
||||
The workaround may be to change the following lines in apps/Makefile.ssl and
|
||||
test/Makefile.ssl:
|
||||
|
||||
LIBCRYPTO=-L.. -lcrypto
|
||||
LIBSSL=-L.. -lssl
|
||||
|
||||
to:
|
||||
|
||||
LIBCRYPTO=../libcrypto.a
|
||||
LIBSSL=../libssl.a
|
||||
|
||||
It's possible that something similar is needed for shared library support
|
||||
as well. That hasn't been well tested yet.
|
||||
|
||||
|
||||
Another solution that many seem to recommend is to move the libraries
|
||||
/usr/lib/libcrypto.0.9.dylib, /usr/lib/libssl.0.9.dylib to a different
|
||||
directory, build and install OpenSSL and anything that depends on your
|
||||
build, then move libcrypto.0.9.dylib and libssl.0.9.dylib back to their
|
||||
original places. Note that the version numbers on those two libraries
|
||||
may differ on your machine.
|
||||
|
||||
|
||||
As long as Apple doesn't fix the problem with ld, this problem building
|
||||
OpenSSL will remain as is.
|
||||
|
||||
|
||||
* Parallell make leads to errors
|
||||
|
||||
While running tests, running a parallell make is a bad idea. Many test
|
||||
scripts use the same name for output and input files, which means different
|
||||
will interfere with each other and lead to test failure.
|
||||
|
||||
The solution is simple for now: don't run parallell make when testing.
|
||||
34
README
34
README
@@ -1,7 +1,7 @@
|
||||
|
||||
OpenSSL 0.9.6g [engine] 9 August 2002
|
||||
OpenSSL 0.9.6-beta1 11 Sep 2000
|
||||
|
||||
Copyright (c) 1998-2002 The OpenSSL Project
|
||||
Copyright (c) 1998-2000 The OpenSSL Project
|
||||
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
|
||||
All rights reserved.
|
||||
|
||||
@@ -62,7 +62,7 @@
|
||||
|
||||
X.509v3 certificates
|
||||
X509 encoding/decoding into/from binary ASN1 and a PEM
|
||||
based ASCII-binary encoding which supports encryption with a
|
||||
based ascii-binary encoding which supports encryption with a
|
||||
private key. Program to generate RSA and DSA certificate
|
||||
requests and to generate RSA and DSA certificates.
|
||||
|
||||
@@ -97,7 +97,7 @@
|
||||
locations around the world. _YOU_ are responsible for ensuring that your use
|
||||
of any algorithms is legal by checking if there are any patents in your
|
||||
country. The file contains some of the patents that we know about or are
|
||||
rumored to exist. This is not a definitive list.
|
||||
rumoured to exist. This is not a definitive list.
|
||||
|
||||
RSA Security holds software patents on the RC5 algorithm. If you
|
||||
intend to use this cipher, you must contact RSA Security for
|
||||
@@ -107,8 +107,8 @@
|
||||
only be used with RSA Security's permission.
|
||||
|
||||
The IDEA algorithm is patented by Ascom in Austria, France, Germany, Italy,
|
||||
Japan, the Netherlands, Spain, Sweden, Switzerland, UK and the USA. They
|
||||
should be contacted if that algorithm is to be used; their web page is
|
||||
Japan, Netherlands, Spain, Sweden, Switzerland, UK and the USA. They should
|
||||
be contacted if that algorithm is to be used, their web page is
|
||||
http://www.ascom.ch/.
|
||||
|
||||
INSTALLATION
|
||||
@@ -119,15 +119,8 @@
|
||||
INSTALL.VMS.
|
||||
|
||||
Read the documentation in the doc/ directory. It is quite rough, but it
|
||||
lists the functions; you will probably have to look at the code to work out
|
||||
how to use them. Look at the example programs.
|
||||
|
||||
PROBLEMS
|
||||
--------
|
||||
|
||||
For some platforms, there are some known problems that may affect the user
|
||||
or application author. We try to collect those in doc/PROBLEMS, with current
|
||||
thoughts on how they should be solved in a future of OpenSSL.
|
||||
lists the functions, you will probably have to look at the code to work out
|
||||
how to used them. Look at the example programs.
|
||||
|
||||
SUPPORT
|
||||
-------
|
||||
@@ -153,13 +146,11 @@
|
||||
- Problem Description (steps that will reproduce the problem, if known)
|
||||
- Stack Traceback (if the application dumps core)
|
||||
|
||||
Report the bug to the OpenSSL project via the Request Tracker
|
||||
(http://www.openssl.org/rt2.html) by mail to:
|
||||
Report the bug to the OpenSSL project at:
|
||||
|
||||
openssl-bugs@openssl.org
|
||||
|
||||
Note that mail to openssl-bugs@openssl.org is recorded in the publicly
|
||||
readable request tracker database and is forwarded to a public
|
||||
Note that mail to openssl-bugs@openssl.org is forwarded to a public
|
||||
mailing list. Confidential mail may be sent to openssl-security@openssl.org
|
||||
(PGP key available from the key servers).
|
||||
|
||||
@@ -172,11 +163,6 @@
|
||||
the string "[PATCH]" in the subject. Please be sure to include a
|
||||
textual explanation of what your patch does.
|
||||
|
||||
Note: For legal reasons, contributions from the US can be accepted only
|
||||
if a TSA notification and a copy of the patch is sent to crypt@bis.doc.gov;
|
||||
see http://www.bis.doc.gov/Encryption/PubAvailEncSourceCodeNofify.html [sic]
|
||||
and http://w3.access.gpo.gov/bis/ear/pdf/740.pdf (EAR Section 740.13(e)).
|
||||
|
||||
The preferred format for changes is "diff -u" output. You might
|
||||
generate it like this:
|
||||
|
||||
|
||||
@@ -1,63 +0,0 @@
|
||||
|
||||
ENGINE
|
||||
======
|
||||
|
||||
With OpenSSL 0.9.6, a new component has been added to support external
|
||||
crypto devices, for example accelerator cards. The component is called
|
||||
ENGINE, and has still a pretty experimental status and almost no
|
||||
documentation. It's designed to be fairly easily extensible by the
|
||||
calling programs.
|
||||
|
||||
There's currently built-in support for the following crypto devices:
|
||||
|
||||
o CryptoSwift
|
||||
o Compaq Atalla
|
||||
o nCipher CHIL
|
||||
|
||||
A number of things are still needed and are being worked on:
|
||||
|
||||
o An openssl utility command to handle or at least check available
|
||||
engines.
|
||||
o A better way of handling the methods that are handled by the
|
||||
engines.
|
||||
o Documentation!
|
||||
|
||||
What already exists is fairly stable as far as it has been tested, but
|
||||
the test base has been a bit small most of the time.
|
||||
|
||||
Because of this experimental status and what's lacking, the ENGINE
|
||||
component is not yet part of the default OpenSSL distribution. However,
|
||||
we have made a separate kit for those who want to try this out, to be
|
||||
found in the same places as the default OpenSSL distribution, but with
|
||||
"-engine-" being part of the kit file name. For example, version 0.9.6
|
||||
is distributed in the following two files:
|
||||
|
||||
openssl-0.9.6.tar.gz
|
||||
openssl-engine-0.9.6.tar.gz
|
||||
|
||||
NOTES
|
||||
=====
|
||||
|
||||
openssl-engine-0.9.6.tar.gz does not depend on openssl-0.9.6.tar, you do
|
||||
not need to download both.
|
||||
|
||||
openssl-engine-0.9.6.tar.gz is usable even if you don't have an external
|
||||
crypto device. The internal OpenSSL functions are contained in the
|
||||
engine "openssl", and will be used by default.
|
||||
|
||||
No external crypto device is chosen unless you say so. You have actively
|
||||
tell the openssl utility commands to use it through a new command line
|
||||
switch called "-engine". And if you want to use the ENGINE library to
|
||||
do something similar, you must also explicitly choose an external crypto
|
||||
device, or the built-in crypto routines will be used, just as in the
|
||||
default OpenSSL distribution.
|
||||
|
||||
|
||||
PROBLEMS
|
||||
========
|
||||
|
||||
It seems like the ENGINE part doesn't work too well with CryptoSwift on
|
||||
Win32. A quick test done right before the release showed that trying
|
||||
"openssl speed -engine cswift" generated errors. If the DSO gets enabled,
|
||||
an attempt is made to write at memory address 0x00000002.
|
||||
|
||||
61
STATUS
61
STATUS
@@ -1,64 +1,53 @@
|
||||
|
||||
OpenSSL STATUS Last modified at
|
||||
______________ $Date: 2002/08/09 11:49:13 $
|
||||
______________ $Date: 2000/09/11 12:39:43 $
|
||||
|
||||
DEVELOPMENT STATE
|
||||
|
||||
o OpenSSL 0.9.7: Under development...
|
||||
o OpenSSL 0.9.6g: Released on August 9th, 2002
|
||||
o OpenSSL 0.9.6f: Released on August 8th, 2002
|
||||
o OpenSSL 0.9.6e: Released on July 30th, 2002
|
||||
o OpenSSL 0.9.6d: Released on May 9th, 2002
|
||||
o OpenSSL 0.9.6c: Released on December 21st, 2001
|
||||
o OpenSSL 0.9.6b: Released on July 9th, 2001
|
||||
o OpenSSL 0.9.6a: Released on April 5th, 2001
|
||||
o OpenSSL 0.9.6: Released on September 24th, 2000
|
||||
o OpenSSL 0.9.5a: Released on April 1st, 2000
|
||||
o OpenSSL 0.9.5: Released on February 28th, 2000
|
||||
o OpenSSL 0.9.4: Released on August 09th, 1999
|
||||
o OpenSSL 0.9.3a: Released on May 29th, 1999
|
||||
o OpenSSL 0.9.3: Released on May 25th, 1999
|
||||
o OpenSSL 0.9.2b: Released on March 22th, 1999
|
||||
o OpenSSL 0.9.1c: Released on December 23th, 1998
|
||||
o OpenSSL 0.9.6: Under development (in release cycle)...
|
||||
Proposed release date September 24, 2000
|
||||
o OpenSSL 0.9.5a: Released on April 1st, 2000
|
||||
o OpenSSL 0.9.5: Released on February 28th, 2000
|
||||
o OpenSSL 0.9.4: Released on August 09th, 1999
|
||||
o OpenSSL 0.9.3a: Released on May 29th, 1999
|
||||
o OpenSSL 0.9.3: Released on May 25th, 1999
|
||||
o OpenSSL 0.9.2b: Released on March 22th, 1999
|
||||
o OpenSSL 0.9.1c: Released on December 23th, 1998
|
||||
|
||||
RELEASE SHOWSTOPPERS
|
||||
|
||||
AVAILABLE PATCHES
|
||||
|
||||
o
|
||||
o CA.pl patch (Damien Miller)
|
||||
|
||||
IN PROGRESS
|
||||
|
||||
o Steve is currently working on (in no particular order):
|
||||
ASN1 code redesign, butchery, replacement.
|
||||
OCSP
|
||||
EVP cipher enhancement.
|
||||
Enhanced certificate chain verification.
|
||||
Proper (or at least usable) certificate chain verification.
|
||||
Private key, certificate and CRL API and implementation.
|
||||
Developing and bugfixing PKCS#7 (S/MIME code).
|
||||
Various X509 issues: character sets, certificate request extensions.
|
||||
o Geoff and Richard are currently working on:
|
||||
ENGINE (the new code that gives hardware support among others).
|
||||
o Richard is currently working on:
|
||||
UI (User Interface)
|
||||
UTIL (a new set of library functions to support some higher level
|
||||
functionality that is currently missing).
|
||||
Dynamic thread-lock support.
|
||||
Shared library support for VMS.
|
||||
Kerberos 5 authentication
|
||||
Constification
|
||||
OCSP
|
||||
|
||||
NEEDS PATCH
|
||||
|
||||
o apps/ca.c: "Sign the certificate?" - "n" creates empty certificate file
|
||||
|
||||
o Whenever strncpy is used, make sure the resulting string is NULL-terminated
|
||||
or an error is reported
|
||||
|
||||
o "OpenSSL STATUS" is never up-to-date.
|
||||
o non-blocking socket on AIX
|
||||
o $(PERL) in */Makefile.ssl
|
||||
o "Sign the certificate?" - "n" creates empty certificate file
|
||||
|
||||
OPEN ISSUES
|
||||
|
||||
o internal_verify doesn't know about X509.v3 (basicConstraints
|
||||
CA flag ...)
|
||||
|
||||
o The Makefile hierarchy and build mechanism is still not a round thing:
|
||||
|
||||
1. The config vs. Configure scripts
|
||||
@@ -101,14 +90,4 @@
|
||||
|
||||
WISHES
|
||||
|
||||
o SRP in TLS.
|
||||
[wished by:
|
||||
Dj <derek@yo.net>, Tom Wu <tom@arcot.com>,
|
||||
Tom Holroyd <tomh@po.crl.go.jp>]
|
||||
|
||||
See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt
|
||||
as well as http://www-cs-students.stanford.edu/~tjw/srp/.
|
||||
|
||||
Tom Holroyd tells us there is a SRP patch for OpenSSH at
|
||||
http://members.tripod.com/professor_tom/archives/, that could
|
||||
be useful.
|
||||
o
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
@@ -177,10 +177,8 @@ long app_RAND_load_files(char *name)
|
||||
if (*n == '\0') break;
|
||||
|
||||
egd=RAND_egd(n);
|
||||
if (egd > 0)
|
||||
tot+=egd;
|
||||
else
|
||||
tot+=RAND_load_file(n,-1);
|
||||
if (egd > 0) tot+=egd;
|
||||
tot+=RAND_load_file(n,-1);
|
||||
if (last) break;
|
||||
}
|
||||
if (tot > 512)
|
||||
|
||||
24
apps/apps.c
24
apps/apps.c
@@ -170,8 +170,6 @@ int str2fmt(char *s)
|
||||
|| (strcmp(s,"PKCS12") == 0) || (strcmp(s,"pkcs12") == 0)
|
||||
|| (strcmp(s,"P12") == 0) || (strcmp(s,"p12") == 0))
|
||||
return(FORMAT_PKCS12);
|
||||
else if ((*s == 'E') || (*s == 'e'))
|
||||
return(FORMAT_ENGINE);
|
||||
else
|
||||
return(FORMAT_UNDEF);
|
||||
}
|
||||
@@ -230,16 +228,9 @@ void program_name(char *in, char *out, int size)
|
||||
|
||||
q=strrchr(p,'.');
|
||||
if (q == NULL)
|
||||
q = p + strlen(p);
|
||||
strncpy(out,p,size-1);
|
||||
if (q-p >= size)
|
||||
{
|
||||
out[size-1]='\0';
|
||||
}
|
||||
else
|
||||
{
|
||||
out[q-p]='\0';
|
||||
}
|
||||
q = in+size;
|
||||
strncpy(out,p,q-p);
|
||||
out[q-p]='\0';
|
||||
}
|
||||
#else
|
||||
void program_name(char *in, char *out, int size)
|
||||
@@ -669,7 +660,7 @@ STACK_OF(X509) *load_certs(BIO *err, char *file, int format)
|
||||
|
||||
if (format == FORMAT_PEM)
|
||||
{
|
||||
othercerts = sk_X509_new_null();
|
||||
othercerts = sk_X509_new(NULL);
|
||||
if(!othercerts)
|
||||
{
|
||||
sk_X509_free(othercerts);
|
||||
@@ -764,7 +755,7 @@ int set_name_ex(unsigned long *flags, const char *arg)
|
||||
|
||||
void print_name(BIO *out, char *title, X509_NAME *nm, unsigned long lflags)
|
||||
{
|
||||
char *buf;
|
||||
char buf[256];
|
||||
char mline = 0;
|
||||
int indent = 0;
|
||||
if(title) BIO_puts(out, title);
|
||||
@@ -773,10 +764,9 @@ void print_name(BIO *out, char *title, X509_NAME *nm, unsigned long lflags)
|
||||
indent = 4;
|
||||
}
|
||||
if(lflags == XN_FLAG_COMPAT) {
|
||||
buf = X509_NAME_oneline(nm, 0, 0);
|
||||
BIO_puts(out, buf);
|
||||
X509_NAME_oneline(nm,buf,256);
|
||||
BIO_puts(out,buf);
|
||||
BIO_puts(out, "\n");
|
||||
OPENSSL_free(buf);
|
||||
} else {
|
||||
if(mline) BIO_puts(out, "\n");
|
||||
X509_NAME_print_ex(out, nm, indent, lflags);
|
||||
|
||||
@@ -66,7 +66,6 @@
|
||||
#include <openssl/crypto.h>
|
||||
#include <openssl/x509.h>
|
||||
#include <openssl/lhash.h>
|
||||
#include <openssl/conf.h>
|
||||
|
||||
int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn);
|
||||
int app_RAND_write_file(const char *file, BIO *bio_e);
|
||||
@@ -100,6 +99,7 @@ extern BIO *bio_err;
|
||||
#else
|
||||
|
||||
#define MAIN(a,v) PROG(a,v)
|
||||
#include <openssl/conf.h>
|
||||
extern LHASH *config;
|
||||
extern char *default_config_file;
|
||||
extern BIO *bio_err;
|
||||
@@ -162,8 +162,6 @@ STACK_OF(X509) *load_certs(BIO *err, char *file, int format);
|
||||
#define FORMAT_NETSCAPE 4
|
||||
#define FORMAT_PKCS12 5
|
||||
#define FORMAT_SMIME 6
|
||||
/* Since this is currently inofficial, let's give it a high number */
|
||||
#define FORMAT_ENGINE 127
|
||||
|
||||
#define NETSCAPE_CERT_HDR "certificate"
|
||||
|
||||
|
||||
@@ -181,7 +181,7 @@ bad:
|
||||
BIO_printf(bio_err,"where options are\n");
|
||||
BIO_printf(bio_err," -inform arg input format - one of DER TXT PEM\n");
|
||||
BIO_printf(bio_err," -in arg input file\n");
|
||||
BIO_printf(bio_err," -out arg output file (output format is always DER\n");
|
||||
BIO_printf(bio_err," -out arg output file\n");
|
||||
BIO_printf(bio_err," -noout arg don't produce any output\n");
|
||||
BIO_printf(bio_err," -offset arg offset into file\n");
|
||||
BIO_printf(bio_err," -length arg length of section in file\n");
|
||||
@@ -192,6 +192,7 @@ bad:
|
||||
BIO_printf(bio_err," -strparse offset\n");
|
||||
BIO_printf(bio_err," a series of these can be used to 'dig' into multiple\n");
|
||||
BIO_printf(bio_err," ASN1 blob wrappings\n");
|
||||
BIO_printf(bio_err," -out filename output DER encoding to file\n");
|
||||
goto end;
|
||||
}
|
||||
|
||||
@@ -205,12 +206,6 @@ bad:
|
||||
goto end;
|
||||
}
|
||||
BIO_set_fp(out,stdout,BIO_NOCLOSE|BIO_FP_TEXT);
|
||||
#ifdef VMS
|
||||
{
|
||||
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||
out = BIO_push(tmpbio, out);
|
||||
}
|
||||
#endif
|
||||
|
||||
if (oidfile != NULL)
|
||||
{
|
||||
@@ -320,7 +315,7 @@ bad:
|
||||
end:
|
||||
BIO_free(derout);
|
||||
if (in != NULL) BIO_free(in);
|
||||
if (out != NULL) BIO_free_all(out);
|
||||
if (out != NULL) BIO_free(out);
|
||||
if (b64 != NULL) BIO_free(b64);
|
||||
if (ret != 0)
|
||||
ERR_print_errors(bio_err);
|
||||
|
||||
@@ -1 +1 @@
|
||||
07
|
||||
05
|
||||
|
||||
63
apps/ca.c
63
apps/ca.c
@@ -74,7 +74,6 @@
|
||||
#include <openssl/x509v3.h>
|
||||
#include <openssl/objects.h>
|
||||
#include <openssl/pem.h>
|
||||
#include <openssl/engine.h>
|
||||
|
||||
#ifndef W_OK
|
||||
# ifdef VMS
|
||||
@@ -83,7 +82,7 @@
|
||||
# else
|
||||
# include <unixlib.h>
|
||||
# endif
|
||||
# elif !defined(VXWORKS)
|
||||
# else
|
||||
# include <sys/file.h>
|
||||
# endif
|
||||
#endif
|
||||
@@ -168,7 +167,6 @@ static char *ca_usage[]={
|
||||
" -revoke file - Revoke a certificate (given in file)\n",
|
||||
" -extensions .. - Extension section (override value in config file)\n",
|
||||
" -crlexts .. - CRL extension section (override value in config file)\n",
|
||||
" -engine e - use engine e, possibly a hardware device.\n",
|
||||
NULL
|
||||
};
|
||||
|
||||
@@ -218,7 +216,6 @@ int MAIN(int, char **);
|
||||
|
||||
int MAIN(int argc, char **argv)
|
||||
{
|
||||
ENGINE *e = NULL;
|
||||
char *key=NULL,*passargin=NULL;
|
||||
int total=0;
|
||||
int total_done=0;
|
||||
@@ -271,7 +268,6 @@ int MAIN(int argc, char **argv)
|
||||
#define BSIZE 256
|
||||
MS_STATIC char buf[3][BSIZE];
|
||||
char *randfile=NULL;
|
||||
char *engine = NULL;
|
||||
|
||||
#ifdef EFENCE
|
||||
EF_PROTECT_FREE=1;
|
||||
@@ -423,11 +419,6 @@ EF_ALIGNMENT=0;
|
||||
if (--argc < 1) goto bad;
|
||||
crl_ext= *(++argv);
|
||||
}
|
||||
else if (strcmp(*argv,"-engine") == 0)
|
||||
{
|
||||
if (--argc < 1) goto bad;
|
||||
engine= *(++argv);
|
||||
}
|
||||
else
|
||||
{
|
||||
bad:
|
||||
@@ -448,24 +439,6 @@ bad:
|
||||
|
||||
ERR_load_crypto_strings();
|
||||
|
||||
if (engine != NULL)
|
||||
{
|
||||
if((e = ENGINE_by_id(engine)) == NULL)
|
||||
{
|
||||
BIO_printf(bio_err,"invalid engine \"%s\"\n",
|
||||
engine);
|
||||
goto err;
|
||||
}
|
||||
if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
|
||||
{
|
||||
BIO_printf(bio_err,"can't use that engine\n");
|
||||
goto err;
|
||||
}
|
||||
BIO_printf(bio_err,"engine \"%s\" set.\n", engine);
|
||||
/* Free our "structural" reference. */
|
||||
ENGINE_free(e);
|
||||
}
|
||||
|
||||
/*****************************************************************/
|
||||
if (configfile == NULL) configfile = getenv("OPENSSL_CONF");
|
||||
if (configfile == NULL) configfile = getenv("SSLEAY_CONF");
|
||||
@@ -717,12 +690,6 @@ bad:
|
||||
if (verbose)
|
||||
{
|
||||
BIO_set_fp(out,stdout,BIO_NOCLOSE|BIO_FP_TEXT); /* cannot fail */
|
||||
#ifdef VMS
|
||||
{
|
||||
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||
out = BIO_push(tmpbio, out);
|
||||
}
|
||||
#endif
|
||||
TXT_DB_write(out,db);
|
||||
BIO_printf(bio_err,"%d entries loaded from the database\n",
|
||||
db->data->num);
|
||||
@@ -757,15 +724,7 @@ bad:
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
BIO_set_fp(Sout,stdout,BIO_NOCLOSE|BIO_FP_TEXT);
|
||||
#ifdef VMS
|
||||
{
|
||||
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||
Sout = BIO_push(tmpbio, Sout);
|
||||
}
|
||||
#endif
|
||||
}
|
||||
}
|
||||
|
||||
if (req)
|
||||
@@ -1061,7 +1020,7 @@ bad:
|
||||
#endif
|
||||
|
||||
BIO_free(in);
|
||||
BIO_free_all(out);
|
||||
BIO_free(out);
|
||||
in=NULL;
|
||||
out=NULL;
|
||||
if (rename(serialfile,buf[2]) < 0)
|
||||
@@ -1135,7 +1094,7 @@ bad:
|
||||
}
|
||||
if ((crldays == 0) && (crlhours == 0))
|
||||
{
|
||||
BIO_printf(bio_err,"cannot lookup how long until the next CRL is issued\n");
|
||||
BIO_printf(bio_err,"cannot lookup how long until the next CRL is issuer\n");
|
||||
goto err;
|
||||
}
|
||||
|
||||
@@ -1247,11 +1206,7 @@ bad:
|
||||
X509_free(revcert);
|
||||
|
||||
strncpy(buf[0],dbfile,BSIZE-4);
|
||||
#ifndef VMS
|
||||
strcat(buf[0],".new");
|
||||
#else
|
||||
strcat(buf[0],"-new");
|
||||
#endif
|
||||
if (BIO_write_filename(out,buf[0]) <= 0)
|
||||
{
|
||||
perror(dbfile);
|
||||
@@ -1261,11 +1216,7 @@ bad:
|
||||
j=TXT_DB_write(out,db);
|
||||
if (j <= 0) goto err;
|
||||
strncpy(buf[1],dbfile,BSIZE-4);
|
||||
#ifndef VMS
|
||||
strcat(buf[1],".old");
|
||||
#else
|
||||
strcat(buf[1],"-old");
|
||||
#endif
|
||||
if (rename(dbfile,buf[1]) < 0)
|
||||
{
|
||||
BIO_printf(bio_err,"unable to rename %s to %s\n", dbfile, buf[1]);
|
||||
@@ -1286,9 +1237,9 @@ bad:
|
||||
ret=0;
|
||||
err:
|
||||
BIO_free(hex);
|
||||
BIO_free_all(Cout);
|
||||
BIO_free_all(Sout);
|
||||
BIO_free_all(out);
|
||||
BIO_free(Cout);
|
||||
BIO_free(Sout);
|
||||
BIO_free(out);
|
||||
BIO_free(in);
|
||||
|
||||
sk_X509_pop_free(cert_sk,X509_free);
|
||||
@@ -1403,7 +1354,7 @@ static int save_serial(char *serialfile, BIGNUM *serial)
|
||||
BIO_puts(out,"\n");
|
||||
ret=1;
|
||||
err:
|
||||
if (out != NULL) BIO_free_all(out);
|
||||
if (out != NULL) BIO_free(out);
|
||||
if (ai != NULL) ASN1_INTEGER_free(ai);
|
||||
return(ret);
|
||||
}
|
||||
|
||||
@@ -108,12 +108,6 @@ int MAIN(int argc, char **argv)
|
||||
if (bio_err == NULL)
|
||||
bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
|
||||
STDout=BIO_new_fp(stdout,BIO_NOCLOSE);
|
||||
#ifdef VMS
|
||||
{
|
||||
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||
STDout = BIO_push(tmpbio, STDout);
|
||||
}
|
||||
#endif
|
||||
|
||||
argc--;
|
||||
argv++;
|
||||
@@ -201,7 +195,7 @@ err:
|
||||
end:
|
||||
if (ctx != NULL) SSL_CTX_free(ctx);
|
||||
if (ssl != NULL) SSL_free(ssl);
|
||||
if (STDout != NULL) BIO_free_all(STDout);
|
||||
if (STDout != NULL) BIO_free(STDout);
|
||||
EXIT(ret);
|
||||
}
|
||||
|
||||
|
||||
20
apps/crl.c
20
apps/crl.c
@@ -122,15 +122,7 @@ int MAIN(int argc, char **argv)
|
||||
|
||||
if (bio_out == NULL)
|
||||
if ((bio_out=BIO_new(BIO_s_file())) != NULL)
|
||||
{
|
||||
BIO_set_fp(bio_out,stdout,BIO_NOCLOSE);
|
||||
#ifdef VMS
|
||||
{
|
||||
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||
bio_out = BIO_push(tmpbio, bio_out);
|
||||
}
|
||||
#endif
|
||||
}
|
||||
|
||||
informat=FORMAT_PEM;
|
||||
outformat=FORMAT_PEM;
|
||||
@@ -322,15 +314,7 @@ bad:
|
||||
}
|
||||
|
||||
if (outfile == NULL)
|
||||
{
|
||||
BIO_set_fp(out,stdout,BIO_NOCLOSE);
|
||||
#ifdef VMS
|
||||
{
|
||||
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||
out = BIO_push(tmpbio, out);
|
||||
}
|
||||
#endif
|
||||
}
|
||||
else
|
||||
{
|
||||
if (BIO_write_filename(out,outfile) <= 0)
|
||||
@@ -356,8 +340,8 @@ bad:
|
||||
if (!i) { BIO_printf(bio_err,"unable to write CRL\n"); goto end; }
|
||||
ret=0;
|
||||
end:
|
||||
BIO_free_all(out);
|
||||
BIO_free_all(bio_out);
|
||||
BIO_free(out);
|
||||
BIO_free(bio_out);
|
||||
bio_out=NULL;
|
||||
X509_CRL_free(x);
|
||||
if(store) {
|
||||
|
||||
@@ -141,7 +141,7 @@ int MAIN(int argc, char **argv)
|
||||
else if (strcmp(*argv,"-certfile") == 0)
|
||||
{
|
||||
if (--argc < 1) goto bad;
|
||||
if(!certflst) certflst = sk_new_null();
|
||||
if(!certflst) certflst = sk_new(NULL);
|
||||
sk_push(certflst,*(++argv));
|
||||
}
|
||||
else
|
||||
@@ -215,7 +215,7 @@ bad:
|
||||
p7s->contents->type=OBJ_nid2obj(NID_pkcs7_data);
|
||||
|
||||
if (!ASN1_INTEGER_set(p7s->version,1)) goto end;
|
||||
if ((crl_stack=sk_X509_CRL_new_null()) == NULL) goto end;
|
||||
if ((crl_stack=sk_X509_CRL_new(NULL)) == NULL) goto end;
|
||||
p7s->crl=crl_stack;
|
||||
if (crl != NULL)
|
||||
{
|
||||
@@ -223,7 +223,7 @@ bad:
|
||||
crl=NULL; /* now part of p7 for OPENSSL_freeing */
|
||||
}
|
||||
|
||||
if ((cert_stack=sk_X509_new_null()) == NULL) goto end;
|
||||
if ((cert_stack=sk_X509_new(NULL)) == NULL) goto end;
|
||||
p7s->cert=cert_stack;
|
||||
|
||||
if(certflst) for(i = 0; i < sk_num(certflst); i++) {
|
||||
@@ -239,15 +239,7 @@ bad:
|
||||
sk_free(certflst);
|
||||
|
||||
if (outfile == NULL)
|
||||
{
|
||||
BIO_set_fp(out,stdout,BIO_NOCLOSE);
|
||||
#ifdef VMS
|
||||
{
|
||||
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||
out = BIO_push(tmpbio, out);
|
||||
}
|
||||
#endif
|
||||
}
|
||||
else
|
||||
{
|
||||
if (BIO_write_filename(out,outfile) <= 0)
|
||||
@@ -274,7 +266,7 @@ bad:
|
||||
ret=0;
|
||||
end:
|
||||
if (in != NULL) BIO_free(in);
|
||||
if (out != NULL) BIO_free_all(out);
|
||||
if (out != NULL) BIO_free(out);
|
||||
if (p7 != NULL) PKCS7_free(p7);
|
||||
if (crl != NULL) X509_CRL_free(crl);
|
||||
|
||||
|
||||
57
apps/dgst.c
57
apps/dgst.c
@@ -66,7 +66,6 @@
|
||||
#include <openssl/objects.h>
|
||||
#include <openssl/x509.h>
|
||||
#include <openssl/pem.h>
|
||||
#include <openssl/engine.h>
|
||||
|
||||
#undef BUFSIZE
|
||||
#define BUFSIZE 1024*8
|
||||
@@ -74,14 +73,13 @@
|
||||
#undef PROG
|
||||
#define PROG dgst_main
|
||||
|
||||
void do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
|
||||
EVP_PKEY *key, unsigned char *sigin, int siglen);
|
||||
void do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, char binout,
|
||||
EVP_PKEY *key, unsigned char *sigin, unsigned int siglen);
|
||||
|
||||
int MAIN(int, char **);
|
||||
|
||||
int MAIN(int argc, char **argv)
|
||||
{
|
||||
ENGINE *e = NULL;
|
||||
unsigned char *buf=NULL;
|
||||
int i,err=0;
|
||||
const EVP_MD *md=NULL,*m;
|
||||
@@ -89,17 +87,16 @@ int MAIN(int argc, char **argv)
|
||||
BIO *bmd=NULL;
|
||||
BIO *out = NULL;
|
||||
const char *name;
|
||||
#define PROG_NAME_SIZE 39
|
||||
char pname[PROG_NAME_SIZE+1];
|
||||
#define PROG_NAME_SIZE 16
|
||||
char pname[PROG_NAME_SIZE];
|
||||
int separator=0;
|
||||
int debug=0;
|
||||
const char *outfile = NULL, *keyfile = NULL;
|
||||
const char *sigfile = NULL, *randfile = NULL;
|
||||
int out_bin = -1, want_pub = 0, do_verify = 0;
|
||||
char out_bin = -1, want_pub = 0, do_verify = 0;
|
||||
EVP_PKEY *sigkey = NULL;
|
||||
unsigned char *sigbuf = NULL;
|
||||
int siglen = 0;
|
||||
char *engine=NULL;
|
||||
unsigned int siglen = 0;
|
||||
|
||||
apps_startup();
|
||||
|
||||
@@ -157,11 +154,6 @@ int MAIN(int argc, char **argv)
|
||||
if (--argc < 1) break;
|
||||
sigfile=*(++argv);
|
||||
}
|
||||
else if (strcmp(*argv,"-engine") == 0)
|
||||
{
|
||||
if (--argc < 1) break;
|
||||
engine= *(++argv);
|
||||
}
|
||||
else if (strcmp(*argv,"-hex") == 0)
|
||||
out_bin = 0;
|
||||
else if (strcmp(*argv,"-binary") == 0)
|
||||
@@ -198,7 +190,6 @@ int MAIN(int argc, char **argv)
|
||||
BIO_printf(bio_err,"-prverify file verify a signature using private key in file\n");
|
||||
BIO_printf(bio_err,"-signature file signature to verify\n");
|
||||
BIO_printf(bio_err,"-binary output in binary form\n");
|
||||
BIO_printf(bio_err,"-engine e use engine e, possibly a hardware device.\n");
|
||||
|
||||
BIO_printf(bio_err,"-%3s to use the %s message digest algorithm (default)\n",
|
||||
LN_md5,LN_md5);
|
||||
@@ -218,24 +209,6 @@ int MAIN(int argc, char **argv)
|
||||
goto end;
|
||||
}
|
||||
|
||||
if (engine != NULL)
|
||||
{
|
||||
if((e = ENGINE_by_id(engine)) == NULL)
|
||||
{
|
||||
BIO_printf(bio_err,"invalid engine \"%s\"\n",
|
||||
engine);
|
||||
goto end;
|
||||
}
|
||||
if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
|
||||
{
|
||||
BIO_printf(bio_err,"can't use that engine\n");
|
||||
goto end;
|
||||
}
|
||||
BIO_printf(bio_err,"engine \"%s\" set.\n", engine);
|
||||
/* Free our "structural" reference. */
|
||||
ENGINE_free(e);
|
||||
}
|
||||
|
||||
in=BIO_new(BIO_s_file());
|
||||
bmd=BIO_new(BIO_f_md());
|
||||
if (debug)
|
||||
@@ -263,15 +236,7 @@ int MAIN(int argc, char **argv)
|
||||
if(out_bin)
|
||||
out = BIO_new_file(outfile, "wb");
|
||||
else out = BIO_new_file(outfile, "w");
|
||||
} else {
|
||||
out = BIO_new_fp(stdout, BIO_NOCLOSE);
|
||||
#ifdef VMS
|
||||
{
|
||||
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||
out = BIO_push(tmpbio, out);
|
||||
}
|
||||
#endif
|
||||
}
|
||||
} else out = BIO_new_fp(stdout, BIO_NOCLOSE);
|
||||
|
||||
if(!out) {
|
||||
BIO_printf(bio_err, "Error opening output file %s\n",
|
||||
@@ -358,15 +323,15 @@ end:
|
||||
OPENSSL_free(buf);
|
||||
}
|
||||
if (in != NULL) BIO_free(in);
|
||||
BIO_free_all(out);
|
||||
BIO_free(out);
|
||||
EVP_PKEY_free(sigkey);
|
||||
if(sigbuf) OPENSSL_free(sigbuf);
|
||||
if (bmd != NULL) BIO_free(bmd);
|
||||
EXIT(err);
|
||||
}
|
||||
|
||||
void do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
|
||||
EVP_PKEY *key, unsigned char *sigin, int siglen)
|
||||
void do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, char binout,
|
||||
EVP_PKEY *key, unsigned char *sigin, unsigned int siglen)
|
||||
{
|
||||
int len;
|
||||
int i;
|
||||
@@ -380,7 +345,7 @@ void do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
|
||||
{
|
||||
EVP_MD_CTX *ctx;
|
||||
BIO_get_md_ctx(bp, &ctx);
|
||||
i = EVP_VerifyFinal(ctx, sigin, (unsigned int)siglen, key);
|
||||
i = EVP_VerifyFinal(ctx, sigin, siglen, key);
|
||||
if(i > 0) BIO_printf(out, "Verified OK\n");
|
||||
else if(i == 0) BIO_printf(out, "Verification Failure\n");
|
||||
else
|
||||
|
||||
39
apps/dh.c
39
apps/dh.c
@@ -69,7 +69,6 @@
|
||||
#include <openssl/dh.h>
|
||||
#include <openssl/x509.h>
|
||||
#include <openssl/pem.h>
|
||||
#include <openssl/engine.h>
|
||||
|
||||
#undef PROG
|
||||
#define PROG dh_main
|
||||
@@ -88,12 +87,11 @@ int MAIN(int, char **);
|
||||
|
||||
int MAIN(int argc, char **argv)
|
||||
{
|
||||
ENGINE *e = NULL;
|
||||
DH *dh=NULL;
|
||||
int i,badops=0,text=0;
|
||||
BIO *in=NULL,*out=NULL;
|
||||
int informat,outformat,check=0,noout=0,C=0,ret=1;
|
||||
char *infile,*outfile,*prog,*engine;
|
||||
char *infile,*outfile,*prog;
|
||||
|
||||
apps_startup();
|
||||
|
||||
@@ -101,7 +99,6 @@ int MAIN(int argc, char **argv)
|
||||
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
|
||||
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
|
||||
|
||||
engine=NULL;
|
||||
infile=NULL;
|
||||
outfile=NULL;
|
||||
informat=FORMAT_PEM;
|
||||
@@ -132,11 +129,6 @@ int MAIN(int argc, char **argv)
|
||||
if (--argc < 1) goto bad;
|
||||
outfile= *(++argv);
|
||||
}
|
||||
else if (strcmp(*argv,"-engine") == 0)
|
||||
{
|
||||
if (--argc < 1) goto bad;
|
||||
engine= *(++argv);
|
||||
}
|
||||
else if (strcmp(*argv,"-check") == 0)
|
||||
check=1;
|
||||
else if (strcmp(*argv,"-text") == 0)
|
||||
@@ -168,30 +160,11 @@ bad:
|
||||
BIO_printf(bio_err," -text print a text form of the DH parameters\n");
|
||||
BIO_printf(bio_err," -C Output C code\n");
|
||||
BIO_printf(bio_err," -noout no output\n");
|
||||
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
|
||||
goto end;
|
||||
}
|
||||
|
||||
ERR_load_crypto_strings();
|
||||
|
||||
if (engine != NULL)
|
||||
{
|
||||
if((e = ENGINE_by_id(engine)) == NULL)
|
||||
{
|
||||
BIO_printf(bio_err,"invalid engine \"%s\"\n",
|
||||
engine);
|
||||
goto end;
|
||||
}
|
||||
if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
|
||||
{
|
||||
BIO_printf(bio_err,"can't use that engine\n");
|
||||
goto end;
|
||||
}
|
||||
BIO_printf(bio_err,"engine \"%s\" set.\n", engine);
|
||||
/* Free our "structural" reference. */
|
||||
ENGINE_free(e);
|
||||
}
|
||||
|
||||
in=BIO_new(BIO_s_file());
|
||||
out=BIO_new(BIO_s_file());
|
||||
if ((in == NULL) || (out == NULL))
|
||||
@@ -211,15 +184,7 @@ bad:
|
||||
}
|
||||
}
|
||||
if (outfile == NULL)
|
||||
{
|
||||
BIO_set_fp(out,stdout,BIO_NOCLOSE);
|
||||
#ifdef VMS
|
||||
{
|
||||
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||
out = BIO_push(tmpbio, out);
|
||||
}
|
||||
#endif
|
||||
}
|
||||
else
|
||||
{
|
||||
if (BIO_write_filename(out,outfile) <= 0)
|
||||
@@ -344,7 +309,7 @@ bad:
|
||||
ret=0;
|
||||
end:
|
||||
if (in != NULL) BIO_free(in);
|
||||
if (out != NULL) BIO_free_all(out);
|
||||
if (out != NULL) BIO_free(out);
|
||||
if (dh != NULL) DH_free(dh);
|
||||
EXIT(ret);
|
||||
}
|
||||
|
||||
@@ -121,7 +121,6 @@
|
||||
#include <openssl/dh.h>
|
||||
#include <openssl/x509.h>
|
||||
#include <openssl/pem.h>
|
||||
#include <openssl/engine.h>
|
||||
|
||||
#ifndef NO_DSA
|
||||
#include <openssl/dsa.h>
|
||||
@@ -149,7 +148,6 @@ int MAIN(int, char **);
|
||||
|
||||
int MAIN(int argc, char **argv)
|
||||
{
|
||||
ENGINE *e = NULL;
|
||||
DH *dh=NULL;
|
||||
int i,badops=0,text=0;
|
||||
#ifndef NO_DSA
|
||||
@@ -158,7 +156,7 @@ int MAIN(int argc, char **argv)
|
||||
BIO *in=NULL,*out=NULL;
|
||||
int informat,outformat,check=0,noout=0,C=0,ret=1;
|
||||
char *infile,*outfile,*prog;
|
||||
char *inrand=NULL,*engine=NULL;
|
||||
char *inrand=NULL;
|
||||
int num = 0, g = 0;
|
||||
|
||||
apps_startup();
|
||||
@@ -197,11 +195,6 @@ int MAIN(int argc, char **argv)
|
||||
if (--argc < 1) goto bad;
|
||||
outfile= *(++argv);
|
||||
}
|
||||
else if (strcmp(*argv,"-engine") == 0)
|
||||
{
|
||||
if (--argc < 1) goto bad;
|
||||
engine= *(++argv);
|
||||
}
|
||||
else if (strcmp(*argv,"-check") == 0)
|
||||
check=1;
|
||||
else if (strcmp(*argv,"-text") == 0)
|
||||
@@ -247,7 +240,6 @@ bad:
|
||||
BIO_printf(bio_err," -2 generate parameters using 2 as the generator value\n");
|
||||
BIO_printf(bio_err," -5 generate parameters using 5 as the generator value\n");
|
||||
BIO_printf(bio_err," numbits number of bits in to generate (default 512)\n");
|
||||
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
|
||||
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
|
||||
BIO_printf(bio_err," - load the file (or the files in the directory) into\n");
|
||||
BIO_printf(bio_err," the random number generator\n");
|
||||
@@ -257,24 +249,6 @@ bad:
|
||||
|
||||
ERR_load_crypto_strings();
|
||||
|
||||
if (engine != NULL)
|
||||
{
|
||||
if((e = ENGINE_by_id(engine)) == NULL)
|
||||
{
|
||||
BIO_printf(bio_err,"invalid engine \"%s\"\n",
|
||||
engine);
|
||||
goto end;
|
||||
}
|
||||
if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
|
||||
{
|
||||
BIO_printf(bio_err,"can't use that engine\n");
|
||||
goto end;
|
||||
}
|
||||
BIO_printf(bio_err,"engine \"%s\" set.\n", engine);
|
||||
/* Free our "structural" reference. */
|
||||
ENGINE_free(e);
|
||||
}
|
||||
|
||||
if (g && !num)
|
||||
num = DEFBITS;
|
||||
|
||||
@@ -417,15 +391,7 @@ bad:
|
||||
goto end;
|
||||
}
|
||||
if (outfile == NULL)
|
||||
{
|
||||
BIO_set_fp(out,stdout,BIO_NOCLOSE);
|
||||
#ifdef VMS
|
||||
{
|
||||
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||
out = BIO_push(tmpbio, out);
|
||||
}
|
||||
#endif
|
||||
}
|
||||
else
|
||||
{
|
||||
if (BIO_write_filename(out,outfile) <= 0)
|
||||
@@ -530,7 +496,7 @@ bad:
|
||||
ret=0;
|
||||
end:
|
||||
if (in != NULL) BIO_free(in);
|
||||
if (out != NULL) BIO_free_all(out);
|
||||
if (out != NULL) BIO_free(out);
|
||||
if (dh != NULL) DH_free(dh);
|
||||
EXIT(ret);
|
||||
}
|
||||
|
||||
39
apps/dsa.c
39
apps/dsa.c
@@ -68,7 +68,6 @@
|
||||
#include <openssl/evp.h>
|
||||
#include <openssl/x509.h>
|
||||
#include <openssl/pem.h>
|
||||
#include <openssl/engine.h>
|
||||
|
||||
#undef PROG
|
||||
#define PROG dsa_main
|
||||
@@ -88,7 +87,6 @@ int MAIN(int, char **);
|
||||
|
||||
int MAIN(int argc, char **argv)
|
||||
{
|
||||
ENGINE *e = NULL;
|
||||
int ret=1;
|
||||
DSA *dsa=NULL;
|
||||
int i,badops=0;
|
||||
@@ -96,7 +94,7 @@ int MAIN(int argc, char **argv)
|
||||
BIO *in=NULL,*out=NULL;
|
||||
int informat,outformat,text=0,noout=0;
|
||||
int pubin = 0, pubout = 0;
|
||||
char *infile,*outfile,*prog,*engine;
|
||||
char *infile,*outfile,*prog;
|
||||
char *passargin = NULL, *passargout = NULL;
|
||||
char *passin = NULL, *passout = NULL;
|
||||
int modulus=0;
|
||||
@@ -107,7 +105,6 @@ int MAIN(int argc, char **argv)
|
||||
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
|
||||
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
|
||||
|
||||
engine=NULL;
|
||||
infile=NULL;
|
||||
outfile=NULL;
|
||||
informat=FORMAT_PEM;
|
||||
@@ -148,11 +145,6 @@ int MAIN(int argc, char **argv)
|
||||
if (--argc < 1) goto bad;
|
||||
passargout= *(++argv);
|
||||
}
|
||||
else if (strcmp(*argv,"-engine") == 0)
|
||||
{
|
||||
if (--argc < 1) goto bad;
|
||||
engine= *(++argv);
|
||||
}
|
||||
else if (strcmp(*argv,"-noout") == 0)
|
||||
noout=1;
|
||||
else if (strcmp(*argv,"-text") == 0)
|
||||
@@ -184,7 +176,6 @@ bad:
|
||||
BIO_printf(bio_err," -passin arg input file pass phrase source\n");
|
||||
BIO_printf(bio_err," -out arg output file\n");
|
||||
BIO_printf(bio_err," -passout arg output file pass phrase source\n");
|
||||
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
|
||||
BIO_printf(bio_err," -des encrypt PEM output with cbc des\n");
|
||||
BIO_printf(bio_err," -des3 encrypt PEM output with ede cbc des using 168 bit key\n");
|
||||
#ifndef NO_IDEA
|
||||
@@ -198,24 +189,6 @@ bad:
|
||||
|
||||
ERR_load_crypto_strings();
|
||||
|
||||
if (engine != NULL)
|
||||
{
|
||||
if((e = ENGINE_by_id(engine)) == NULL)
|
||||
{
|
||||
BIO_printf(bio_err,"invalid engine \"%s\"\n",
|
||||
engine);
|
||||
goto end;
|
||||
}
|
||||
if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
|
||||
{
|
||||
BIO_printf(bio_err,"can't use that engine\n");
|
||||
goto end;
|
||||
}
|
||||
BIO_printf(bio_err,"engine \"%s\" set.\n", engine);
|
||||
/* Free our "structural" reference. */
|
||||
ENGINE_free(e);
|
||||
}
|
||||
|
||||
if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
|
||||
BIO_printf(bio_err, "Error getting passwords\n");
|
||||
goto end;
|
||||
@@ -260,15 +233,7 @@ bad:
|
||||
}
|
||||
|
||||
if (outfile == NULL)
|
||||
{
|
||||
BIO_set_fp(out,stdout,BIO_NOCLOSE);
|
||||
#ifdef VMS
|
||||
{
|
||||
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||
out = BIO_push(tmpbio, out);
|
||||
}
|
||||
#endif
|
||||
}
|
||||
else
|
||||
{
|
||||
if (BIO_write_filename(out,outfile) <= 0)
|
||||
@@ -316,7 +281,7 @@ bad:
|
||||
ret=0;
|
||||
end:
|
||||
if(in != NULL) BIO_free(in);
|
||||
if(out != NULL) BIO_free_all(out);
|
||||
if(out != NULL) BIO_free(out);
|
||||
if(dsa != NULL) DSA_free(dsa);
|
||||
if(passin) OPENSSL_free(passin);
|
||||
if(passout) OPENSSL_free(passout);
|
||||
|
||||
@@ -176,7 +176,7 @@ bad:
|
||||
BIO_printf(bio_err," -outform arg output format - DER or PEM\n");
|
||||
BIO_printf(bio_err," -in arg input file\n");
|
||||
BIO_printf(bio_err," -out arg output file\n");
|
||||
BIO_printf(bio_err," -text print as text\n");
|
||||
BIO_printf(bio_err," -text print the key in text\n");
|
||||
BIO_printf(bio_err," -C Output C code\n");
|
||||
BIO_printf(bio_err," -noout no output\n");
|
||||
BIO_printf(bio_err," -rand files to use for random number input\n");
|
||||
@@ -205,15 +205,7 @@ bad:
|
||||
}
|
||||
}
|
||||
if (outfile == NULL)
|
||||
{
|
||||
BIO_set_fp(out,stdout,BIO_NOCLOSE);
|
||||
#ifdef VMS
|
||||
{
|
||||
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||
out = BIO_push(tmpbio, out);
|
||||
}
|
||||
#endif
|
||||
}
|
||||
else
|
||||
{
|
||||
if (BIO_write_filename(out,outfile) <= 0)
|
||||
@@ -311,7 +303,7 @@ bad:
|
||||
printf("\tdsa->g=BN_bin2bn(dsa%d_g,sizeof(dsa%d_g),NULL);\n",
|
||||
bits_p,bits_p);
|
||||
printf("\tif ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL))\n");
|
||||
printf("\t\t{ DSA_free(dsa); return(NULL); }\n");
|
||||
printf("\t\treturn(NULL);\n");
|
||||
printf("\treturn(dsa);\n\t}\n");
|
||||
}
|
||||
|
||||
@@ -355,7 +347,7 @@ bad:
|
||||
ret=0;
|
||||
end:
|
||||
if (in != NULL) BIO_free(in);
|
||||
if (out != NULL) BIO_free_all(out);
|
||||
if (out != NULL) BIO_free(out);
|
||||
if (dsa != NULL) DSA_free(dsa);
|
||||
EXIT(ret);
|
||||
}
|
||||
|
||||
49
apps/enc.c
49
apps/enc.c
@@ -70,7 +70,6 @@
|
||||
#include <openssl/md5.h>
|
||||
#endif
|
||||
#include <openssl/pem.h>
|
||||
#include <openssl/engine.h>
|
||||
|
||||
int set_hex(char *in,unsigned char *out,int size);
|
||||
#undef SIZE
|
||||
@@ -85,7 +84,6 @@ int MAIN(int, char **);
|
||||
|
||||
int MAIN(int argc, char **argv)
|
||||
{
|
||||
ENGINE *e = NULL;
|
||||
static const char magic[]="Salted__";
|
||||
char mbuf[8]; /* should be 1 smaller than magic */
|
||||
char *strbuf=NULL;
|
||||
@@ -101,9 +99,8 @@ int MAIN(int argc, char **argv)
|
||||
const EVP_CIPHER *cipher=NULL,*c;
|
||||
char *inf=NULL,*outf=NULL;
|
||||
BIO *in=NULL,*out=NULL,*b64=NULL,*benc=NULL,*rbio=NULL,*wbio=NULL;
|
||||
#define PROG_NAME_SIZE 39
|
||||
char pname[PROG_NAME_SIZE+1];
|
||||
char *engine = NULL;
|
||||
#define PROG_NAME_SIZE 16
|
||||
char pname[PROG_NAME_SIZE];
|
||||
|
||||
apps_startup();
|
||||
|
||||
@@ -144,11 +141,6 @@ int MAIN(int argc, char **argv)
|
||||
if (--argc < 1) goto bad;
|
||||
passarg= *(++argv);
|
||||
}
|
||||
else if (strcmp(*argv,"-engine") == 0)
|
||||
{
|
||||
if (--argc < 1) goto bad;
|
||||
engine= *(++argv);
|
||||
}
|
||||
else if (strcmp(*argv,"-d") == 0)
|
||||
enc=0;
|
||||
else if (strcmp(*argv,"-p") == 0)
|
||||
@@ -249,7 +241,6 @@ bad:
|
||||
BIO_printf(bio_err,"%-14s key/iv in hex is the next argument\n","-K/-iv");
|
||||
BIO_printf(bio_err,"%-14s print the iv/key (then exit if -P)\n","-[pP]");
|
||||
BIO_printf(bio_err,"%-14s buffer size\n","-bufsize <n>");
|
||||
BIO_printf(bio_err,"%-14s use engine e, possibly a hardware device.\n","-engine e");
|
||||
|
||||
BIO_printf(bio_err,"Cipher Types\n");
|
||||
BIO_printf(bio_err,"des : 56 bit key DES encryption\n");
|
||||
@@ -323,24 +314,6 @@ bad:
|
||||
argv++;
|
||||
}
|
||||
|
||||
if (engine != NULL)
|
||||
{
|
||||
if((e = ENGINE_by_id(engine)) == NULL)
|
||||
{
|
||||
BIO_printf(bio_err,"invalid engine \"%s\"\n",
|
||||
engine);
|
||||
goto end;
|
||||
}
|
||||
if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
|
||||
{
|
||||
BIO_printf(bio_err,"can't use that engine\n");
|
||||
goto end;
|
||||
}
|
||||
BIO_printf(bio_err,"engine \"%s\" set.\n", engine);
|
||||
/* Free our "structural" reference. */
|
||||
ENGINE_free(e);
|
||||
}
|
||||
|
||||
if (bufsize != NULL)
|
||||
{
|
||||
unsigned long n;
|
||||
@@ -443,15 +416,7 @@ bad:
|
||||
|
||||
|
||||
if (outf == NULL)
|
||||
{
|
||||
BIO_set_fp(out,stdout,BIO_NOCLOSE);
|
||||
#ifdef VMS
|
||||
{
|
||||
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||
out = BIO_push(tmpbio, out);
|
||||
}
|
||||
#endif
|
||||
}
|
||||
else
|
||||
{
|
||||
if (BIO_write_filename(out,outf) <= 0)
|
||||
@@ -542,14 +507,6 @@ bad:
|
||||
BIO_printf(bio_err,"invalid hex iv value\n");
|
||||
goto end;
|
||||
}
|
||||
if ((hiv == NULL) && (str == NULL))
|
||||
{
|
||||
/* No IV was explicitly set and no IV was generated
|
||||
* during EVP_BytesToKey. Hence the IV is undefined,
|
||||
* making correct decryption impossible. */
|
||||
BIO_printf(bio_err, "iv undefined\n");
|
||||
goto end;
|
||||
}
|
||||
if ((hkey != NULL) && !set_hex(hkey,key,24))
|
||||
{
|
||||
BIO_printf(bio_err,"invalid hex key value\n");
|
||||
@@ -627,7 +584,7 @@ end:
|
||||
if (strbuf != NULL) OPENSSL_free(strbuf);
|
||||
if (buff != NULL) OPENSSL_free(buff);
|
||||
if (in != NULL) BIO_free(in);
|
||||
if (out != NULL) BIO_free_all(out);
|
||||
if (out != NULL) BIO_free(out);
|
||||
if (benc != NULL) BIO_free(benc);
|
||||
if (b64 != NULL) BIO_free(b64);
|
||||
if(pass) OPENSSL_free(pass);
|
||||
|
||||
@@ -91,18 +91,12 @@ int MAIN(int argc, char **argv)
|
||||
out=BIO_new(BIO_s_file());
|
||||
if ((out != NULL) && BIO_set_fp(out,stdout,BIO_NOCLOSE))
|
||||
{
|
||||
#ifdef VMS
|
||||
{
|
||||
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||
out = BIO_push(tmpbio, out);
|
||||
}
|
||||
#endif
|
||||
lh_node_stats_bio((LHASH *)ERR_get_string_table(),out);
|
||||
lh_stats_bio((LHASH *)ERR_get_string_table(),out);
|
||||
lh_node_usage_stats_bio((LHASH *)
|
||||
ERR_get_string_table(),out);
|
||||
}
|
||||
if (out != NULL) BIO_free_all(out);
|
||||
if (out != NULL) BIO_free(out);
|
||||
argc--;
|
||||
argv++;
|
||||
}
|
||||
|
||||
43
apps/gendh.c
43
apps/gendh.c
@@ -70,7 +70,6 @@
|
||||
#include <openssl/dh.h>
|
||||
#include <openssl/x509.h>
|
||||
#include <openssl/pem.h>
|
||||
#include <openssl/engine.h>
|
||||
|
||||
#define DEFBITS 512
|
||||
#undef PROG
|
||||
@@ -82,13 +81,11 @@ int MAIN(int, char **);
|
||||
|
||||
int MAIN(int argc, char **argv)
|
||||
{
|
||||
ENGINE *e = NULL;
|
||||
DH *dh=NULL;
|
||||
int ret=1,num=DEFBITS;
|
||||
int g=2;
|
||||
char *outfile=NULL;
|
||||
char *inrand=NULL;
|
||||
char *engine=NULL;
|
||||
BIO *out=NULL;
|
||||
|
||||
apps_startup();
|
||||
@@ -113,11 +110,6 @@ int MAIN(int argc, char **argv)
|
||||
g=3; */
|
||||
else if (strcmp(*argv,"-5") == 0)
|
||||
g=5;
|
||||
else if (strcmp(*argv,"-engine") == 0)
|
||||
{
|
||||
if (--argc < 1) goto bad;
|
||||
engine= *(++argv);
|
||||
}
|
||||
else if (strcmp(*argv,"-rand") == 0)
|
||||
{
|
||||
if (--argc < 1) goto bad;
|
||||
@@ -133,34 +125,15 @@ int MAIN(int argc, char **argv)
|
||||
bad:
|
||||
BIO_printf(bio_err,"usage: gendh [args] [numbits]\n");
|
||||
BIO_printf(bio_err," -out file - output the key to 'file\n");
|
||||
BIO_printf(bio_err," -2 - use 2 as the generator value\n");
|
||||
/* BIO_printf(bio_err," -3 - use 3 as the generator value\n"); */
|
||||
BIO_printf(bio_err," -5 - use 5 as the generator value\n");
|
||||
BIO_printf(bio_err," -engine e - use engine e, possibly a hardware device.\n");
|
||||
BIO_printf(bio_err," -2 use 2 as the generator value\n");
|
||||
/* BIO_printf(bio_err," -3 use 3 as the generator value\n"); */
|
||||
BIO_printf(bio_err," -5 use 5 as the generator value\n");
|
||||
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
|
||||
BIO_printf(bio_err," - load the file (or the files in the directory) into\n");
|
||||
BIO_printf(bio_err," the random number generator\n");
|
||||
goto end;
|
||||
}
|
||||
|
||||
if (engine != NULL)
|
||||
{
|
||||
if((e = ENGINE_by_id(engine)) == NULL)
|
||||
{
|
||||
BIO_printf(bio_err,"invalid engine \"%s\"\n",
|
||||
engine);
|
||||
goto end;
|
||||
}
|
||||
if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
|
||||
{
|
||||
BIO_printf(bio_err,"can't use that engine\n");
|
||||
goto end;
|
||||
}
|
||||
BIO_printf(bio_err,"engine \"%s\" set.\n", engine);
|
||||
/* Free our "structural" reference. */
|
||||
ENGINE_free(e);
|
||||
}
|
||||
|
||||
out=BIO_new(BIO_s_file());
|
||||
if (out == NULL)
|
||||
{
|
||||
@@ -169,15 +142,7 @@ bad:
|
||||
}
|
||||
|
||||
if (outfile == NULL)
|
||||
{
|
||||
BIO_set_fp(out,stdout,BIO_NOCLOSE);
|
||||
#ifdef VMS
|
||||
{
|
||||
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||
out = BIO_push(tmpbio, out);
|
||||
}
|
||||
#endif
|
||||
}
|
||||
else
|
||||
{
|
||||
if (BIO_write_filename(out,outfile) <= 0)
|
||||
@@ -209,7 +174,7 @@ bad:
|
||||
end:
|
||||
if (ret != 0)
|
||||
ERR_print_errors(bio_err);
|
||||
if (out != NULL) BIO_free_all(out);
|
||||
if (out != NULL) BIO_free(out);
|
||||
if (dh != NULL) DH_free(dh);
|
||||
EXIT(ret);
|
||||
}
|
||||
|
||||
@@ -68,7 +68,6 @@
|
||||
#include <openssl/dsa.h>
|
||||
#include <openssl/x509.h>
|
||||
#include <openssl/pem.h>
|
||||
#include <openssl/engine.h>
|
||||
|
||||
#define DEFBITS 512
|
||||
#undef PROG
|
||||
@@ -78,7 +77,6 @@ int MAIN(int, char **);
|
||||
|
||||
int MAIN(int argc, char **argv)
|
||||
{
|
||||
ENGINE *e = NULL;
|
||||
DSA *dsa=NULL;
|
||||
int ret=1;
|
||||
char *outfile=NULL;
|
||||
@@ -86,7 +84,6 @@ int MAIN(int argc, char **argv)
|
||||
char *passargout = NULL, *passout = NULL;
|
||||
BIO *out=NULL,*in=NULL;
|
||||
EVP_CIPHER *enc=NULL;
|
||||
char *engine=NULL;
|
||||
|
||||
apps_startup();
|
||||
|
||||
@@ -109,11 +106,6 @@ int MAIN(int argc, char **argv)
|
||||
if (--argc < 1) goto bad;
|
||||
passargout= *(++argv);
|
||||
}
|
||||
else if (strcmp(*argv,"-engine") == 0)
|
||||
{
|
||||
if (--argc < 1) goto bad;
|
||||
engine= *(++argv);
|
||||
}
|
||||
else if (strcmp(*argv,"-rand") == 0)
|
||||
{
|
||||
if (--argc < 1) goto bad;
|
||||
@@ -153,7 +145,6 @@ bad:
|
||||
#ifndef NO_IDEA
|
||||
BIO_printf(bio_err," -idea - encrypt the generated key with IDEA in cbc mode\n");
|
||||
#endif
|
||||
BIO_printf(bio_err," -engine e - use engine e, possibly a hardware device.\n");
|
||||
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
|
||||
BIO_printf(bio_err," - load the file (or the files in the directory) into\n");
|
||||
BIO_printf(bio_err," the random number generator\n");
|
||||
@@ -162,24 +153,6 @@ bad:
|
||||
goto end;
|
||||
}
|
||||
|
||||
if (engine != NULL)
|
||||
{
|
||||
if((e = ENGINE_by_id(engine)) == NULL)
|
||||
{
|
||||
BIO_printf(bio_err,"invalid engine \"%s\"\n",
|
||||
engine);
|
||||
goto end;
|
||||
}
|
||||
if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
|
||||
{
|
||||
BIO_printf(bio_err,"can't use that engine\n");
|
||||
goto end;
|
||||
}
|
||||
BIO_printf(bio_err,"engine \"%s\" set.\n", engine);
|
||||
/* Free our "structural" reference. */
|
||||
ENGINE_free(e);
|
||||
}
|
||||
|
||||
if(!app_passwd(bio_err, NULL, passargout, NULL, &passout)) {
|
||||
BIO_printf(bio_err, "Error getting password\n");
|
||||
goto end;
|
||||
@@ -205,15 +178,7 @@ bad:
|
||||
if (out == NULL) goto end;
|
||||
|
||||
if (outfile == NULL)
|
||||
{
|
||||
BIO_set_fp(out,stdout,BIO_NOCLOSE);
|
||||
#ifdef VMS
|
||||
{
|
||||
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||
out = BIO_push(tmpbio, out);
|
||||
}
|
||||
#endif
|
||||
}
|
||||
else
|
||||
{
|
||||
if (BIO_write_filename(out,outfile) <= 0)
|
||||
@@ -244,7 +209,7 @@ end:
|
||||
if (ret != 0)
|
||||
ERR_print_errors(bio_err);
|
||||
if (in != NULL) BIO_free(in);
|
||||
if (out != NULL) BIO_free_all(out);
|
||||
if (out != NULL) BIO_free(out);
|
||||
if (dsa != NULL) DSA_free(dsa);
|
||||
if(passout) OPENSSL_free(passout);
|
||||
EXIT(ret);
|
||||
|
||||
@@ -69,7 +69,6 @@
|
||||
#include <openssl/evp.h>
|
||||
#include <openssl/x509.h>
|
||||
#include <openssl/pem.h>
|
||||
#include <openssl/engine.h>
|
||||
|
||||
#define DEFBITS 512
|
||||
#undef PROG
|
||||
@@ -81,7 +80,6 @@ int MAIN(int, char **);
|
||||
|
||||
int MAIN(int argc, char **argv)
|
||||
{
|
||||
ENGINE *e = NULL;
|
||||
int ret=1;
|
||||
RSA *rsa=NULL;
|
||||
int i,num=DEFBITS;
|
||||
@@ -90,7 +88,6 @@ int MAIN(int argc, char **argv)
|
||||
unsigned long f4=RSA_F4;
|
||||
char *outfile=NULL;
|
||||
char *passargout = NULL, *passout = NULL;
|
||||
char *engine=NULL;
|
||||
char *inrand=NULL;
|
||||
BIO *out=NULL;
|
||||
|
||||
@@ -119,11 +116,6 @@ int MAIN(int argc, char **argv)
|
||||
f4=3;
|
||||
else if (strcmp(*argv,"-F4") == 0 || strcmp(*argv,"-f4") == 0)
|
||||
f4=RSA_F4;
|
||||
else if (strcmp(*argv,"-engine") == 0)
|
||||
{
|
||||
if (--argc < 1) goto bad;
|
||||
engine= *(++argv);
|
||||
}
|
||||
else if (strcmp(*argv,"-rand") == 0)
|
||||
{
|
||||
if (--argc < 1) goto bad;
|
||||
@@ -162,7 +154,6 @@ bad:
|
||||
BIO_printf(bio_err," -passout arg output file pass phrase source\n");
|
||||
BIO_printf(bio_err," -f4 use F4 (0x10001) for the E value\n");
|
||||
BIO_printf(bio_err," -3 use 3 for the E value\n");
|
||||
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
|
||||
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
|
||||
BIO_printf(bio_err," load the file (or the files in the directory) into\n");
|
||||
BIO_printf(bio_err," the random number generator\n");
|
||||
@@ -176,34 +167,8 @@ bad:
|
||||
goto err;
|
||||
}
|
||||
|
||||
if (engine != NULL)
|
||||
{
|
||||
if((e = ENGINE_by_id(engine)) == NULL)
|
||||
{
|
||||
BIO_printf(bio_err,"invalid engine \"%s\"\n",
|
||||
engine);
|
||||
goto err;
|
||||
}
|
||||
if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
|
||||
{
|
||||
BIO_printf(bio_err,"can't use that engine\n");
|
||||
goto err;
|
||||
}
|
||||
BIO_printf(bio_err,"engine \"%s\" set.\n", engine);
|
||||
/* Free our "structural" reference. */
|
||||
ENGINE_free(e);
|
||||
}
|
||||
|
||||
if (outfile == NULL)
|
||||
{
|
||||
BIO_set_fp(out,stdout,BIO_NOCLOSE);
|
||||
#ifdef VMS
|
||||
{
|
||||
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||
out = BIO_push(tmpbio, out);
|
||||
}
|
||||
#endif
|
||||
}
|
||||
else
|
||||
{
|
||||
if (BIO_write_filename(out,outfile) <= 0)
|
||||
@@ -213,8 +178,7 @@ bad:
|
||||
}
|
||||
}
|
||||
|
||||
if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL
|
||||
&& !RAND_status())
|
||||
if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL)
|
||||
{
|
||||
BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
|
||||
}
|
||||
@@ -248,7 +212,7 @@ bad:
|
||||
ret=0;
|
||||
err:
|
||||
if (rsa != NULL) RSA_free(rsa);
|
||||
if (out != NULL) BIO_free_all(out);
|
||||
if (out != NULL) BIO_free(out);
|
||||
if(passout) OPENSSL_free(passout);
|
||||
if (ret != 0)
|
||||
ERR_print_errors(bio_err);
|
||||
|
||||
@@ -1133,7 +1133,6 @@ $!
|
||||
$! Save directory information
|
||||
$!
|
||||
$ __HERE = F$PARSE(F$PARSE("A.;",F$ENVIRONMENT("PROCEDURE"))-"A.;","[]A.;") - "A.;"
|
||||
$ __HERE = F$EDIT(__HERE,"UPCASE")
|
||||
$ __TOP = __HERE - "APPS]"
|
||||
$ __INCLUDE = __TOP + "INCLUDE.OPENSSL]"
|
||||
$!
|
||||
|
||||
15
apps/nseq.c
15
apps/nseq.c
@@ -119,18 +119,11 @@ int MAIN(int argc, char **argv)
|
||||
"Can't open output file %s\n", outfile);
|
||||
goto end;
|
||||
}
|
||||
} else {
|
||||
out = BIO_new_fp(stdout, BIO_NOCLOSE);
|
||||
#ifdef VMS
|
||||
{
|
||||
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||
out = BIO_push(tmpbio, out);
|
||||
}
|
||||
#endif
|
||||
}
|
||||
} else out = BIO_new_fp(stdout, BIO_NOCLOSE);
|
||||
|
||||
if (toseq) {
|
||||
seq = NETSCAPE_CERT_SEQUENCE_new();
|
||||
seq->certs = sk_X509_new_null();
|
||||
seq->certs = sk_X509_new(NULL);
|
||||
while((x509 = PEM_read_bio_X509(in, NULL, NULL, NULL)))
|
||||
sk_X509_push(seq->certs,x509);
|
||||
|
||||
@@ -159,7 +152,7 @@ int MAIN(int argc, char **argv)
|
||||
ret = 0;
|
||||
end:
|
||||
BIO_free(in);
|
||||
BIO_free_all(out);
|
||||
BIO_free(out);
|
||||
NETSCAPE_CERT_SEQUENCE_free(seq);
|
||||
|
||||
EXIT(ret);
|
||||
|
||||
@@ -88,8 +88,8 @@ BIO *bio_err=NULL;
|
||||
int main(int Argc, char *Argv[])
|
||||
{
|
||||
ARGS arg;
|
||||
#define PROG_NAME_SIZE 39
|
||||
char pname[PROG_NAME_SIZE+1];
|
||||
#define PROG_NAME_SIZE 16
|
||||
char pname[PROG_NAME_SIZE];
|
||||
FUNCTION f,*fp;
|
||||
MS_STATIC char *prompt,buf[1024],config_name[256];
|
||||
int n,i,ret=0;
|
||||
@@ -238,19 +238,13 @@ static int do_cmd(LHASH *prog, int argc, char *argv[])
|
||||
else if ((strncmp(argv[0],"no-",3)) == 0)
|
||||
{
|
||||
BIO *bio_stdout = BIO_new_fp(stdout,BIO_NOCLOSE);
|
||||
#ifdef VMS
|
||||
{
|
||||
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||
bio_stdout = BIO_push(tmpbio, bio_stdout);
|
||||
}
|
||||
#endif
|
||||
f.name=argv[0]+3;
|
||||
ret = (lh_retrieve(prog,&f) != NULL);
|
||||
if (!ret)
|
||||
BIO_printf(bio_stdout, "%s\n", argv[0]);
|
||||
else
|
||||
BIO_printf(bio_stdout, "%s\n", argv[0]+3);
|
||||
BIO_free_all(bio_stdout);
|
||||
BIO_free(bio_stdout);
|
||||
goto end;
|
||||
}
|
||||
else if ((strcmp(argv[0],"quit") == 0) ||
|
||||
@@ -275,17 +269,11 @@ static int do_cmd(LHASH *prog, int argc, char *argv[])
|
||||
else /* strcmp(argv[0],LIST_CIPHER_COMMANDS) == 0 */
|
||||
list_type = FUNC_TYPE_CIPHER;
|
||||
bio_stdout = BIO_new_fp(stdout,BIO_NOCLOSE);
|
||||
#ifdef VMS
|
||||
{
|
||||
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||
bio_stdout = BIO_push(tmpbio, bio_stdout);
|
||||
}
|
||||
#endif
|
||||
|
||||
for (fp=functions; fp->name != NULL; fp++)
|
||||
if (fp->type == list_type)
|
||||
BIO_printf(bio_stdout, "%s\n", fp->name);
|
||||
BIO_free_all(bio_stdout);
|
||||
BIO_free(bio_stdout);
|
||||
ret=0;
|
||||
goto end;
|
||||
}
|
||||
|
||||
@@ -81,12 +81,6 @@ int MAIN(int argc, char **argv)
|
||||
if (out == NULL)
|
||||
goto err;
|
||||
BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT);
|
||||
#ifdef VMS
|
||||
{
|
||||
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||
out = BIO_push(tmpbio, out);
|
||||
}
|
||||
#endif
|
||||
|
||||
badopt = 0, opt_done = 0;
|
||||
i = 0;
|
||||
@@ -272,7 +266,6 @@ int MAIN(int argc, char **argv)
|
||||
}
|
||||
while (!done);
|
||||
}
|
||||
ret = 0;
|
||||
|
||||
err:
|
||||
ERR_print_errors(bio_err);
|
||||
@@ -283,7 +276,7 @@ err:
|
||||
if (in)
|
||||
BIO_free(in);
|
||||
if (out)
|
||||
BIO_free_all(out);
|
||||
BIO_free(out);
|
||||
EXIT(ret);
|
||||
}
|
||||
|
||||
@@ -316,7 +309,7 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt)
|
||||
strncat(out_buf, "$", 1);
|
||||
strncat(out_buf, salt, 8);
|
||||
assert(strlen(out_buf) <= 6 + 8); /* "$apr1$..salt.." */
|
||||
salt_out = out_buf + 2 + strlen(magic);
|
||||
salt_out = out_buf + 6;
|
||||
salt_len = strlen(salt_out);
|
||||
assert(salt_len <= 8);
|
||||
|
||||
|
||||
@@ -1 +1 @@
|
||||
07
|
||||
01
|
||||
|
||||
@@ -66,7 +66,6 @@
|
||||
#include <openssl/err.h>
|
||||
#include <openssl/pem.h>
|
||||
#include <openssl/pkcs12.h>
|
||||
#include <openssl/engine.h>
|
||||
|
||||
#define PROG pkcs12_main
|
||||
|
||||
@@ -93,7 +92,6 @@ int MAIN(int, char **);
|
||||
|
||||
int MAIN(int argc, char **argv)
|
||||
{
|
||||
ENGINE *e = NULL;
|
||||
char *infile=NULL, *outfile=NULL, *keyname = NULL;
|
||||
char *certfile=NULL;
|
||||
BIO *in=NULL, *out = NULL, *inkey = NULL, *certsin = NULL;
|
||||
@@ -120,7 +118,6 @@ int MAIN(int argc, char **argv)
|
||||
char *passin = NULL, *passout = NULL;
|
||||
char *inrand = NULL;
|
||||
char *CApath = NULL, *CAfile = NULL;
|
||||
char *engine=NULL;
|
||||
|
||||
apps_startup();
|
||||
|
||||
@@ -200,7 +197,7 @@ int MAIN(int argc, char **argv)
|
||||
} else if (!strcmp (*args, "-caname")) {
|
||||
if (args[1]) {
|
||||
args++;
|
||||
if (!canames) canames = sk_new_null();
|
||||
if (!canames) canames = sk_new(NULL);
|
||||
sk_push(canames, *args);
|
||||
} else badarg = 1;
|
||||
} else if (!strcmp (*args, "-in")) {
|
||||
@@ -239,11 +236,6 @@ int MAIN(int argc, char **argv)
|
||||
args++;
|
||||
CAfile = *args;
|
||||
} else badarg = 1;
|
||||
} else if (!strcmp(*args,"-engine")) {
|
||||
if (args[1]) {
|
||||
args++;
|
||||
engine = *args;
|
||||
} else badarg = 1;
|
||||
} else badarg = 1;
|
||||
|
||||
} else badarg = 1;
|
||||
@@ -287,27 +279,12 @@ int MAIN(int argc, char **argv)
|
||||
BIO_printf (bio_err, "-password p set import/export password source\n");
|
||||
BIO_printf (bio_err, "-passin p input file pass phrase source\n");
|
||||
BIO_printf (bio_err, "-passout p output file pass phrase source\n");
|
||||
BIO_printf (bio_err, "-engine e use engine e, possibly a hardware device.\n");
|
||||
BIO_printf(bio_err, "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
|
||||
BIO_printf(bio_err, " load the file (or the files in the directory) into\n");
|
||||
BIO_printf(bio_err, " the random number generator\n");
|
||||
goto end;
|
||||
}
|
||||
|
||||
if (engine != NULL) {
|
||||
if((e = ENGINE_by_id(engine)) == NULL) {
|
||||
BIO_printf(bio_err,"invalid engine \"%s\"\n", engine);
|
||||
goto end;
|
||||
}
|
||||
if(!ENGINE_set_default(e, ENGINE_METHOD_ALL)) {
|
||||
BIO_printf(bio_err,"can't use that engine\n");
|
||||
goto end;
|
||||
}
|
||||
BIO_printf(bio_err,"engine \"%s\" set.\n", engine);
|
||||
/* Free our "structural" reference. */
|
||||
ENGINE_free(e);
|
||||
}
|
||||
|
||||
if(passarg) {
|
||||
if(export_cert) passargout = passarg;
|
||||
else passargin = passarg;
|
||||
@@ -373,15 +350,8 @@ int MAIN(int argc, char **argv)
|
||||
CRYPTO_push_info("write files");
|
||||
#endif
|
||||
|
||||
if (!outfile) {
|
||||
out = BIO_new_fp(stdout, BIO_NOCLOSE);
|
||||
#ifdef VMS
|
||||
{
|
||||
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||
out = BIO_push(tmpbio, out);
|
||||
}
|
||||
#endif
|
||||
} else out = BIO_new_file(outfile, "wb");
|
||||
if (!outfile) out = BIO_new_fp(stdout, BIO_NOCLOSE);
|
||||
else out = BIO_new_file(outfile, "wb");
|
||||
if (!out) {
|
||||
BIO_printf(bio_err, "Error opening output file %s\n",
|
||||
outfile ? outfile : "<stdout>");
|
||||
@@ -434,7 +404,7 @@ int MAIN(int argc, char **argv)
|
||||
CRYPTO_push_info("reading certs from input");
|
||||
#endif
|
||||
|
||||
certs = sk_X509_new_null();
|
||||
certs = sk_X509_new(NULL);
|
||||
|
||||
/* Load in all certs in input file */
|
||||
if(!cert_load(in, certs)) {
|
||||
@@ -466,7 +436,7 @@ int MAIN(int argc, char **argv)
|
||||
CRYPTO_push_info("reading certs from certfile");
|
||||
#endif
|
||||
|
||||
bags = sk_PKCS12_SAFEBAG_new_null ();
|
||||
bags = sk_PKCS12_SAFEBAG_new (NULL);
|
||||
|
||||
/* Add any more certificates asked for */
|
||||
if (certsin) {
|
||||
@@ -557,7 +527,7 @@ int MAIN(int argc, char **argv)
|
||||
goto export_end;
|
||||
}
|
||||
|
||||
safes = sk_PKCS7_new_null ();
|
||||
safes = sk_PKCS7_new (NULL);
|
||||
sk_PKCS7_push (safes, authsafe);
|
||||
|
||||
#ifdef CRYPTO_MDEBUG
|
||||
@@ -573,7 +543,7 @@ int MAIN(int argc, char **argv)
|
||||
p8 = NULL;
|
||||
if (name) PKCS12_add_friendlyname (bag, name, -1);
|
||||
PKCS12_add_localkeyid (bag, keyid, keyidlen);
|
||||
bags = sk_PKCS12_SAFEBAG_new_null();
|
||||
bags = sk_PKCS12_SAFEBAG_new(NULL);
|
||||
sk_PKCS12_SAFEBAG_push (bags, bag);
|
||||
|
||||
#ifdef CRYPTO_MDEBUG
|
||||
@@ -687,7 +657,7 @@ int MAIN(int argc, char **argv)
|
||||
CRYPTO_remove_all_info();
|
||||
#endif
|
||||
BIO_free(in);
|
||||
BIO_free_all(out);
|
||||
BIO_free(out);
|
||||
if (canames) sk_free(canames);
|
||||
if(passin) OPENSSL_free(passin);
|
||||
if(passout) OPENSSL_free(passout);
|
||||
@@ -772,10 +742,7 @@ int dump_certs_pkeys_bag (BIO *out, PKCS12_SAFEBAG *bag, char *pass,
|
||||
print_attribs (out, bag->attrib, "Bag Attributes");
|
||||
if (!(p8 = M_PKCS12_decrypt_skey (bag, pass, passlen)))
|
||||
return 0;
|
||||
if (!(pkey = EVP_PKCS82PKEY (p8))) {
|
||||
PKCS8_PRIV_KEY_INFO_free(p8);
|
||||
return 0;
|
||||
}
|
||||
if (!(pkey = EVP_PKCS82PKEY (p8))) return 0;
|
||||
print_attribs (out, p8->attributes, "Key Attributes");
|
||||
PKCS8_PRIV_KEY_INFO_free(p8);
|
||||
PEM_write_bio_PrivateKey (out, pkey, enc, NULL, 0, NULL, pempass);
|
||||
@@ -913,14 +880,14 @@ int print_attribs (BIO *out, STACK_OF(X509_ATTRIBUTE) *attrlst, char *name)
|
||||
break;
|
||||
|
||||
case V_ASN1_OCTET_STRING:
|
||||
hex_prin(out, av->value.octet_string->data,
|
||||
av->value.octet_string->length);
|
||||
hex_prin(out, av->value.bit_string->data,
|
||||
av->value.bit_string->length);
|
||||
BIO_printf(out, "\n");
|
||||
break;
|
||||
|
||||
case V_ASN1_BIT_STRING:
|
||||
hex_prin(out, av->value.bit_string->data,
|
||||
av->value.bit_string->length);
|
||||
hex_prin(out, av->value.octet_string->data,
|
||||
av->value.octet_string->length);
|
||||
BIO_printf(out, "\n");
|
||||
break;
|
||||
|
||||
|
||||
39
apps/pkcs7.c
39
apps/pkcs7.c
@@ -67,7 +67,6 @@
|
||||
#include <openssl/x509.h>
|
||||
#include <openssl/pkcs7.h>
|
||||
#include <openssl/pem.h>
|
||||
#include <openssl/engine.h>
|
||||
|
||||
#undef PROG
|
||||
#define PROG pkcs7_main
|
||||
@@ -83,15 +82,13 @@ int MAIN(int, char **);
|
||||
|
||||
int MAIN(int argc, char **argv)
|
||||
{
|
||||
ENGINE *e = NULL;
|
||||
PKCS7 *p7=NULL;
|
||||
int i,badops=0;
|
||||
BIO *in=NULL,*out=NULL;
|
||||
int informat,outformat;
|
||||
char *infile,*outfile,*prog;
|
||||
int print_certs=0,text=0,noout=0;
|
||||
int ret=1;
|
||||
char *engine=NULL;
|
||||
int ret=0;
|
||||
|
||||
apps_startup();
|
||||
|
||||
@@ -135,11 +132,6 @@ int MAIN(int argc, char **argv)
|
||||
text=1;
|
||||
else if (strcmp(*argv,"-print_certs") == 0)
|
||||
print_certs=1;
|
||||
else if (strcmp(*argv,"-engine") == 0)
|
||||
{
|
||||
if (--argc < 1) goto bad;
|
||||
engine= *(++argv);
|
||||
}
|
||||
else
|
||||
{
|
||||
BIO_printf(bio_err,"unknown option %s\n",*argv);
|
||||
@@ -162,30 +154,11 @@ bad:
|
||||
BIO_printf(bio_err," -print_certs print any certs or crl in the input\n");
|
||||
BIO_printf(bio_err," -text print full details of certificates\n");
|
||||
BIO_printf(bio_err," -noout don't output encoded data\n");
|
||||
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
|
||||
EXIT(1);
|
||||
}
|
||||
|
||||
ERR_load_crypto_strings();
|
||||
|
||||
if (engine != NULL)
|
||||
{
|
||||
if((e = ENGINE_by_id(engine)) == NULL)
|
||||
{
|
||||
BIO_printf(bio_err,"invalid engine \"%s\"\n",
|
||||
engine);
|
||||
goto end;
|
||||
}
|
||||
if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
|
||||
{
|
||||
BIO_printf(bio_err,"can't use that engine\n");
|
||||
goto end;
|
||||
}
|
||||
BIO_printf(bio_err,"engine \"%s\" set.\n", engine);
|
||||
/* Free our "structural" reference. */
|
||||
ENGINE_free(e);
|
||||
}
|
||||
|
||||
in=BIO_new(BIO_s_file());
|
||||
out=BIO_new(BIO_s_file());
|
||||
if ((in == NULL) || (out == NULL))
|
||||
@@ -223,15 +196,7 @@ bad:
|
||||
}
|
||||
|
||||
if (outfile == NULL)
|
||||
{
|
||||
BIO_set_fp(out,stdout,BIO_NOCLOSE);
|
||||
#ifdef VMS
|
||||
{
|
||||
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||
out = BIO_push(tmpbio, out);
|
||||
}
|
||||
#endif
|
||||
}
|
||||
else
|
||||
{
|
||||
if (BIO_write_filename(out,outfile) <= 0)
|
||||
@@ -315,6 +280,6 @@ bad:
|
||||
end:
|
||||
if (p7 != NULL) PKCS7_free(p7);
|
||||
if (in != NULL) BIO_free(in);
|
||||
if (out != NULL) BIO_free_all(out);
|
||||
if (out != NULL) BIO_free(out);
|
||||
EXIT(ret);
|
||||
}
|
||||
|
||||
45
apps/pkcs8.c
45
apps/pkcs8.c
@@ -62,7 +62,6 @@
|
||||
#include <openssl/err.h>
|
||||
#include <openssl/evp.h>
|
||||
#include <openssl/pkcs12.h>
|
||||
#include <openssl/engine.h>
|
||||
|
||||
#include "apps.h"
|
||||
#define PROG pkcs8_main
|
||||
@@ -71,7 +70,6 @@ int MAIN(int, char **);
|
||||
|
||||
int MAIN(int argc, char **argv)
|
||||
{
|
||||
ENGINE *e = NULL;
|
||||
char **args, *infile = NULL, *outfile = NULL;
|
||||
char *passargin = NULL, *passargout = NULL;
|
||||
BIO *in = NULL, *out = NULL;
|
||||
@@ -87,13 +85,9 @@ int MAIN(int argc, char **argv)
|
||||
EVP_PKEY *pkey;
|
||||
char pass[50], *passin = NULL, *passout = NULL, *p8pass = NULL;
|
||||
int badarg = 0;
|
||||
char *engine=NULL;
|
||||
|
||||
if (bio_err == NULL) bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);
|
||||
|
||||
informat=FORMAT_PEM;
|
||||
outformat=FORMAT_PEM;
|
||||
|
||||
ERR_load_crypto_strings();
|
||||
OpenSSL_add_all_algorithms();
|
||||
args = argv + 1;
|
||||
@@ -144,11 +138,6 @@ int MAIN(int argc, char **argv)
|
||||
if (!args[1]) goto bad;
|
||||
passargout= *(++args);
|
||||
}
|
||||
else if (strcmp(*args,"-engine") == 0)
|
||||
{
|
||||
if (!args[1]) goto bad;
|
||||
engine= *(++args);
|
||||
}
|
||||
else if (!strcmp (*args, "-in")) {
|
||||
if (args[1]) {
|
||||
args++;
|
||||
@@ -181,28 +170,9 @@ int MAIN(int argc, char **argv)
|
||||
BIO_printf(bio_err, "-nocrypt use or expect unencrypted private key\n");
|
||||
BIO_printf(bio_err, "-v2 alg use PKCS#5 v2.0 and cipher \"alg\"\n");
|
||||
BIO_printf(bio_err, "-v1 obj use PKCS#5 v1.5 and cipher \"alg\"\n");
|
||||
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
|
||||
return (1);
|
||||
}
|
||||
|
||||
if (engine != NULL)
|
||||
{
|
||||
if((e = ENGINE_by_id(engine)) == NULL)
|
||||
{
|
||||
BIO_printf(bio_err,"invalid engine \"%s\"\n",
|
||||
engine);
|
||||
return (1);
|
||||
}
|
||||
if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
|
||||
{
|
||||
BIO_printf(bio_err,"can't use that engine\n");
|
||||
return (1);
|
||||
}
|
||||
BIO_printf(bio_err,"engine \"%s\" set.\n", engine);
|
||||
/* Free our "structural" reference. */
|
||||
ENGINE_free(e);
|
||||
}
|
||||
|
||||
if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
|
||||
BIO_printf(bio_err, "Error getting passwords\n");
|
||||
return (1);
|
||||
@@ -224,15 +194,8 @@ int MAIN(int argc, char **argv)
|
||||
"Can't open output file %s\n", outfile);
|
||||
return (1);
|
||||
}
|
||||
} else {
|
||||
out = BIO_new_fp (stdout, BIO_NOCLOSE);
|
||||
#ifdef VMS
|
||||
{
|
||||
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||
out = BIO_push(tmpbio, out);
|
||||
}
|
||||
#endif
|
||||
}
|
||||
} else out = BIO_new_fp (stdout, BIO_NOCLOSE);
|
||||
|
||||
if (topk8) {
|
||||
if(informat == FORMAT_PEM)
|
||||
pkey = PEM_read_bio_PrivateKey(in, NULL, NULL, passin);
|
||||
@@ -290,7 +253,7 @@ int MAIN(int argc, char **argv)
|
||||
}
|
||||
PKCS8_PRIV_KEY_INFO_free (p8inf);
|
||||
EVP_PKEY_free(pkey);
|
||||
BIO_free_all(out);
|
||||
BIO_free(out);
|
||||
if(passin) OPENSSL_free(passin);
|
||||
if(passout) OPENSSL_free(passout);
|
||||
return (0);
|
||||
@@ -373,7 +336,7 @@ int MAIN(int argc, char **argv)
|
||||
}
|
||||
|
||||
EVP_PKEY_free(pkey);
|
||||
BIO_free_all(out);
|
||||
BIO_free(out);
|
||||
BIO_free(in);
|
||||
if(passin) OPENSSL_free(passin);
|
||||
if(passout) OPENSSL_free(passout);
|
||||
|
||||
43
apps/rand.c
43
apps/rand.c
@@ -9,7 +9,6 @@
|
||||
#include <openssl/bio.h>
|
||||
#include <openssl/err.h>
|
||||
#include <openssl/rand.h>
|
||||
#include <openssl/engine.h>
|
||||
|
||||
#undef PROG
|
||||
#define PROG rand_main
|
||||
@@ -24,7 +23,6 @@ int MAIN(int, char **);
|
||||
|
||||
int MAIN(int argc, char **argv)
|
||||
{
|
||||
ENGINE *e = NULL;
|
||||
int i, r, ret = 1;
|
||||
int badopt;
|
||||
char *outfile = NULL;
|
||||
@@ -32,7 +30,6 @@ int MAIN(int argc, char **argv)
|
||||
int base64 = 0;
|
||||
BIO *out = NULL;
|
||||
int num = -1;
|
||||
char *engine=NULL;
|
||||
|
||||
apps_startup();
|
||||
|
||||
@@ -51,13 +48,6 @@ int MAIN(int argc, char **argv)
|
||||
else
|
||||
badopt = 1;
|
||||
}
|
||||
if (strcmp(argv[i], "-engine") == 0)
|
||||
{
|
||||
if ((argv[i+1] != NULL) && (engine == NULL))
|
||||
engine = argv[++i];
|
||||
else
|
||||
badopt = 1;
|
||||
}
|
||||
else if (strcmp(argv[i], "-rand") == 0)
|
||||
{
|
||||
if ((argv[i+1] != NULL) && (inrand == NULL))
|
||||
@@ -94,31 +84,12 @@ int MAIN(int argc, char **argv)
|
||||
{
|
||||
BIO_printf(bio_err, "Usage: rand [options] num\n");
|
||||
BIO_printf(bio_err, "where options are\n");
|
||||
BIO_printf(bio_err, "-out file - write to file\n");
|
||||
BIO_printf(bio_err," -engine e - use engine e, possibly a hardware device.\n");
|
||||
BIO_printf(bio_err, "-rand file%cfile%c... - seed PRNG from files\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
|
||||
BIO_printf(bio_err, "-base64 - encode output\n");
|
||||
BIO_printf(bio_err, "-out file - write to file\n");
|
||||
BIO_printf(bio_err, "-rand file%cfile%c... - seed PRNG from files\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
|
||||
BIO_printf(bio_err, "-base64 - encode output\n");
|
||||
goto err;
|
||||
}
|
||||
|
||||
if (engine != NULL)
|
||||
{
|
||||
if((e = ENGINE_by_id(engine)) == NULL)
|
||||
{
|
||||
BIO_printf(bio_err,"invalid engine \"%s\"\n",
|
||||
engine);
|
||||
goto err;
|
||||
}
|
||||
if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
|
||||
{
|
||||
BIO_printf(bio_err,"can't use that engine\n");
|
||||
goto err;
|
||||
}
|
||||
BIO_printf(bio_err,"engine \"%s\" set.\n", engine);
|
||||
/* Free our "structural" reference. */
|
||||
ENGINE_free(e);
|
||||
}
|
||||
|
||||
app_RAND_load_file(NULL, bio_err, (inrand != NULL));
|
||||
if (inrand != NULL)
|
||||
BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
|
||||
@@ -130,15 +101,7 @@ int MAIN(int argc, char **argv)
|
||||
if (outfile != NULL)
|
||||
r = BIO_write_filename(out, outfile);
|
||||
else
|
||||
{
|
||||
r = BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT);
|
||||
#ifdef VMS
|
||||
{
|
||||
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||
out = BIO_push(tmpbio, out);
|
||||
}
|
||||
#endif
|
||||
}
|
||||
if (r <= 0)
|
||||
goto err;
|
||||
|
||||
|
||||
111
apps/req.c
111
apps/req.c
@@ -73,7 +73,6 @@
|
||||
#include <openssl/x509v3.h>
|
||||
#include <openssl/objects.h>
|
||||
#include <openssl/pem.h>
|
||||
#include <openssl/engine.h>
|
||||
|
||||
#define SECTION "req"
|
||||
|
||||
@@ -141,7 +140,6 @@ int MAIN(int, char **);
|
||||
|
||||
int MAIN(int argc, char **argv)
|
||||
{
|
||||
ENGINE *e = NULL;
|
||||
#ifndef NO_DSA
|
||||
DSA *dsa_params=NULL;
|
||||
#endif
|
||||
@@ -154,7 +152,6 @@ int MAIN(int argc, char **argv)
|
||||
int informat,outformat,verify=0,noout=0,text=0,keyform=FORMAT_PEM;
|
||||
int nodes=0,kludge=0,newhdr=0;
|
||||
char *infile,*outfile,*prog,*keyfile=NULL,*template=NULL,*keyout=NULL;
|
||||
char *engine=NULL;
|
||||
char *extensions = NULL;
|
||||
char *req_exts = NULL;
|
||||
EVP_CIPHER *cipher=NULL;
|
||||
@@ -198,11 +195,6 @@ int MAIN(int argc, char **argv)
|
||||
if (--argc < 1) goto bad;
|
||||
outformat=str2fmt(*(++argv));
|
||||
}
|
||||
else if (strcmp(*argv,"-engine") == 0)
|
||||
{
|
||||
if (--argc < 1) goto bad;
|
||||
engine= *(++argv);
|
||||
}
|
||||
else if (strcmp(*argv,"-key") == 0)
|
||||
{
|
||||
if (--argc < 1) goto bad;
|
||||
@@ -291,7 +283,7 @@ int MAIN(int argc, char **argv)
|
||||
goto end;
|
||||
}
|
||||
|
||||
if ((dtmp=X509_get_pubkey(xtmp)) == NULL) goto end;
|
||||
dtmp=X509_get_pubkey(xtmp);
|
||||
if (dtmp->type == EVP_PKEY_DSA)
|
||||
dsa_params=DSAparams_dup(dtmp->pkey.dsa);
|
||||
EVP_PKEY_free(dtmp);
|
||||
@@ -383,7 +375,6 @@ bad:
|
||||
BIO_printf(bio_err," -verify verify signature on REQ\n");
|
||||
BIO_printf(bio_err," -modulus RSA modulus\n");
|
||||
BIO_printf(bio_err," -nodes don't encrypt the output key\n");
|
||||
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
|
||||
BIO_printf(bio_err," -key file use the private key contained in file\n");
|
||||
BIO_printf(bio_err," -keyform arg key file format\n");
|
||||
BIO_printf(bio_err," -keyout arg file to send the key to\n");
|
||||
@@ -392,7 +383,8 @@ bad:
|
||||
BIO_printf(bio_err," the random number generator\n");
|
||||
BIO_printf(bio_err," -newkey rsa:bits generate a new RSA key of 'bits' in size\n");
|
||||
BIO_printf(bio_err," -newkey dsa:file generate a new DSA key, parameters taken from CA in 'file'\n");
|
||||
BIO_printf(bio_err," -[digest] Digest to sign with (md5, sha1, md2, mdc2, md4)\n");
|
||||
|
||||
BIO_printf(bio_err," -[digest] Digest to sign with (md5, sha1, md2, mdc2)\n");
|
||||
BIO_printf(bio_err," -config file request template file.\n");
|
||||
BIO_printf(bio_err," -new new request.\n");
|
||||
BIO_printf(bio_err," -x509 output a x509 structure instead of a cert. req.\n");
|
||||
@@ -530,55 +522,24 @@ bad:
|
||||
if ((in == NULL) || (out == NULL))
|
||||
goto end;
|
||||
|
||||
if (engine != NULL)
|
||||
{
|
||||
if((e = ENGINE_by_id(engine)) == NULL)
|
||||
{
|
||||
BIO_printf(bio_err,"invalid engine \"%s\"\n",
|
||||
engine);
|
||||
goto end;
|
||||
}
|
||||
if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
|
||||
{
|
||||
BIO_printf(bio_err,"can't use that engine\n");
|
||||
goto end;
|
||||
}
|
||||
BIO_printf(bio_err,"engine \"%s\" set.\n", engine);
|
||||
/* Free our "structural" reference. */
|
||||
ENGINE_free(e);
|
||||
}
|
||||
|
||||
if (keyfile != NULL)
|
||||
{
|
||||
if (keyform == FORMAT_ENGINE)
|
||||
if (BIO_read_filename(in,keyfile) <= 0)
|
||||
{
|
||||
if (!e)
|
||||
{
|
||||
BIO_printf(bio_err,"no engine specified\n");
|
||||
goto end;
|
||||
}
|
||||
pkey = ENGINE_load_private_key(e, keyfile, NULL);
|
||||
perror(keyfile);
|
||||
goto end;
|
||||
}
|
||||
|
||||
if (keyform == FORMAT_ASN1)
|
||||
pkey=d2i_PrivateKey_bio(in,NULL);
|
||||
else if (keyform == FORMAT_PEM)
|
||||
{
|
||||
pkey=PEM_read_bio_PrivateKey(in,NULL,NULL,passin);
|
||||
}
|
||||
else
|
||||
{
|
||||
if (BIO_read_filename(in,keyfile) <= 0)
|
||||
{
|
||||
perror(keyfile);
|
||||
goto end;
|
||||
}
|
||||
|
||||
if (keyform == FORMAT_ASN1)
|
||||
pkey=d2i_PrivateKey_bio(in,NULL);
|
||||
else if (keyform == FORMAT_PEM)
|
||||
{
|
||||
pkey=PEM_read_bio_PrivateKey(in,NULL,NULL,
|
||||
passin);
|
||||
}
|
||||
else
|
||||
{
|
||||
BIO_printf(bio_err,"bad input format specified for X509 request\n");
|
||||
goto end;
|
||||
}
|
||||
BIO_printf(bio_err,"bad input format specified for X509 request\n");
|
||||
goto end;
|
||||
}
|
||||
|
||||
if (pkey == NULL)
|
||||
@@ -648,12 +609,6 @@ bad:
|
||||
{
|
||||
BIO_printf(bio_err,"writing new private key to stdout\n");
|
||||
BIO_set_fp(out,stdout,BIO_NOCLOSE);
|
||||
#ifdef VMS
|
||||
{
|
||||
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||
out = BIO_push(tmpbio, out);
|
||||
}
|
||||
#endif
|
||||
}
|
||||
else
|
||||
{
|
||||
@@ -724,15 +679,16 @@ loop:
|
||||
|
||||
if (newreq || x509)
|
||||
{
|
||||
#ifndef NO_DSA
|
||||
if (pkey->type == EVP_PKEY_DSA)
|
||||
digest=EVP_dss1();
|
||||
#endif
|
||||
|
||||
if (pkey == NULL)
|
||||
{
|
||||
BIO_printf(bio_err,"you need to specify a private key\n");
|
||||
goto end;
|
||||
}
|
||||
#ifndef NO_DSA
|
||||
if (pkey->type == EVP_PKEY_DSA)
|
||||
digest=EVP_dss1();
|
||||
#endif
|
||||
if (req == NULL)
|
||||
{
|
||||
req=X509_REQ_new();
|
||||
@@ -758,14 +714,17 @@ loop:
|
||||
|
||||
/* Set version to V3 */
|
||||
if(!X509_set_version(x509ss, 2)) goto end;
|
||||
if (!ASN1_INTEGER_set(X509_get_serialNumber(x509ss),0L)) goto end;
|
||||
ASN1_INTEGER_set(X509_get_serialNumber(x509ss),0L);
|
||||
|
||||
if (!X509_set_issuer_name(x509ss, X509_REQ_get_subject_name(req))) goto end;
|
||||
if (!X509_gmtime_adj(X509_get_notBefore(x509ss),0)) goto end;
|
||||
if (!X509_gmtime_adj(X509_get_notAfter(x509ss), (long)60*60*24*days)) goto end;
|
||||
if (!X509_set_subject_name(x509ss, X509_REQ_get_subject_name(req))) goto end;
|
||||
X509_set_issuer_name(x509ss,
|
||||
X509_REQ_get_subject_name(req));
|
||||
X509_gmtime_adj(X509_get_notBefore(x509ss),0);
|
||||
X509_gmtime_adj(X509_get_notAfter(x509ss),
|
||||
(long)60*60*24*days);
|
||||
X509_set_subject_name(x509ss,
|
||||
X509_REQ_get_subject_name(req));
|
||||
tmppkey = X509_REQ_get_pubkey(req);
|
||||
if (!tmppkey || !X509_set_pubkey(x509ss,tmppkey)) goto end;
|
||||
X509_set_pubkey(x509ss,tmppkey);
|
||||
EVP_PKEY_free(tmppkey);
|
||||
|
||||
/* Set up V3 context struct */
|
||||
@@ -845,15 +804,7 @@ loop:
|
||||
}
|
||||
|
||||
if (outfile == NULL)
|
||||
{
|
||||
BIO_set_fp(out,stdout,BIO_NOCLOSE);
|
||||
#ifdef VMS
|
||||
{
|
||||
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||
out = BIO_push(tmpbio, out);
|
||||
}
|
||||
#endif
|
||||
}
|
||||
else
|
||||
{
|
||||
if ((keyout != NULL) && (strcmp(outfile,keyout) == 0))
|
||||
@@ -939,7 +890,7 @@ end:
|
||||
}
|
||||
if ((req_conf != NULL) && (req_conf != config)) CONF_free(req_conf);
|
||||
BIO_free(in);
|
||||
BIO_free_all(out);
|
||||
BIO_free(out);
|
||||
EVP_PKEY_free(pkey);
|
||||
X509_REQ_free(req);
|
||||
X509_free(x509ss);
|
||||
@@ -996,7 +947,7 @@ static int make_REQ(X509_REQ *req, EVP_PKEY *pkey, int attribs)
|
||||
else i = prompt_info(req, dn_sk, dn_sect, attr_sk, attr_sect, attribs);
|
||||
if(!i) goto err;
|
||||
|
||||
if (!X509_REQ_set_pubkey(req,pkey)) goto err;
|
||||
X509_REQ_set_pubkey(req,pkey);
|
||||
|
||||
ret=1;
|
||||
err:
|
||||
|
||||
37
apps/rsa.c
37
apps/rsa.c
@@ -68,7 +68,6 @@
|
||||
#include <openssl/evp.h>
|
||||
#include <openssl/x509.h>
|
||||
#include <openssl/pem.h>
|
||||
#include <openssl/engine.h>
|
||||
|
||||
#undef PROG
|
||||
#define PROG rsa_main
|
||||
@@ -91,7 +90,6 @@ int MAIN(int, char **);
|
||||
|
||||
int MAIN(int argc, char **argv)
|
||||
{
|
||||
ENGINE *eng = NULL;
|
||||
int ret=1;
|
||||
RSA *rsa=NULL;
|
||||
int i,badops=0, sgckey=0;
|
||||
@@ -102,7 +100,6 @@ int MAIN(int argc, char **argv)
|
||||
char *infile,*outfile,*prog;
|
||||
char *passargin = NULL, *passargout = NULL;
|
||||
char *passin = NULL, *passout = NULL;
|
||||
char *engine=NULL;
|
||||
int modulus=0;
|
||||
|
||||
apps_startup();
|
||||
@@ -151,11 +148,6 @@ int MAIN(int argc, char **argv)
|
||||
if (--argc < 1) goto bad;
|
||||
passargout= *(++argv);
|
||||
}
|
||||
else if (strcmp(*argv,"-engine") == 0)
|
||||
{
|
||||
if (--argc < 1) goto bad;
|
||||
engine= *(++argv);
|
||||
}
|
||||
else if (strcmp(*argv,"-sgckey") == 0)
|
||||
sgckey=1;
|
||||
else if (strcmp(*argv,"-pubin") == 0)
|
||||
@@ -203,30 +195,11 @@ bad:
|
||||
BIO_printf(bio_err," -check verify key consistency\n");
|
||||
BIO_printf(bio_err," -pubin expect a public key in input file\n");
|
||||
BIO_printf(bio_err," -pubout output a public key\n");
|
||||
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
|
||||
goto end;
|
||||
}
|
||||
|
||||
ERR_load_crypto_strings();
|
||||
|
||||
if (engine != NULL)
|
||||
{
|
||||
if((eng = ENGINE_by_id(engine)) == NULL)
|
||||
{
|
||||
BIO_printf(bio_err,"invalid engine \"%s\"\n",
|
||||
engine);
|
||||
goto end;
|
||||
}
|
||||
if(!ENGINE_set_default(eng, ENGINE_METHOD_ALL))
|
||||
{
|
||||
BIO_printf(bio_err,"can't use that engine\n");
|
||||
goto end;
|
||||
}
|
||||
BIO_printf(bio_err,"engine \"%s\" set.\n", engine);
|
||||
/* Free our "structural" reference. */
|
||||
ENGINE_free(eng);
|
||||
}
|
||||
|
||||
if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
|
||||
BIO_printf(bio_err, "Error getting passwords\n");
|
||||
goto end;
|
||||
@@ -305,15 +278,7 @@ bad:
|
||||
}
|
||||
|
||||
if (outfile == NULL)
|
||||
{
|
||||
BIO_set_fp(out,stdout,BIO_NOCLOSE);
|
||||
#ifdef VMS
|
||||
{
|
||||
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||
out = BIO_push(tmpbio, out);
|
||||
}
|
||||
#endif
|
||||
}
|
||||
else
|
||||
{
|
||||
if (BIO_write_filename(out,outfile) <= 0)
|
||||
@@ -412,7 +377,7 @@ bad:
|
||||
ret=0;
|
||||
end:
|
||||
if(in != NULL) BIO_free(in);
|
||||
if(out != NULL) BIO_free_all(out);
|
||||
if(out != NULL) BIO_free(out);
|
||||
if(rsa != NULL) RSA_free(rsa);
|
||||
if(passin) OPENSSL_free(passin);
|
||||
if(passout) OPENSSL_free(passout);
|
||||
|
||||
@@ -55,14 +55,10 @@
|
||||
* Hudson (tjh@cryptsoft.com).
|
||||
*
|
||||
*/
|
||||
|
||||
#ifndef NO_RSA
|
||||
|
||||
#include "apps.h"
|
||||
#include <string.h>
|
||||
#include <openssl/err.h>
|
||||
#include <openssl/pem.h>
|
||||
#include <openssl/engine.h>
|
||||
|
||||
#define RSA_SIGN 1
|
||||
#define RSA_VERIFY 2
|
||||
@@ -83,7 +79,6 @@ int MAIN(int argc, char **);
|
||||
|
||||
int MAIN(int argc, char **argv)
|
||||
{
|
||||
ENGINE *e = NULL;
|
||||
BIO *in = NULL, *out = NULL;
|
||||
char *infile = NULL, *outfile = NULL;
|
||||
char *keyfile = NULL;
|
||||
@@ -97,7 +92,6 @@ int MAIN(int argc, char **argv)
|
||||
unsigned char *rsa_in = NULL, *rsa_out = NULL, pad;
|
||||
int rsa_inlen, rsa_outlen = 0;
|
||||
int keysize;
|
||||
char *engine=NULL;
|
||||
|
||||
int ret = 1;
|
||||
|
||||
@@ -120,9 +114,6 @@ int MAIN(int argc, char **argv)
|
||||
} else if(!strcmp(*argv, "-inkey")) {
|
||||
if (--argc < 1) badarg = 1;
|
||||
keyfile = *(++argv);
|
||||
} else if(!strcmp(*argv, "-engine")) {
|
||||
if (--argc < 1) badarg = 1;
|
||||
engine = *(++argv);
|
||||
} else if(!strcmp(*argv, "-pubin")) {
|
||||
key_type = KEY_PUBKEY;
|
||||
} else if(!strcmp(*argv, "-certin")) {
|
||||
@@ -157,24 +148,6 @@ int MAIN(int argc, char **argv)
|
||||
goto end;
|
||||
}
|
||||
|
||||
if (engine != NULL)
|
||||
{
|
||||
if((e = ENGINE_by_id(engine)) == NULL)
|
||||
{
|
||||
BIO_printf(bio_err,"invalid engine \"%s\"\n",
|
||||
engine);
|
||||
goto end;
|
||||
}
|
||||
if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
|
||||
{
|
||||
BIO_printf(bio_err,"can't use that engine\n");
|
||||
goto end;
|
||||
}
|
||||
BIO_printf(bio_err,"engine \"%s\" set.\n", engine);
|
||||
/* Free our "structural" reference. */
|
||||
ENGINE_free(e);
|
||||
}
|
||||
|
||||
/* FIXME: seed PRNG only if needed */
|
||||
app_RAND_load_file(NULL, bio_err, 0);
|
||||
|
||||
@@ -225,15 +198,7 @@ int MAIN(int argc, char **argv)
|
||||
ERR_print_errors(bio_err);
|
||||
goto end;
|
||||
}
|
||||
} else {
|
||||
out = BIO_new_fp(stdout, BIO_NOCLOSE);
|
||||
#ifdef VMS
|
||||
{
|
||||
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||
out = BIO_push(tmpbio, out);
|
||||
}
|
||||
#endif
|
||||
}
|
||||
} else out = BIO_new_fp(stdout, BIO_NOCLOSE);
|
||||
|
||||
keysize = RSA_size(rsa);
|
||||
|
||||
@@ -290,7 +255,7 @@ int MAIN(int argc, char **argv)
|
||||
end:
|
||||
RSA_free(rsa);
|
||||
BIO_free(in);
|
||||
BIO_free_all(out);
|
||||
BIO_free(out);
|
||||
if(rsa_in) OPENSSL_free(rsa_in);
|
||||
if(rsa_out) OPENSSL_free(rsa_out);
|
||||
return ret;
|
||||
@@ -304,7 +269,6 @@ static void usage()
|
||||
BIO_printf(bio_err, "-inkey file input key\n");
|
||||
BIO_printf(bio_err, "-pubin input is an RSA public\n");
|
||||
BIO_printf(bio_err, "-certin input is a certificate carrying an RSA public key\n");
|
||||
BIO_printf(bio_err, "-engine e use engine e, possibly a hardware device.\n");
|
||||
BIO_printf(bio_err, "-ssl use SSL v2 padding\n");
|
||||
BIO_printf(bio_err, "-raw use no padding\n");
|
||||
BIO_printf(bio_err, "-pkcs use PKCS#1 v1.5 padding (default)\n");
|
||||
@@ -316,4 +280,3 @@ static void usage()
|
||||
BIO_printf(bio_err, "-hexdump hex dump output\n");
|
||||
}
|
||||
|
||||
#endif
|
||||
|
||||
@@ -79,8 +79,6 @@ typedef unsigned int u_int;
|
||||
#include <openssl/ssl.h>
|
||||
#include <openssl/err.h>
|
||||
#include <openssl/pem.h>
|
||||
#include <openssl/rand.h>
|
||||
#include <openssl/engine.h>
|
||||
#include "s_apps.h"
|
||||
|
||||
#ifdef WINDOWS
|
||||
@@ -154,8 +152,7 @@ static void sc_usage(void)
|
||||
BIO_printf(bio_err," -bugs - Switch on all SSL implementation bug workarounds\n");
|
||||
BIO_printf(bio_err," -cipher - preferred cipher to use, use the 'openssl ciphers'\n");
|
||||
BIO_printf(bio_err," command to see what is available\n");
|
||||
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
|
||||
BIO_printf(bio_err," -engine id - Initialise and use the specified engine\n");
|
||||
|
||||
}
|
||||
|
||||
int MAIN(int, char **);
|
||||
@@ -182,9 +179,6 @@ int MAIN(int argc, char **argv)
|
||||
int prexit = 0;
|
||||
SSL_METHOD *meth=NULL;
|
||||
BIO *sbio;
|
||||
char *inrand=NULL;
|
||||
char *engine_id=NULL;
|
||||
ENGINE *e=NULL;
|
||||
#ifdef WINDOWS
|
||||
struct timeval tv;
|
||||
#endif
|
||||
@@ -322,16 +316,6 @@ int MAIN(int argc, char **argv)
|
||||
else if (strcmp(*argv,"-nbio") == 0)
|
||||
{ c_nbio=1; }
|
||||
#endif
|
||||
else if (strcmp(*argv,"-rand") == 0)
|
||||
{
|
||||
if (--argc < 1) goto bad;
|
||||
inrand= *(++argv);
|
||||
}
|
||||
else if (strcmp(*argv,"-engine") == 0)
|
||||
{
|
||||
if (--argc < 1) goto bad;
|
||||
engine_id = *(++argv);
|
||||
}
|
||||
else
|
||||
{
|
||||
BIO_printf(bio_err,"unknown option %s\n",*argv);
|
||||
@@ -348,14 +332,7 @@ bad:
|
||||
goto end;
|
||||
}
|
||||
|
||||
if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL
|
||||
&& !RAND_status())
|
||||
{
|
||||
BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
|
||||
}
|
||||
if (inrand != NULL)
|
||||
BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
|
||||
app_RAND_load_files(inrand));
|
||||
app_RAND_load_file(NULL, bio_err, 0);
|
||||
|
||||
if (bio_c_out == NULL)
|
||||
{
|
||||
@@ -372,30 +349,6 @@ bad:
|
||||
|
||||
OpenSSL_add_ssl_algorithms();
|
||||
SSL_load_error_strings();
|
||||
|
||||
if (engine_id != NULL)
|
||||
{
|
||||
if((e = ENGINE_by_id(engine_id)) == NULL)
|
||||
{
|
||||
BIO_printf(bio_err,"invalid engine\n");
|
||||
ERR_print_errors(bio_err);
|
||||
goto end;
|
||||
}
|
||||
if (c_debug)
|
||||
{
|
||||
ENGINE_ctrl(e, ENGINE_CTRL_SET_LOGSTREAM,
|
||||
0, bio_err, 0);
|
||||
}
|
||||
if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
|
||||
{
|
||||
BIO_printf(bio_err,"can't use that engine\n");
|
||||
ERR_print_errors(bio_err);
|
||||
goto end;
|
||||
}
|
||||
BIO_printf(bio_err,"engine \"%s\" set.\n", engine_id);
|
||||
ENGINE_free(e);
|
||||
}
|
||||
|
||||
ctx=SSL_CTX_new(meth);
|
||||
if (ctx == NULL)
|
||||
{
|
||||
@@ -928,7 +881,5 @@ static void print_stuff(BIO *bio, SSL *s, int full)
|
||||
BIO_printf(bio,"---\n");
|
||||
if (peer != NULL)
|
||||
X509_free(peer);
|
||||
/* flush, or debugging output gets mixed with http response */
|
||||
BIO_flush(bio);
|
||||
}
|
||||
|
||||
|
||||
@@ -83,8 +83,6 @@ typedef unsigned int u_int;
|
||||
#include <openssl/pem.h>
|
||||
#include <openssl/x509.h>
|
||||
#include <openssl/ssl.h>
|
||||
#include <openssl/rand.h>
|
||||
#include <openssl/engine.h>
|
||||
#include "s_apps.h"
|
||||
|
||||
#ifdef WINDOWS
|
||||
@@ -178,7 +176,6 @@ static int s_debug=0;
|
||||
static int s_quiet=0;
|
||||
|
||||
static int hack=0;
|
||||
static char *engine_id=NULL;
|
||||
|
||||
#ifdef MONOLITH
|
||||
static void s_server_init(void)
|
||||
@@ -201,7 +198,6 @@ static void s_server_init(void)
|
||||
s_debug=0;
|
||||
s_quiet=0;
|
||||
hack=0;
|
||||
engine_id=NULL;
|
||||
}
|
||||
#endif
|
||||
|
||||
@@ -246,8 +242,6 @@ static void sv_usage(void)
|
||||
BIO_printf(bio_err," -bugs - Turn on SSL bug compatibility\n");
|
||||
BIO_printf(bio_err," -www - Respond to a 'GET /' with a status page\n");
|
||||
BIO_printf(bio_err," -WWW - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n");
|
||||
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
|
||||
BIO_printf(bio_err," -engine id - Initialise and use the specified engine\n");
|
||||
}
|
||||
|
||||
static int local_argc=0;
|
||||
@@ -417,9 +411,6 @@ int MAIN(int argc, char *argv[])
|
||||
int no_tmp_rsa=0,no_dhe=0,nocert=0;
|
||||
int state=0;
|
||||
SSL_METHOD *meth=NULL;
|
||||
char *inrand=NULL;
|
||||
char *engine=NULL;
|
||||
ENGINE *e=NULL;
|
||||
#ifndef NO_DH
|
||||
DH *dh=NULL;
|
||||
#endif
|
||||
@@ -574,16 +565,6 @@ int MAIN(int argc, char *argv[])
|
||||
else if (strcmp(*argv,"-tls1") == 0)
|
||||
{ meth=TLSv1_server_method(); }
|
||||
#endif
|
||||
else if (strcmp(*argv,"-rand") == 0)
|
||||
{
|
||||
if (--argc < 1) goto bad;
|
||||
inrand= *(++argv);
|
||||
}
|
||||
else if (strcmp(*argv,"-engine") == 0)
|
||||
{
|
||||
if (--argc < 1) goto bad;
|
||||
engine = *(++argv);
|
||||
}
|
||||
else
|
||||
{
|
||||
BIO_printf(bio_err,"unknown option %s\n",*argv);
|
||||
@@ -600,14 +581,7 @@ bad:
|
||||
goto end;
|
||||
}
|
||||
|
||||
if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL
|
||||
&& !RAND_status())
|
||||
{
|
||||
BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
|
||||
}
|
||||
if (inrand != NULL)
|
||||
BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
|
||||
app_RAND_load_files(inrand));
|
||||
app_RAND_load_file(NULL, bio_err, 0);
|
||||
|
||||
if (bio_s_out == NULL)
|
||||
{
|
||||
@@ -635,29 +609,6 @@ bad:
|
||||
SSL_load_error_strings();
|
||||
OpenSSL_add_ssl_algorithms();
|
||||
|
||||
if (engine != NULL)
|
||||
{
|
||||
if((e = ENGINE_by_id(engine)) == NULL)
|
||||
{
|
||||
BIO_printf(bio_err,"invalid engine\n");
|
||||
ERR_print_errors(bio_err);
|
||||
goto end;
|
||||
}
|
||||
if (s_debug)
|
||||
{
|
||||
ENGINE_ctrl(e, ENGINE_CTRL_SET_LOGSTREAM,
|
||||
0, bio_err, 0);
|
||||
}
|
||||
if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
|
||||
{
|
||||
BIO_printf(bio_err,"can't use that engine\n");
|
||||
ERR_print_errors(bio_err);
|
||||
goto end;
|
||||
}
|
||||
BIO_printf(bio_err,"engine \"%s\" set.\n", engine);
|
||||
ENGINE_free(e);
|
||||
}
|
||||
|
||||
ctx=SSL_CTX_new(meth);
|
||||
if (ctx == NULL)
|
||||
{
|
||||
@@ -725,8 +676,7 @@ bad:
|
||||
|
||||
#ifndef NO_RSA
|
||||
#if 1
|
||||
if (!no_tmp_rsa)
|
||||
SSL_CTX_set_tmp_rsa_callback(ctx,tmp_rsa_cb);
|
||||
SSL_CTX_set_tmp_rsa_callback(ctx,tmp_rsa_cb);
|
||||
#else
|
||||
if (!no_tmp_rsa && SSL_CTX_need_tmp_RSA(ctx))
|
||||
{
|
||||
@@ -1386,29 +1336,15 @@ static int www_body(char *hostname, int s, unsigned char *context)
|
||||
|
||||
/* skip the '/' */
|
||||
p= &(buf[5]);
|
||||
|
||||
dot = 1;
|
||||
dot=0;
|
||||
for (e=p; *e != '\0'; e++)
|
||||
{
|
||||
if (e[0] == ' ')
|
||||
break;
|
||||
|
||||
switch (dot)
|
||||
{
|
||||
case 1:
|
||||
dot = (e[0] == '.') ? 2 : 0;
|
||||
break;
|
||||
case 2:
|
||||
dot = (e[0] == '.') ? 3 : 0;
|
||||
break;
|
||||
case 3:
|
||||
dot = (e[0] == '/') ? -1 : 0;
|
||||
break;
|
||||
}
|
||||
if (dot == 0)
|
||||
dot = (e[0] == '/') ? 1 : 0;
|
||||
if (e[0] == ' ') break;
|
||||
if ( (e[0] == '.') &&
|
||||
(strncmp(&(e[-1]),"/../",4) == 0))
|
||||
dot=1;
|
||||
}
|
||||
dot = (dot == 3) || (dot == -1); /* filename contains ".." component */
|
||||
|
||||
|
||||
if (*e == '\0')
|
||||
{
|
||||
@@ -1432,11 +1368,9 @@ static int www_body(char *hostname, int s, unsigned char *context)
|
||||
break;
|
||||
}
|
||||
|
||||
#if 0
|
||||
/* append if a directory lookup */
|
||||
if (e[-1] == '/')
|
||||
strcat(p,"index.html");
|
||||
#endif
|
||||
|
||||
/* if a directory, do the index thang */
|
||||
if (stat(p,&st_buf) < 0)
|
||||
@@ -1448,13 +1382,7 @@ static int www_body(char *hostname, int s, unsigned char *context)
|
||||
}
|
||||
if (S_ISDIR(st_buf.st_mode))
|
||||
{
|
||||
#if 0 /* must check buffer size */
|
||||
strcat(p,"/index.html");
|
||||
#else
|
||||
BIO_puts(io,text);
|
||||
BIO_printf(io,"'%s' is a directory\r\n",p);
|
||||
break;
|
||||
#endif
|
||||
}
|
||||
|
||||
if ((file=BIO_new_file(p,"r")) == NULL)
|
||||
|
||||
@@ -209,11 +209,9 @@ static int init_client_ip(int *sock, unsigned char ip[4], int port)
|
||||
s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
|
||||
if (s == INVALID_SOCKET) { perror("socket"); return(0); }
|
||||
|
||||
#ifndef MPE
|
||||
i=0;
|
||||
i=setsockopt(s,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
|
||||
if (i < 0) { perror("keepalive"); return(0); }
|
||||
#endif
|
||||
|
||||
if (connect(s,(struct sockaddr *)&them,sizeof(them)) == -1)
|
||||
{ close(s); perror("connect"); return(0); }
|
||||
|
||||
@@ -82,7 +82,7 @@
|
||||
#include "wintext.h"
|
||||
#endif
|
||||
|
||||
#if !defined(MSDOS) && !defined(VXWORKS) && (!defined(VMS) || defined(__DECC)) || defined (_DARWIN)
|
||||
#if !defined(MSDOS) && (!defined(VMS) || defined(__DECC))
|
||||
#define TIMES
|
||||
#endif
|
||||
|
||||
@@ -102,7 +102,7 @@
|
||||
#undef TIMES
|
||||
#endif
|
||||
|
||||
#if !defined(TIMES) && !defined(VXWORKS)
|
||||
#ifndef TIMES
|
||||
#include <sys/timeb.h>
|
||||
#endif
|
||||
|
||||
@@ -139,8 +139,6 @@
|
||||
#undef BUFSIZZ
|
||||
#define BUFSIZZ 1024*10
|
||||
|
||||
#undef min
|
||||
#undef max
|
||||
#define min(a,b) (((a) < (b)) ? (a) : (b))
|
||||
#define max(a,b) (((a) > (b)) ? (a) : (b))
|
||||
|
||||
@@ -370,22 +368,6 @@ static double tm_Time_F(int s)
|
||||
ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
|
||||
return((ret == 0.0)?1e-6:ret);
|
||||
}
|
||||
#elif defined(VXWORKS)
|
||||
{
|
||||
static unsigned long tick_start, tick_end;
|
||||
|
||||
if( s == START )
|
||||
{
|
||||
tick_start = tickGet();
|
||||
return 0;
|
||||
}
|
||||
else
|
||||
{
|
||||
tick_end = tickGet();
|
||||
ret = (double)(tick_end - tick_start) / (double)sysClkRateGet();
|
||||
return((ret == 0.0)?1e-6:ret);
|
||||
}
|
||||
}
|
||||
#else /* !times() */
|
||||
static struct timeb tstart,tend;
|
||||
long i;
|
||||
|
||||
@@ -1,17 +1,17 @@
|
||||
issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
|
||||
subject= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Server test cert (512 bit)
|
||||
subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Server test cert (512 bit)
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIB6TCCAVICAQYwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV
|
||||
MIIB6TCCAVICAQQwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV
|
||||
BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYD
|
||||
VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNMDAxMDE2MjIzMTAzWhcNMDMwMTE0
|
||||
MjIzMTAzWjBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG
|
||||
VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNOTgwNjI5MjM1MjQwWhcNMDAwNjI4
|
||||
MjM1MjQwWjBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG
|
||||
A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxIzAhBgNVBAMTGlNlcnZlciB0ZXN0IGNl
|
||||
cnQgKDUxMiBiaXQpMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJ+zw4Qnlf8SMVIP
|
||||
Fe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVDTGiXav6ooKXfX3j/7tdkuD8Ey2//
|
||||
Kv7+ue0CAwEAATANBgkqhkiG9w0BAQQFAAOBgQCT0grFQeZaqYb5EYfk20XixZV4
|
||||
GmyAbXMftG1Eo7qGiMhYzRwGNWxEYojf5PZkYZXvSqZ/ZXHXa4g59jK/rJNnaVGM
|
||||
k+xIX8mxQvlV0n5O9PIha5BX5teZnkHKgL8aKKLKW1BK7YTngsfSzzaeame5iKfz
|
||||
itAE+OjGF+PFKbwX8Q==
|
||||
Kv7+ue0CAwEAATANBgkqhkiG9w0BAQQFAAOBgQCVvvfkGSe2GHgDFfmOua4Isjb9
|
||||
JVhImWMASiOClkZlMESDJjsszg/6+d/W+8TrbObhazpl95FivXBVucbj9dudh7AO
|
||||
IZu1h1MAPlyknc9Ud816vz3FejB4qqUoaXjnlkrIgEbr/un7jSS86WOe0hRhwHkJ
|
||||
FUGcPZf9ND22Etc+AQ==
|
||||
-----END CERTIFICATE-----
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIBPAIBAAJBAJ+zw4Qnlf8SMVIPFe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVD
|
||||
|
||||
@@ -206,15 +206,7 @@ bad:
|
||||
}
|
||||
|
||||
if (outfile == NULL)
|
||||
{
|
||||
BIO_set_fp(out,stdout,BIO_NOCLOSE);
|
||||
#ifdef VMS
|
||||
{
|
||||
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||
out = BIO_push(tmpbio, out);
|
||||
}
|
||||
#endif
|
||||
}
|
||||
else
|
||||
{
|
||||
if (BIO_write_filename(out,outfile) <= 0)
|
||||
@@ -270,7 +262,7 @@ bad:
|
||||
}
|
||||
ret=0;
|
||||
end:
|
||||
if (out != NULL) BIO_free_all(out);
|
||||
if (out != NULL) BIO_free(out);
|
||||
if (x != NULL) SSL_SESSION_free(x);
|
||||
EXIT(ret);
|
||||
}
|
||||
|
||||
51
apps/smime.c
51
apps/smime.c
@@ -64,7 +64,6 @@
|
||||
#include <openssl/crypto.h>
|
||||
#include <openssl/pem.h>
|
||||
#include <openssl/err.h>
|
||||
#include <openssl/engine.h>
|
||||
|
||||
#undef PROG
|
||||
#define PROG smime_main
|
||||
@@ -82,7 +81,6 @@ int MAIN(int, char **);
|
||||
|
||||
int MAIN(int argc, char **argv)
|
||||
{
|
||||
ENGINE *e = NULL;
|
||||
int operation = 0;
|
||||
int ret = 0;
|
||||
char **args;
|
||||
@@ -105,9 +103,8 @@ int MAIN(int argc, char **argv)
|
||||
char *inrand = NULL;
|
||||
int need_rand = 0;
|
||||
int informat = FORMAT_SMIME, outformat = FORMAT_SMIME;
|
||||
char *engine=NULL;
|
||||
|
||||
args = argv + 1;
|
||||
|
||||
ret = 1;
|
||||
|
||||
while (!badarg && *args && *args[0] == '-') {
|
||||
@@ -156,11 +153,6 @@ int MAIN(int argc, char **argv)
|
||||
inrand = *args;
|
||||
} else badarg = 1;
|
||||
need_rand = 1;
|
||||
} else if (!strcmp(*args,"-engine")) {
|
||||
if (args[1]) {
|
||||
args++;
|
||||
engine = *args;
|
||||
} else badarg = 1;
|
||||
} else if (!strcmp(*args,"-passin")) {
|
||||
if (args[1]) {
|
||||
args++;
|
||||
@@ -298,8 +290,6 @@ int MAIN(int argc, char **argv)
|
||||
BIO_printf (bio_err, "-text include or delete text MIME headers\n");
|
||||
BIO_printf (bio_err, "-CApath dir trusted certificates directory\n");
|
||||
BIO_printf (bio_err, "-CAfile file trusted certificates file\n");
|
||||
BIO_printf (bio_err, "-engine e use engine e, possibly a hardware device.\n");
|
||||
BIO_printf (bio_err, "-passin arg input file pass phrase source\n");
|
||||
BIO_printf(bio_err, "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
|
||||
BIO_printf(bio_err, " load the file (or the files in the directory) into\n");
|
||||
BIO_printf(bio_err, " the random number generator\n");
|
||||
@@ -307,24 +297,6 @@ int MAIN(int argc, char **argv)
|
||||
goto end;
|
||||
}
|
||||
|
||||
if (engine != NULL)
|
||||
{
|
||||
if((e = ENGINE_by_id(engine)) == NULL)
|
||||
{
|
||||
BIO_printf(bio_err,"invalid engine \"%s\"\n",
|
||||
engine);
|
||||
goto end;
|
||||
}
|
||||
if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
|
||||
{
|
||||
BIO_printf(bio_err,"can't use that engine\n");
|
||||
goto end;
|
||||
}
|
||||
BIO_printf(bio_err,"engine \"%s\" set.\n", engine);
|
||||
/* Free our "structural" reference. */
|
||||
ENGINE_free(e);
|
||||
}
|
||||
|
||||
if(!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
|
||||
BIO_printf(bio_err, "Error getting password\n");
|
||||
goto end;
|
||||
@@ -421,15 +393,7 @@ int MAIN(int argc, char **argv)
|
||||
"Can't open output file %s\n", outfile);
|
||||
goto end;
|
||||
}
|
||||
} else {
|
||||
out = BIO_new_fp(stdout, BIO_NOCLOSE);
|
||||
#ifdef VMS
|
||||
{
|
||||
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||
out = BIO_push(tmpbio, out);
|
||||
}
|
||||
#endif
|
||||
}
|
||||
} else out = BIO_new_fp(stdout, BIO_NOCLOSE);
|
||||
|
||||
if(operation == SMIME_VERIFY) {
|
||||
if(!(store = setup_verify(CAfile, CApath))) goto end;
|
||||
@@ -441,10 +405,7 @@ int MAIN(int argc, char **argv)
|
||||
p7 = PKCS7_encrypt(encerts, in, cipher, flags);
|
||||
} else if(operation == SMIME_SIGN) {
|
||||
p7 = PKCS7_sign(signer, key, other, in, flags);
|
||||
if (BIO_reset(in) != 0 && (flags & PKCS7_DETACHED)) {
|
||||
BIO_printf(bio_err, "Can't rewind input file\n");
|
||||
goto end;
|
||||
}
|
||||
BIO_reset(in);
|
||||
} else {
|
||||
if(informat == FORMAT_SMIME)
|
||||
p7 = SMIME_read_PKCS7(in, &indata);
|
||||
@@ -484,9 +445,9 @@ int MAIN(int argc, char **argv)
|
||||
} else if(operation == SMIME_VERIFY) {
|
||||
STACK_OF(X509) *signers;
|
||||
if(PKCS7_verify(p7, other, store, indata, out, flags)) {
|
||||
BIO_printf(bio_err, "Verification successful\n");
|
||||
BIO_printf(bio_err, "Verification Successful\n");
|
||||
} else {
|
||||
BIO_printf(bio_err, "Verification failure\n");
|
||||
BIO_printf(bio_err, "Verification Failure\n");
|
||||
goto end;
|
||||
}
|
||||
signers = PKCS7_get0_signers(p7, other, flags);
|
||||
@@ -529,7 +490,7 @@ end:
|
||||
PKCS7_free(p7);
|
||||
BIO_free(in);
|
||||
BIO_free(indata);
|
||||
BIO_free_all(out);
|
||||
BIO_free(out);
|
||||
if(passin) OPENSSL_free(passin);
|
||||
return (ret);
|
||||
}
|
||||
|
||||
253
apps/speed.c
253
apps/speed.c
@@ -81,14 +81,13 @@
|
||||
#include <openssl/crypto.h>
|
||||
#include <openssl/rand.h>
|
||||
#include <openssl/err.h>
|
||||
#include <openssl/engine.h>
|
||||
|
||||
#if defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__) || defined(_DARWIN)
|
||||
#if defined(__FreeBSD__)
|
||||
# define USE_TOD
|
||||
#elif !defined(MSDOS) && !defined(VXWORKS) && (!defined(VMS) || defined(__DECC))
|
||||
#elif !defined(MSDOS) && (!defined(VMS) || defined(__DECC))
|
||||
# define TIMES
|
||||
#endif
|
||||
#if !defined(_UNICOS) && !defined(__OpenBSD__) && !defined(sgi) && !defined(__FreeBSD__) && !(defined(__bsdi) || defined(__bsdi__)) && !defined(_AIX) && !defined(MPE) && !defined(__NetBSD__) && !defined(_DARWIN) && !defined(VXWORKS)
|
||||
#if !defined(_UNICOS)
|
||||
# define TIMEB
|
||||
#endif
|
||||
|
||||
@@ -116,7 +115,7 @@
|
||||
#include <sys/timeb.h>
|
||||
#endif
|
||||
|
||||
#if !defined(TIMES) && !defined(TIMEB) && !defined(USE_TOD) && !defined(VXWORKS)
|
||||
#if !defined(TIMES) && !defined(TIMEB)
|
||||
#error "It seems neither struct tms nor struct timeb is supported in this platform!"
|
||||
#endif
|
||||
|
||||
@@ -225,7 +224,7 @@ static double Time_F(int s, int usertime)
|
||||
|
||||
#ifdef USE_TOD
|
||||
if(usertime)
|
||||
{
|
||||
{
|
||||
static struct rusage tstart,tend;
|
||||
|
||||
if (s == START)
|
||||
@@ -285,23 +284,7 @@ static double Time_F(int s, int usertime)
|
||||
# if defined(TIMES) && defined(TIMEB)
|
||||
else
|
||||
# endif
|
||||
# ifdef VXWORKS
|
||||
{
|
||||
static unsigned long tick_start, tick_end;
|
||||
|
||||
if( s == START )
|
||||
{
|
||||
tick_start = tickGet();
|
||||
return 0;
|
||||
}
|
||||
else
|
||||
{
|
||||
tick_end = tickGet();
|
||||
ret = (double)(tick_end - tick_start) / (double)sysClkRateGet();
|
||||
return((ret < 0.001)?0.001:ret);
|
||||
}
|
||||
}
|
||||
# elif defined(TIMEB)
|
||||
# ifdef TIMEB
|
||||
{
|
||||
static struct timeb tstart,tend;
|
||||
long i;
|
||||
@@ -320,7 +303,6 @@ static double Time_F(int s, int usertime)
|
||||
}
|
||||
}
|
||||
# endif
|
||||
|
||||
#endif
|
||||
}
|
||||
|
||||
@@ -328,7 +310,6 @@ int MAIN(int, char **);
|
||||
|
||||
int MAIN(int argc, char **argv)
|
||||
{
|
||||
ENGINE *e;
|
||||
unsigned char *buf=NULL,*buf2=NULL;
|
||||
int mret=1;
|
||||
#define ALGOR_NUM 15
|
||||
@@ -337,9 +318,7 @@ int MAIN(int argc, char **argv)
|
||||
#define DSA_NUM 3
|
||||
long count,rsa_count;
|
||||
int i,j,k;
|
||||
#ifndef NO_RSA
|
||||
unsigned rsa_num;
|
||||
#endif
|
||||
unsigned rsa_num,rsa_num2;
|
||||
#ifndef NO_MD2
|
||||
unsigned char md2[MD2_DIGEST_LENGTH];
|
||||
#endif
|
||||
@@ -491,37 +470,6 @@ int MAIN(int argc, char **argv)
|
||||
{
|
||||
if ((argc > 0) && (strcmp(*argv,"-elapsed") == 0))
|
||||
usertime = 0;
|
||||
else
|
||||
if ((argc > 0) && (strcmp(*argv,"-engine") == 0))
|
||||
{
|
||||
argc--;
|
||||
argv++;
|
||||
if(argc == 0)
|
||||
{
|
||||
BIO_printf(bio_err,"no engine given\n");
|
||||
goto end;
|
||||
}
|
||||
if((e = ENGINE_by_id(*argv)) == NULL)
|
||||
{
|
||||
BIO_printf(bio_err,"invalid engine \"%s\"\n",
|
||||
*argv);
|
||||
goto end;
|
||||
}
|
||||
if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
|
||||
{
|
||||
BIO_printf(bio_err,"can't use that engine\n");
|
||||
goto end;
|
||||
}
|
||||
BIO_printf(bio_err,"engine \"%s\" set.\n", *argv);
|
||||
/* Free our "structural" reference. */
|
||||
ENGINE_free(e);
|
||||
/* It will be increased again further down. We just
|
||||
don't want speed to confuse an engine with an
|
||||
algorithm, especially when none is given (which
|
||||
means all of them should be run) */
|
||||
j--;
|
||||
}
|
||||
else
|
||||
#ifndef NO_MD2
|
||||
if (strcmp(*argv,"md2") == 0) doit[D_MD2]=1;
|
||||
else
|
||||
@@ -569,7 +517,7 @@ int MAIN(int argc, char **argv)
|
||||
#ifdef RSAref
|
||||
if (strcmp(*argv,"rsaref") == 0)
|
||||
{
|
||||
RSA_set_default_openssl_method(RSA_PKCS1_RSAref());
|
||||
RSA_set_default_method(RSA_PKCS1_RSAref());
|
||||
j--;
|
||||
}
|
||||
else
|
||||
@@ -577,7 +525,7 @@ int MAIN(int argc, char **argv)
|
||||
#ifndef RSA_NULL
|
||||
if (strcmp(*argv,"openssl") == 0)
|
||||
{
|
||||
RSA_set_default_openssl_method(RSA_PKCS1_SSLeay());
|
||||
RSA_set_default_method(RSA_PKCS1_SSLeay());
|
||||
j--;
|
||||
}
|
||||
else
|
||||
@@ -722,12 +670,11 @@ int MAIN(int argc, char **argv)
|
||||
BIO_printf(bio_err,"\n");
|
||||
#endif
|
||||
|
||||
#ifdef TIMES
|
||||
BIO_printf(bio_err,"\n");
|
||||
BIO_printf(bio_err,"Available options:\n");
|
||||
#ifdef TIMES
|
||||
BIO_printf(bio_err,"-elapsed measure time in real time instead of CPU user time.\n");
|
||||
#endif
|
||||
BIO_printf(bio_err,"-engine e use engine e, possibly a hardware device.\n");
|
||||
goto end;
|
||||
}
|
||||
argc--;
|
||||
@@ -884,7 +831,6 @@ int MAIN(int argc, char **argv)
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifndef NO_DSA
|
||||
dsa_c[R_DSA_512][0]=count/1000;
|
||||
dsa_c[R_DSA_512][1]=count/1000/2;
|
||||
for (i=1; i<DSA_NUM; i++)
|
||||
@@ -902,7 +848,6 @@ int MAIN(int argc, char **argv)
|
||||
}
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
#define COND(d) (count < (d))
|
||||
#define COUNT(d) (d)
|
||||
@@ -1188,73 +1133,49 @@ int MAIN(int argc, char **argv)
|
||||
int ret;
|
||||
if (!rsa_doit[j]) continue;
|
||||
ret=RSA_sign(NID_md5_sha1, buf,36, buf2, &rsa_num, rsa_key[j]);
|
||||
if (ret == 0)
|
||||
pkey_print_message("private","rsa",rsa_c[j][0],rsa_bits[j],
|
||||
RSA_SECONDS);
|
||||
/* RSA_blinding_on(rsa_key[j],NULL); */
|
||||
Time_F(START,usertime);
|
||||
for (count=0,run=1; COND(rsa_c[j][0]); count++)
|
||||
{
|
||||
BIO_printf(bio_err,"RSA sign failure. No RSA sign will be done.\n");
|
||||
ERR_print_errors(bio_err);
|
||||
rsa_count=1;
|
||||
}
|
||||
else
|
||||
{
|
||||
pkey_print_message("private","rsa",
|
||||
rsa_c[j][0],rsa_bits[j],
|
||||
RSA_SECONDS);
|
||||
/* RSA_blinding_on(rsa_key[j],NULL); */
|
||||
Time_F(START,usertime);
|
||||
for (count=0,run=1; COND(rsa_c[j][0]); count++)
|
||||
ret=RSA_sign(NID_md5_sha1, buf,36, buf2, &rsa_num,
|
||||
rsa_key[j]);
|
||||
if (ret <= 0)
|
||||
{
|
||||
ret=RSA_sign(NID_md5_sha1, buf,36, buf2,
|
||||
&rsa_num, rsa_key[j]);
|
||||
if (ret == 0)
|
||||
{
|
||||
BIO_printf(bio_err,
|
||||
"RSA sign failure\n");
|
||||
ERR_print_errors(bio_err);
|
||||
count=1;
|
||||
break;
|
||||
}
|
||||
BIO_printf(bio_err,"RSA private encrypt failure\n");
|
||||
ERR_print_errors(bio_err);
|
||||
count=1;
|
||||
break;
|
||||
}
|
||||
d=Time_F(STOP,usertime);
|
||||
BIO_printf(bio_err,
|
||||
"%ld %d bit private RSA's in %.2fs\n",
|
||||
count,rsa_bits[j],d);
|
||||
rsa_results[j][0]=d/(double)count;
|
||||
rsa_count=count;
|
||||
}
|
||||
d=Time_F(STOP,usertime);
|
||||
BIO_printf(bio_err,"%ld %d bit private RSA's in %.2fs\n",
|
||||
count,rsa_bits[j],d);
|
||||
rsa_results[j][0]=d/(double)count;
|
||||
rsa_count=count;
|
||||
|
||||
#if 1
|
||||
ret=RSA_verify(NID_md5_sha1, buf,36, buf2, rsa_num, rsa_key[j]);
|
||||
if (ret <= 0)
|
||||
pkey_print_message("public","rsa",rsa_c[j][1],rsa_bits[j],
|
||||
RSA_SECONDS);
|
||||
Time_F(START,usertime);
|
||||
for (count=0,run=1; COND(rsa_c[j][1]); count++)
|
||||
{
|
||||
BIO_printf(bio_err,"RSA verify failure. No RSA verify will be done.\n");
|
||||
ERR_print_errors(bio_err);
|
||||
rsa_doit[j] = 0;
|
||||
}
|
||||
else
|
||||
{
|
||||
pkey_print_message("public","rsa",
|
||||
rsa_c[j][1],rsa_bits[j],
|
||||
RSA_SECONDS);
|
||||
Time_F(START,usertime);
|
||||
for (count=0,run=1; COND(rsa_c[j][1]); count++)
|
||||
ret=RSA_verify(NID_md5_sha1, buf,36, buf2, rsa_num,
|
||||
rsa_key[j]);
|
||||
if (ret <= 0)
|
||||
{
|
||||
ret=RSA_verify(NID_md5_sha1, buf,36, buf2,
|
||||
rsa_num, rsa_key[j]);
|
||||
if (ret == 0)
|
||||
{
|
||||
BIO_printf(bio_err,
|
||||
"RSA verify failure\n");
|
||||
ERR_print_errors(bio_err);
|
||||
count=1;
|
||||
break;
|
||||
}
|
||||
BIO_printf(bio_err,"RSA verify failure\n");
|
||||
ERR_print_errors(bio_err);
|
||||
count=1;
|
||||
break;
|
||||
}
|
||||
d=Time_F(STOP,usertime);
|
||||
BIO_printf(bio_err,
|
||||
"%ld %d bit public RSA's in %.2fs\n",
|
||||
count,rsa_bits[j],d);
|
||||
rsa_results[j][1]=d/(double)count;
|
||||
}
|
||||
d=Time_F(STOP,usertime);
|
||||
BIO_printf(bio_err,"%ld %d bit public RSA's in %.2fs\n",
|
||||
count,rsa_bits[j],d);
|
||||
rsa_results[j][1]=d/(double)count;
|
||||
#endif
|
||||
|
||||
if (rsa_count <= 1)
|
||||
@@ -1276,77 +1197,54 @@ int MAIN(int argc, char **argv)
|
||||
for (j=0; j<DSA_NUM; j++)
|
||||
{
|
||||
unsigned int kk;
|
||||
int ret;
|
||||
|
||||
if (!dsa_doit[j]) continue;
|
||||
DSA_generate_key(dsa_key[j]);
|
||||
/* DSA_sign_setup(dsa_key[j],NULL); */
|
||||
ret=DSA_sign(EVP_PKEY_DSA,buf,20,buf2,
|
||||
rsa_num=DSA_sign(EVP_PKEY_DSA,buf,20,buf2,
|
||||
&kk,dsa_key[j]);
|
||||
if (ret == 0)
|
||||
pkey_print_message("sign","dsa",dsa_c[j][0],dsa_bits[j],
|
||||
DSA_SECONDS);
|
||||
Time_F(START,usertime);
|
||||
for (count=0,run=1; COND(dsa_c[j][0]); count++)
|
||||
{
|
||||
BIO_printf(bio_err,"DSA sign failure. No DSA sign will be done.\n");
|
||||
ERR_print_errors(bio_err);
|
||||
rsa_count=1;
|
||||
}
|
||||
else
|
||||
{
|
||||
pkey_print_message("sign","dsa",
|
||||
dsa_c[j][0],dsa_bits[j],
|
||||
DSA_SECONDS);
|
||||
Time_F(START,usertime);
|
||||
for (count=0,run=1; COND(dsa_c[j][0]); count++)
|
||||
rsa_num=DSA_sign(EVP_PKEY_DSA,buf,20,buf2,
|
||||
&kk,dsa_key[j]);
|
||||
if (rsa_num == 0)
|
||||
{
|
||||
ret=DSA_sign(EVP_PKEY_DSA,buf,20,buf2,
|
||||
&kk,dsa_key[j]);
|
||||
if (ret == 0)
|
||||
{
|
||||
BIO_printf(bio_err,
|
||||
"DSA sign failure\n");
|
||||
ERR_print_errors(bio_err);
|
||||
count=1;
|
||||
break;
|
||||
}
|
||||
BIO_printf(bio_err,"DSA sign failure\n");
|
||||
ERR_print_errors(bio_err);
|
||||
count=1;
|
||||
break;
|
||||
}
|
||||
d=Time_F(STOP,usertime);
|
||||
BIO_printf(bio_err,"%ld %d bit DSA signs in %.2fs\n",
|
||||
count,dsa_bits[j],d);
|
||||
dsa_results[j][0]=d/(double)count;
|
||||
rsa_count=count;
|
||||
}
|
||||
d=Time_F(STOP,usertime);
|
||||
BIO_printf(bio_err,"%ld %d bit DSA signs in %.2fs\n",
|
||||
count,dsa_bits[j],d);
|
||||
dsa_results[j][0]=d/(double)count;
|
||||
rsa_count=count;
|
||||
|
||||
ret=DSA_verify(EVP_PKEY_DSA,buf,20,buf2,
|
||||
rsa_num2=DSA_verify(EVP_PKEY_DSA,buf,20,buf2,
|
||||
kk,dsa_key[j]);
|
||||
if (ret <= 0)
|
||||
pkey_print_message("verify","dsa",dsa_c[j][1],dsa_bits[j],
|
||||
DSA_SECONDS);
|
||||
Time_F(START,usertime);
|
||||
for (count=0,run=1; COND(dsa_c[j][1]); count++)
|
||||
{
|
||||
BIO_printf(bio_err,"DSA verify failure. No DSA verify will be done.\n");
|
||||
ERR_print_errors(bio_err);
|
||||
dsa_doit[j] = 0;
|
||||
}
|
||||
else
|
||||
{
|
||||
pkey_print_message("verify","dsa",
|
||||
dsa_c[j][1],dsa_bits[j],
|
||||
DSA_SECONDS);
|
||||
Time_F(START,usertime);
|
||||
for (count=0,run=1; COND(dsa_c[j][1]); count++)
|
||||
rsa_num2=DSA_verify(EVP_PKEY_DSA,buf,20,buf2,
|
||||
kk,dsa_key[j]);
|
||||
if (rsa_num2 == 0)
|
||||
{
|
||||
ret=DSA_verify(EVP_PKEY_DSA,buf,20,buf2,
|
||||
kk,dsa_key[j]);
|
||||
if (ret <= 0)
|
||||
{
|
||||
BIO_printf(bio_err,
|
||||
"DSA verify failure\n");
|
||||
ERR_print_errors(bio_err);
|
||||
count=1;
|
||||
break;
|
||||
}
|
||||
BIO_printf(bio_err,"DSA verify failure\n");
|
||||
ERR_print_errors(bio_err);
|
||||
count=1;
|
||||
break;
|
||||
}
|
||||
d=Time_F(STOP,usertime);
|
||||
BIO_printf(bio_err,"%ld %d bit DSA verify in %.2fs\n",
|
||||
count,dsa_bits[j],d);
|
||||
dsa_results[j][1]=d/(double)count;
|
||||
}
|
||||
d=Time_F(STOP,usertime);
|
||||
BIO_printf(bio_err,"%ld %d bit DSA verify in %.2fs\n",
|
||||
count,dsa_bits[j],d);
|
||||
dsa_results[j][1]=d/(double)count;
|
||||
|
||||
if (rsa_count <= 1)
|
||||
{
|
||||
@@ -1434,7 +1332,6 @@ int MAIN(int argc, char **argv)
|
||||
#endif
|
||||
mret=0;
|
||||
end:
|
||||
ERR_print_errors(bio_err);
|
||||
if (buf != NULL) OPENSSL_free(buf);
|
||||
if (buf2 != NULL) OPENSSL_free(buf2);
|
||||
#ifndef NO_RSA
|
||||
|
||||
49
apps/spkac.c
49
apps/spkac.c
@@ -69,7 +69,6 @@
|
||||
#include <openssl/lhash.h>
|
||||
#include <openssl/x509.h>
|
||||
#include <openssl/pem.h>
|
||||
#include <openssl/engine.h>
|
||||
|
||||
#undef PROG
|
||||
#define PROG spkac_main
|
||||
@@ -82,7 +81,6 @@ int MAIN(int, char **);
|
||||
|
||||
int MAIN(int argc, char **argv)
|
||||
{
|
||||
ENGINE *e = NULL;
|
||||
int i,badops=0, ret = 1;
|
||||
BIO *in = NULL,*out = NULL, *key = NULL;
|
||||
int verify=0,noout=0,pubkey=0;
|
||||
@@ -93,7 +91,6 @@ int MAIN(int argc, char **argv)
|
||||
LHASH *conf = NULL;
|
||||
NETSCAPE_SPKI *spki = NULL;
|
||||
EVP_PKEY *pkey = NULL;
|
||||
char *engine=NULL;
|
||||
|
||||
apps_startup();
|
||||
|
||||
@@ -139,11 +136,6 @@ int MAIN(int argc, char **argv)
|
||||
if (--argc < 1) goto bad;
|
||||
spksect= *(++argv);
|
||||
}
|
||||
else if (strcmp(*argv,"-engine") == 0)
|
||||
{
|
||||
if (--argc < 1) goto bad;
|
||||
engine= *(++argv);
|
||||
}
|
||||
else if (strcmp(*argv,"-noout") == 0)
|
||||
noout=1;
|
||||
else if (strcmp(*argv,"-pubkey") == 0)
|
||||
@@ -169,7 +161,6 @@ bad:
|
||||
BIO_printf(bio_err," -noout don't print SPKAC\n");
|
||||
BIO_printf(bio_err," -pubkey output public key\n");
|
||||
BIO_printf(bio_err," -verify verify SPKAC signature\n");
|
||||
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
|
||||
goto end;
|
||||
}
|
||||
|
||||
@@ -179,24 +170,6 @@ bad:
|
||||
goto end;
|
||||
}
|
||||
|
||||
if (engine != NULL)
|
||||
{
|
||||
if((e = ENGINE_by_id(engine)) == NULL)
|
||||
{
|
||||
BIO_printf(bio_err,"invalid engine \"%s\"\n",
|
||||
engine);
|
||||
goto end;
|
||||
}
|
||||
if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
|
||||
{
|
||||
BIO_printf(bio_err,"can't use that engine\n");
|
||||
goto end;
|
||||
}
|
||||
BIO_printf(bio_err,"engine \"%s\" set.\n", engine);
|
||||
/* Free our "structural" reference. */
|
||||
ENGINE_free(e);
|
||||
}
|
||||
|
||||
if(keyfile) {
|
||||
if(strcmp(keyfile, "-")) key = BIO_new_file(keyfile, "r");
|
||||
else key = BIO_new_fp(stdin, BIO_NOCLOSE);
|
||||
@@ -219,15 +192,7 @@ bad:
|
||||
spkstr = NETSCAPE_SPKI_b64_encode(spki);
|
||||
|
||||
if (outfile) out = BIO_new_file(outfile, "w");
|
||||
else {
|
||||
out = BIO_new_fp(stdout, BIO_NOCLOSE);
|
||||
#ifdef VMS
|
||||
{
|
||||
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||
out = BIO_push(tmpbio, out);
|
||||
}
|
||||
#endif
|
||||
}
|
||||
else out = BIO_new_fp(stdout, BIO_NOCLOSE);
|
||||
|
||||
if(!out) {
|
||||
BIO_printf(bio_err, "Error opening output file\n");
|
||||
@@ -276,15 +241,7 @@ bad:
|
||||
}
|
||||
|
||||
if (outfile) out = BIO_new_file(outfile, "w");
|
||||
else {
|
||||
out = BIO_new_fp(stdout, BIO_NOCLOSE);
|
||||
#ifdef VMS
|
||||
{
|
||||
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||
out = BIO_push(tmpbio, out);
|
||||
}
|
||||
#endif
|
||||
}
|
||||
else out = BIO_new_fp(stdout, BIO_NOCLOSE);
|
||||
|
||||
if(!out) {
|
||||
BIO_printf(bio_err, "Error opening output file\n");
|
||||
@@ -311,7 +268,7 @@ end:
|
||||
CONF_free(conf);
|
||||
NETSCAPE_SPKI_free(spki);
|
||||
BIO_free(in);
|
||||
BIO_free_all(out);
|
||||
BIO_free(out);
|
||||
BIO_free(key);
|
||||
EVP_PKEY_free(pkey);
|
||||
if(passin) OPENSSL_free(passin);
|
||||
|
||||
@@ -65,7 +65,6 @@
|
||||
#include <openssl/x509.h>
|
||||
#include <openssl/x509v3.h>
|
||||
#include <openssl/pem.h>
|
||||
#include <openssl/engine.h>
|
||||
|
||||
#undef PROG
|
||||
#define PROG verify_main
|
||||
@@ -79,7 +78,6 @@ int MAIN(int, char **);
|
||||
|
||||
int MAIN(int argc, char **argv)
|
||||
{
|
||||
ENGINE *e = NULL;
|
||||
int i,ret=1;
|
||||
int purpose = -1;
|
||||
char *CApath=NULL,*CAfile=NULL;
|
||||
@@ -87,7 +85,6 @@ int MAIN(int argc, char **argv)
|
||||
STACK_OF(X509) *untrusted = NULL, *trusted = NULL;
|
||||
X509_STORE *cert_ctx=NULL;
|
||||
X509_LOOKUP *lookup=NULL;
|
||||
char *engine=NULL;
|
||||
|
||||
cert_ctx=X509_STORE_new();
|
||||
if (cert_ctx == NULL) goto end;
|
||||
@@ -140,11 +137,6 @@ int MAIN(int argc, char **argv)
|
||||
if (argc-- < 1) goto end;
|
||||
trustfile= *(++argv);
|
||||
}
|
||||
else if (strcmp(*argv,"-engine") == 0)
|
||||
{
|
||||
if (--argc < 1) goto end;
|
||||
engine= *(++argv);
|
||||
}
|
||||
else if (strcmp(*argv,"-help") == 0)
|
||||
goto end;
|
||||
else if (strcmp(*argv,"-issuer_checks") == 0)
|
||||
@@ -162,24 +154,6 @@ int MAIN(int argc, char **argv)
|
||||
break;
|
||||
}
|
||||
|
||||
if (engine != NULL)
|
||||
{
|
||||
if((e = ENGINE_by_id(engine)) == NULL)
|
||||
{
|
||||
BIO_printf(bio_err,"invalid engine \"%s\"\n",
|
||||
engine);
|
||||
goto end;
|
||||
}
|
||||
if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
|
||||
{
|
||||
BIO_printf(bio_err,"can't use that engine\n");
|
||||
goto end;
|
||||
}
|
||||
BIO_printf(bio_err,"engine \"%s\" set.\n", engine);
|
||||
/* Free our "structural" reference. */
|
||||
ENGINE_free(e);
|
||||
}
|
||||
|
||||
lookup=X509_STORE_add_lookup(cert_ctx,X509_LOOKUP_file());
|
||||
if (lookup == NULL) abort();
|
||||
if (CAfile) {
|
||||
@@ -227,7 +201,7 @@ int MAIN(int argc, char **argv)
|
||||
ret=0;
|
||||
end:
|
||||
if (ret == 1) {
|
||||
BIO_printf(bio_err,"usage: verify [-verbose] [-CApath path] [-CAfile file] [-purpose purpose] [-engine e] cert1 cert2 ...\n");
|
||||
BIO_printf(bio_err,"usage: verify [-verbose] [-CApath path] [-CAfile file] [-purpose purpose] cert1 cert2 ...\n");
|
||||
BIO_printf(bio_err,"recognized usages:\n");
|
||||
for(i = 0; i < X509_PURPOSE_get_count(); i++) {
|
||||
X509_PURPOSE *ptmp;
|
||||
|
||||
49
apps/x509.c
49
apps/x509.c
@@ -73,7 +73,6 @@
|
||||
#include <openssl/x509v3.h>
|
||||
#include <openssl/objects.h>
|
||||
#include <openssl/pem.h>
|
||||
#include <openssl/engine.h>
|
||||
|
||||
#undef PROG
|
||||
#define PROG x509_main
|
||||
@@ -130,7 +129,6 @@ static char *x509_usage[]={
|
||||
" -extensions - section from config file with X509V3 extensions to add\n",
|
||||
" -clrext - delete extensions before signing and input certificate\n",
|
||||
" -nameopt arg - various certificate name options\n",
|
||||
" -engine e - use engine e, possibly a hardware device.\n",
|
||||
NULL
|
||||
};
|
||||
|
||||
@@ -147,7 +145,6 @@ int MAIN(int, char **);
|
||||
|
||||
int MAIN(int argc, char **argv)
|
||||
{
|
||||
ENGINE *e = NULL;
|
||||
int ret=1;
|
||||
X509_REQ *req=NULL;
|
||||
X509 *x=NULL,*xca=NULL;
|
||||
@@ -178,7 +175,6 @@ int MAIN(int argc, char **argv)
|
||||
int need_rand = 0;
|
||||
int checkend=0,checkoffset=0;
|
||||
unsigned long nmflag = 0;
|
||||
char *engine=NULL;
|
||||
|
||||
reqfile=0;
|
||||
|
||||
@@ -187,12 +183,6 @@ int MAIN(int argc, char **argv)
|
||||
if (bio_err == NULL)
|
||||
bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
|
||||
STDout=BIO_new_fp(stdout,BIO_NOCLOSE);
|
||||
#ifdef VMS
|
||||
{
|
||||
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||
STDout = BIO_push(tmpbio, STDout);
|
||||
}
|
||||
#endif
|
||||
|
||||
informat=FORMAT_PEM;
|
||||
outformat=FORMAT_PEM;
|
||||
@@ -237,7 +227,7 @@ int MAIN(int argc, char **argv)
|
||||
else if (strcmp(*argv,"-CAkeyform") == 0)
|
||||
{
|
||||
if (--argc < 1) goto bad;
|
||||
CAkeyformat=str2fmt(*(++argv));
|
||||
CAformat=str2fmt(*(++argv));
|
||||
}
|
||||
else if (strcmp(*argv,"-days") == 0)
|
||||
{
|
||||
@@ -341,11 +331,6 @@ int MAIN(int argc, char **argv)
|
||||
alias= *(++argv);
|
||||
trustout = 1;
|
||||
}
|
||||
else if (strcmp(*argv,"-engine") == 0)
|
||||
{
|
||||
if (--argc < 1) goto bad;
|
||||
engine= *(++argv);
|
||||
}
|
||||
else if (strcmp(*argv,"-C") == 0)
|
||||
C= ++num;
|
||||
else if (strcmp(*argv,"-email") == 0)
|
||||
@@ -429,24 +414,6 @@ bad:
|
||||
goto end;
|
||||
}
|
||||
|
||||
if (engine != NULL)
|
||||
{
|
||||
if((e = ENGINE_by_id(engine)) == NULL)
|
||||
{
|
||||
BIO_printf(bio_err,"invalid engine \"%s\"\n",
|
||||
engine);
|
||||
goto end;
|
||||
}
|
||||
if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
|
||||
{
|
||||
BIO_printf(bio_err,"can't use that engine\n");
|
||||
goto end;
|
||||
}
|
||||
BIO_printf(bio_err,"engine \"%s\" set.\n", engine);
|
||||
/* Free our "structural" reference. */
|
||||
ENGINE_free(e);
|
||||
}
|
||||
|
||||
if (need_rand)
|
||||
app_RAND_load_file(NULL, bio_err, 0);
|
||||
|
||||
@@ -609,15 +576,7 @@ bad:
|
||||
goto end;
|
||||
}
|
||||
if (outfile == NULL)
|
||||
{
|
||||
BIO_set_fp(out,stdout,BIO_NOCLOSE);
|
||||
#ifdef VMS
|
||||
{
|
||||
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
|
||||
out = BIO_push(tmpbio, out);
|
||||
}
|
||||
#endif
|
||||
}
|
||||
else
|
||||
{
|
||||
if (BIO_write_filename(out,outfile) <= 0)
|
||||
@@ -894,10 +853,8 @@ bad:
|
||||
|
||||
BIO_printf(bio_err,"Generating certificate request\n");
|
||||
|
||||
#ifndef NO_DSA
|
||||
if (pk->type == EVP_PKEY_DSA)
|
||||
digest=EVP_dss1();
|
||||
#endif
|
||||
|
||||
rq=X509_to_X509_REQ(x,pk,digest);
|
||||
EVP_PKEY_free(pk);
|
||||
@@ -976,8 +933,8 @@ end:
|
||||
app_RAND_write_file(NULL, bio_err);
|
||||
OBJ_cleanup();
|
||||
CONF_free(extconf);
|
||||
BIO_free_all(out);
|
||||
BIO_free_all(STDout);
|
||||
BIO_free(out);
|
||||
BIO_free(STDout);
|
||||
X509_STORE_free(ctx);
|
||||
X509_REQ_free(req);
|
||||
X509_free(x);
|
||||
|
||||
230
config
230
config
@@ -49,18 +49,10 @@ if [ "x$XREL" != "x" ]; then
|
||||
echo "whatever-whatever-sco5"; exit 0
|
||||
;;
|
||||
4.2MP)
|
||||
if [ "x$VERSION" = "x2.01" ]; then
|
||||
echo "${MACHINE}-whatever-unixware201"; exit 0
|
||||
elif [ "x$VERSION" = "x2.02" ]; then
|
||||
echo "${MACHINE}-whatever-unixware202"; exit 0
|
||||
elif [ "x$VERSION" = "x2.03" ]; then
|
||||
echo "${MACHINE}-whatever-unixware203"; exit 0
|
||||
elif [ "x$VERSION" = "x2.1.1" ]; then
|
||||
if [ "x$VERSION" = "x2.1.1" ]; then
|
||||
echo "${MACHINE}-whatever-unixware211"; exit 0
|
||||
elif [ "x$VERSION" = "x2.1.2" ]; then
|
||||
echo "${MACHINE}-whatever-unixware212"; exit 0
|
||||
elif [ "x$VERSION" = "x2.1.3" ]; then
|
||||
echo "${MACHINE}-whatever-unixware213"; exit 0
|
||||
else
|
||||
echo "${MACHINE}-whatever-unixware2"; exit 0
|
||||
fi
|
||||
@@ -68,11 +60,6 @@ if [ "x$XREL" != "x" ]; then
|
||||
4.2)
|
||||
echo "whatever-whatever-unixware1"; exit 0
|
||||
;;
|
||||
OpenUNIX)
|
||||
if [ "`echo x$VERSION | sed -e 's/\..*//'`" = "x8" ]; then
|
||||
echo "${MACHINE}-unknown-OpenUNIX${VERSION}"; exit 0
|
||||
fi
|
||||
;;
|
||||
5)
|
||||
if [ "`echo x$VERSION | sed -e 's/\..*//'`" = "x7" ]; then
|
||||
echo "${MACHINE}-sco-unixware7"; exit 0
|
||||
@@ -84,22 +71,10 @@ fi
|
||||
# Now we simply scan though... In most cases, the SYSTEM info is enough
|
||||
#
|
||||
case "${SYSTEM}:${RELEASE}:${VERSION}:${MACHINE}" in
|
||||
MPE/iX:*)
|
||||
MACHINE=`echo "$MACHINE" | sed -e 's/-/_/g'`
|
||||
echo "parisc-hp-MPE/iX"; exit 0
|
||||
;;
|
||||
A/UX:*)
|
||||
echo "m68k-apple-aux3"; exit 0
|
||||
;;
|
||||
|
||||
AIX:[3456789]:4:*)
|
||||
echo "${MACHINE}-ibm-aix43"; exit 0
|
||||
;;
|
||||
|
||||
AIX:*:[56789]:*)
|
||||
echo "${MACHINE}-ibm-aix43"; exit 0
|
||||
;;
|
||||
|
||||
AIX:*)
|
||||
echo "${MACHINE}-ibm-aix"; exit 0
|
||||
;;
|
||||
@@ -189,7 +164,7 @@ case "${SYSTEM}:${RELEASE}:${VERSION}:${MACHINE}" in
|
||||
;;
|
||||
|
||||
NetBSD:*:*:*386*)
|
||||
echo "`(/usr/sbin/sysctl -n hw.model || /sbin/sysctl -n hw.model) | sed 's,.*\(.\)86-class.*,i\186,'`-whatever-netbsd"; exit 0
|
||||
echo "`/usr/sbin/sysctl -n hw.model | sed 's,.*\(.\)86-class.*,i\186,'`-whatever-netbsd"; exit 0
|
||||
;;
|
||||
|
||||
NetBSD:*)
|
||||
@@ -200,33 +175,15 @@ case "${SYSTEM}:${RELEASE}:${VERSION}:${MACHINE}" in
|
||||
echo "${MACHINE}-whatever-openbsd"; exit 0
|
||||
;;
|
||||
|
||||
OpenUNIX:*)
|
||||
echo "${MACHINE}-unknown-OpenUNIX${VERSION}"; exit 0
|
||||
;;
|
||||
|
||||
OSF1:*:*:*alpha*)
|
||||
OSFMAJOR=`echo ${RELEASE}| sed -e 's/^V\([0-9]*\)\..*$/\1/'`
|
||||
case "$OSFMAJOR" in
|
||||
4|5)
|
||||
echo "${MACHINE}-dec-tru64"; exit 0
|
||||
;;
|
||||
1|2|3)
|
||||
echo "${MACHINE}-dec-osf"; exit 0
|
||||
;;
|
||||
*)
|
||||
echo "${MACHINE}-dec-osf"; exit 0
|
||||
;;
|
||||
esac
|
||||
echo "${MACHINE}-dec-osf"; exit 0
|
||||
;;
|
||||
|
||||
QNX:*)
|
||||
case "$RELEASE" in
|
||||
case "$VERSION" in
|
||||
4*)
|
||||
echo "${MACHINE}-whatever-qnx4"
|
||||
;;
|
||||
6*)
|
||||
echo "${MACHINE}-whatever-qnx6"
|
||||
;;
|
||||
*)
|
||||
echo "${MACHINE}-whatever-qnx"
|
||||
;;
|
||||
@@ -242,10 +199,6 @@ case "${SYSTEM}:${RELEASE}:${VERSION}:${MACHINE}" in
|
||||
echo "ppc-apple-rhapsody"; exit 0
|
||||
;;
|
||||
|
||||
Darwin:*)
|
||||
echo "ppc-apple-darwin"; exit 0
|
||||
;;
|
||||
|
||||
SunOS:5.*)
|
||||
echo "${MACHINE}-whatever-solaris2"; exit 0
|
||||
;;
|
||||
@@ -294,29 +247,6 @@ case "${SYSTEM}:${RELEASE}:${VERSION}:${MACHINE}" in
|
||||
echo "${MACHINE}-v11-${SYSTEM}"; exit 0;
|
||||
;;
|
||||
|
||||
NEWS-OS:4.*)
|
||||
echo "mips-sony-newsos4"; exit 0;
|
||||
;;
|
||||
|
||||
CYGWIN*)
|
||||
case "$RELEASE" in
|
||||
[bB]*|1.0|1.[12].*)
|
||||
echo "${MACHINE}-whatever-cygwin_pre1.3"
|
||||
;;
|
||||
*)
|
||||
echo "${MACHINE}-whatever-cygwin"
|
||||
;;
|
||||
esac
|
||||
exit 0
|
||||
;;
|
||||
|
||||
*"CRAY T3E")
|
||||
echo "t3e-cray-unicosmk"; exit 0;
|
||||
;;
|
||||
|
||||
*CRAY*)
|
||||
echo "j90-cray-unicos"; exit 0;
|
||||
;;
|
||||
esac
|
||||
|
||||
#
|
||||
@@ -381,33 +311,17 @@ done
|
||||
|
||||
# figure out if gcc is available and if so we use it otherwise
|
||||
# we fallback to whatever cc does on the system
|
||||
GCCVER=`(gcc -dumpversion) 2>/dev/null`
|
||||
GCCVER=`(gcc --version) 2>/dev/null`
|
||||
if [ "$GCCVER" != "" ]; then
|
||||
CC=gcc
|
||||
# then strip off whatever prefix egcs prepends the number with...
|
||||
# Hopefully, this will work for any future prefixes as well.
|
||||
GCCVER=`echo $GCCVER | sed 's/^[a-zA-Z]*\-//'`
|
||||
# Since gcc 3.1 gcc --version behaviour has changed. gcc -dumpversion
|
||||
# does give us what we want though, so we use that. We just just the
|
||||
# major and minor version numbers.
|
||||
# then strip off whatever prefix Cygnus prepends the number with...
|
||||
GCCVER=`echo $GCCVER | sed 's/^[a-z]*\-//'`
|
||||
# peak single digit before and after first dot, e.g. 2.95.1 gives 29
|
||||
GCCVER=`echo $GCCVER | sed 's/\([0-9]\)\.\([0-9]\).*/\1\2/'`
|
||||
else
|
||||
CC=cc
|
||||
fi
|
||||
GCCVER=${GCCVER:-0}
|
||||
if [ "$SYSTEM" = "HP-UX" ];then
|
||||
# By default gcc is a ILP32 compiler (with long long == 64).
|
||||
GCC_BITS="32"
|
||||
if [ $GCCVER -ge 30 ]; then
|
||||
# PA64 support only came in with gcc 3.0.x.
|
||||
# We look for the preprocessor symbol __LP64__ indicating
|
||||
# 64bit bit long and pointer. sizeof(int) == 32 on HPUX64.
|
||||
if gcc -v -E -x c /dev/null 2>&1 | grep __LP64__ > /dev/null; then
|
||||
GCC_BITS="64"
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
||||
if [ "$SYSTEM" = "SunOS" ]; then
|
||||
# check for WorkShop C, expected output is "cc: blah-blah C x.x"
|
||||
CCVER=`(cc -V 2>&1) 2>/dev/null | \
|
||||
@@ -471,16 +385,10 @@ case "$GUESSOS" in
|
||||
;;
|
||||
mips4-sgi-irix64)
|
||||
echo "WARNING! If you wish to build 64-bit library, then you have to"
|
||||
echo " invoke './Configure irix64-mips4-$CC' *manually*."
|
||||
echo " Type return if you want to continue, Ctrl-C to abort."
|
||||
echo " invoke './Configre irix64-mips4-$CC' *manually*."
|
||||
echo " Type Ctrl-C if you don't want to continue."
|
||||
read waste < /dev/tty
|
||||
CPU=`(hinv -t cpu) 2>/dev/null | sed 's/^CPU:[^R]*R\([0-9]*\).*/\1/'`
|
||||
CPU=${CPU:-0}
|
||||
if [ $CPU -ge 5000 ]; then
|
||||
options="$options -mips4"
|
||||
else
|
||||
options="$options -mips3"
|
||||
fi
|
||||
options="$options -mips4"
|
||||
OUT="irix-mips3-$CC"
|
||||
;;
|
||||
alpha-*-linux2)
|
||||
@@ -497,70 +405,28 @@ case "$GUESSOS" in
|
||||
esac
|
||||
fi
|
||||
;;
|
||||
mips-*-linux?)
|
||||
cat >dummy.c <<EOF
|
||||
#include <stdio.h> /* for printf() prototype */
|
||||
int main (argc, argv) int argc; char *argv[]; {
|
||||
#ifdef __MIPSEB__
|
||||
printf ("linux-%s\n", argv[1]);
|
||||
#endif
|
||||
#ifdef __MIPSEL__
|
||||
printf ("linux-%sel\n", argv[1]);
|
||||
#endif
|
||||
return 0;
|
||||
}
|
||||
EOF
|
||||
${CC} -o dummy dummy.c && OUT=`./dummy ${MACHINE}`
|
||||
rm dummy dummy.c
|
||||
;;
|
||||
ppc64-*-linux2)
|
||||
#Use the standard target for PPC architecture until we create a
|
||||
#special one for the 64bit architecture.
|
||||
OUT="linux-ppc" ;;
|
||||
mips-*-linux?) OUT="linux-mips" ;;
|
||||
ppc-*-linux2) OUT="linux-ppc" ;;
|
||||
m68k-*-linux*) OUT="linux-m68k" ;;
|
||||
ia64-*-linux?) OUT="linux-ia64" ;;
|
||||
ppc-apple-rhapsody) OUT="rhapsody-ppc-cc" ;;
|
||||
ppc-apple-darwin) OUT="darwin-ppc-cc" ;;
|
||||
sparc64-*-linux2)
|
||||
#Before we can uncomment following lines we have to wait at least
|
||||
#till 64-bit glibc for SPARC is operational:-(
|
||||
#echo "WARNING! If you wish to build 64-bit library, then you have to"
|
||||
#echo " invoke './Configure linux64-sparcv9' *manually*."
|
||||
#echo " Type return if you want to continue, Ctrl-C to abort."
|
||||
#echo " Type Ctrl-C if you don't want to continue."
|
||||
#read waste < /dev/tty
|
||||
OUT="linux-sparcv9" ;;
|
||||
sparc-*-linux2)
|
||||
KARCH=`awk '/^type/{print$3}' /proc/cpuinfo`
|
||||
KARCH=`awk '/type/{print$3}' /proc/cpuinfo`
|
||||
case ${KARCH:-sun4} in
|
||||
sun4u*) OUT="linux-sparcv9" ;;
|
||||
sun4m) OUT="linux-sparcv8" ;;
|
||||
sun4d) OUT="linux-sparcv8" ;;
|
||||
*) OUT="linux-sparcv7" ;;
|
||||
esac ;;
|
||||
parisc-*-linux2)
|
||||
CPUARCH=`awk '/cpu family/{print substr($5,1,3)}' /proc/cpuinfo`
|
||||
CPUSCHEDULE=`awk '/^cpu.[ ]: PA/{print substr($3,3)}' /proc/cpuinfo`
|
||||
|
||||
# ??TODO ?? Model transformations
|
||||
# 0. CPU Architecture for the 1.1 processor has letter suffixes. We strip that off
|
||||
# assuming no further arch. identification will ever be used by GCC.
|
||||
# 1. I'm most concerned about whether is a 7300LC is closer to a 7100 versus a 7100LC.
|
||||
# 2. The variant 64-bit processors cause concern should GCC support explicit schedulers
|
||||
# for these chips in the future.
|
||||
# PA7300LC -> 7100LC (1.1)
|
||||
# PA8200 -> 8000 (2.0)
|
||||
# PA8500 -> 8000 (2.0)
|
||||
# PA8600 -> 8000 (2.0)
|
||||
|
||||
CPUSCHEDULE=`echo $CPUSCHEDULE|sed -e 's/7300LC/7100LC/' -e 's/8?00/8000/'`
|
||||
# Finish Model transformations
|
||||
|
||||
options="$options -mschedule=$CPUSCHEDULE -march=$CPUARCH"
|
||||
OUT="linux-parisc" ;;
|
||||
arm*-*-linux2) OUT="linux-elf-arm" ;;
|
||||
s390-*-linux2) OUT="linux-s390" ;;
|
||||
s390x-*-linux?) OUT="linux-s390x" ;;
|
||||
*-*-linux2) OUT="linux-elf" ;;
|
||||
*-*-linux1) OUT="linux-aout" ;;
|
||||
sun4u*-*-solaris2)
|
||||
@@ -568,7 +434,7 @@ EOF
|
||||
if [ "$ISA64" != "" -a "$CC" = "cc" -a $CCVER -ge 50 ]; then
|
||||
echo "WARNING! If you wish to build 64-bit library, then you have to"
|
||||
echo " invoke './Configure solaris64-sparcv9-cc' *manually*."
|
||||
echo " Type return if you want to continue, Ctrl-C to abort."
|
||||
echo " Type Ctrl-C if you don't want to continue."
|
||||
read waste < /dev/tty
|
||||
fi
|
||||
OUT="solaris-sparcv9-$CC" ;;
|
||||
@@ -588,72 +454,30 @@ EOF
|
||||
pmax*-*-openbsd) OUT="OpenBSD-mips" ;;
|
||||
*-*-openbsd) OUT="OpenBSD" ;;
|
||||
*86*-*-bsdi4) OUT="bsdi-elf-gcc" ;;
|
||||
*-*-osf) OUT="alphaold-cc" ;;
|
||||
*-*-tru64) OUT="alpha-cc" ;;
|
||||
*-*-OpenUNIX*)
|
||||
if [ "$CC" = "gcc" ]; then
|
||||
OUT="OpenUNIX-8-gcc"
|
||||
else
|
||||
OUT="OpenUNIX-8"
|
||||
fi
|
||||
;;
|
||||
*-*-osf) OUT="alpha-cc" ;;
|
||||
*-*-unixware7) OUT="unixware-7" ;;
|
||||
*-*-UnixWare7) OUT="unixware-7" ;;
|
||||
*-*-Unixware7) OUT="unixware-7" ;;
|
||||
*-*-unixware20*) OUT="unixware-2.0" ;;
|
||||
*-*-unixware21*) OUT="unixware-2.1" ;;
|
||||
*-*-UnixWare20*) OUT="unixware-2.0" ;;
|
||||
*-*-UnixWare21*) OUT="unixware-2.1" ;;
|
||||
*-*-Unixware20*) OUT="unixware-2.0" ;;
|
||||
*-*-Unixware21*) OUT="unixware-2.1" ;;
|
||||
*-*-unixware[1-2]*) OUT="unixware-2.0" ;;
|
||||
*-*-UnixWare[1-2]*) OUT="unixware-2.0" ;;
|
||||
*-*-Unixware[1-2]*) OUT="unixware-2.0" ;;
|
||||
BS2000-siemens-sysv4) OUT="BS2000-OSD" ;;
|
||||
RM*-siemens-sysv4) OUT="ReliantUNIX" ;;
|
||||
*-siemens-sysv4) OUT="SINIX" ;;
|
||||
*-hpux1*)
|
||||
if [ $CC = "gcc" ];
|
||||
then
|
||||
if [ $GCC_BITS = "64" ]; then
|
||||
OUT="hpux64-parisc-gcc"
|
||||
else
|
||||
OUT="hpux-parisc-gcc"
|
||||
fi
|
||||
else
|
||||
OUT="hpux-parisc-$CC"
|
||||
fi
|
||||
options="$options -D_REENTRANT" ;;
|
||||
*-hpux1*) OUT="hpux-parisc-$CC"
|
||||
options="$options -D_REENTRANT" ;;
|
||||
*-hpux) OUT="hpux-parisc-$CC" ;;
|
||||
# these are all covered by the catchall below
|
||||
# *-aix) OUT="aix-$CC" ;;
|
||||
# *-dgux) OUT="dgux" ;;
|
||||
mips-sony-newsos4) OUT="newsos4-gcc" ;;
|
||||
*-*-cygwin_pre1.3) OUT="Cygwin-pre1.3" ;;
|
||||
*-*-cygwin) OUT="Cygwin" ;;
|
||||
t3e-cray-unicosmk) OUT="cray-t3e" ;;
|
||||
j90-cray-unicos) OUT="cray-j90" ;;
|
||||
*) OUT=`echo $GUESSOS | awk -F- '{print $3}'`;;
|
||||
esac
|
||||
|
||||
# NB: This atalla support has been superceded by the ENGINE support
|
||||
# That contains its own header and definitions anyway. Support can
|
||||
# be enabled or disabled on any supported platform without external
|
||||
# headers, eg. by adding the "hw-atalla" switch to ./config or
|
||||
# perl Configure
|
||||
#
|
||||
# See whether we can compile Atalla support
|
||||
#if [ -f /usr/include/atasi.h ]
|
||||
#then
|
||||
# options="$options -DATALLA"
|
||||
#fi
|
||||
|
||||
#get some basic shared lib support (behnke@trustcenter.de)
|
||||
case "$OUT" in
|
||||
solaris-*-gcc)
|
||||
if [ "$SHARED" = "true" ]
|
||||
then
|
||||
options="$options -DPIC -fPIC"
|
||||
fi
|
||||
;;
|
||||
esac
|
||||
if [ -f /usr/include/atasi.h ]
|
||||
then
|
||||
options="$options -DATALLA"
|
||||
fi
|
||||
|
||||
# gcc < 2.8 does not support -mcpu=ultrasparc
|
||||
if [ "$OUT" = solaris-sparcv9-gcc -a $GCCVER -lt 28 ]
|
||||
@@ -674,7 +498,7 @@ case "$GUESSOS" in
|
||||
i386-*) options="$options 386" ;;
|
||||
esac
|
||||
|
||||
for i in bf cast des dh dsa hmac idea md2 md5 mdc2 rc2 rc4 rc5 ripemd rsa sha
|
||||
for i in bf cast des dh dsa hmac md2 md5 mdc2 rc2 rc4 rc5 ripemd rsa sha
|
||||
do
|
||||
if [ ! -d crypto/$i ]
|
||||
then
|
||||
@@ -724,7 +548,7 @@ OUT="$PREFIX$OUT"
|
||||
|
||||
$PERL ./Configure LIST | grep "$OUT" > /dev/null
|
||||
if [ $? = "0" ]; then
|
||||
echo Configuring for $OUT
|
||||
#echo Configuring for $OUT
|
||||
|
||||
if [ "$TEST" = "true" ]; then
|
||||
echo $PERL ./Configure $OUT $options
|
||||
|
||||
@@ -6,7 +6,7 @@ DIR= crypto
|
||||
TOP= ..
|
||||
CC= cc
|
||||
INCLUDE= -I. -I../include
|
||||
INCLUDES= -I.. -I../.. -I../../include
|
||||
INCLUDES= -I.. -I../../include
|
||||
CFLAG= -g
|
||||
INSTALL_PREFIX=
|
||||
OPENSSLDIR= /usr/local/ssl
|
||||
@@ -27,15 +27,15 @@ LIBS=
|
||||
|
||||
SDIRS= md2 md5 sha mdc2 hmac ripemd \
|
||||
des rc2 rc4 rc5 idea bf cast \
|
||||
bn rsa dsa dh dso engine \
|
||||
bn rsa dsa dh dso \
|
||||
buffer bio stack lhash rand err objects \
|
||||
evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp
|
||||
|
||||
GENERAL=Makefile README crypto-lib.com install.com
|
||||
|
||||
LIB= $(TOP)/libcrypto.a
|
||||
LIBSRC= cryptlib.c mem.c mem_dbg.c cversion.c ex_data.c tmdiff.c cpt_err.c ebcdic.c uid.c
|
||||
LIBOBJ= cryptlib.o mem.o mem_dbg.o cversion.o ex_data.o tmdiff.o cpt_err.o ebcdic.o uid.o
|
||||
LIBSRC= cryptlib.c mem.c mem_dbg.c cversion.c ex_data.c tmdiff.c cpt_err.c ebcdic.c
|
||||
LIBOBJ= cryptlib.o mem.o mem_dbg.o cversion.o ex_data.o tmdiff.o cpt_err.o ebcdic.o
|
||||
|
||||
SRC= $(LIBSRC)
|
||||
|
||||
@@ -51,11 +51,11 @@ all: buildinf.h lib subdirs
|
||||
|
||||
buildinf.h: ../Makefile.ssl
|
||||
( echo "#ifndef MK1MF_BUILD"; \
|
||||
echo ' /* auto-generated by crypto/Makefile.ssl for crypto/cversion.c */'; \
|
||||
echo ' #define CFLAGS "$(CC) $(CFLAG)"'; \
|
||||
echo ' #define PLATFORM "$(PLATFORM)"'; \
|
||||
echo " #define DATE \"`LC_ALL=C LC_TIME=C date`\""; \
|
||||
echo '#endif' ) >buildinf.h
|
||||
echo " /* auto-generated by crypto/Makefile.ssl for crypto/cversion.c */"; \
|
||||
echo " #define CFLAGS \"$(CC) $(CFLAG)\""; \
|
||||
echo " #define PLATFORM \"$(PLATFORM)\""; \
|
||||
echo " #define DATE \"`date`\""; \
|
||||
echo "#endif" ) >buildinf.h
|
||||
|
||||
testapps:
|
||||
if echo ${SDIRS} | fgrep ' des '; \
|
||||
@@ -90,8 +90,7 @@ links:
|
||||
|
||||
lib: $(LIBOBJ)
|
||||
$(AR) $(LIB) $(LIBOBJ)
|
||||
@echo You may get an error following this line. Please ignore.
|
||||
- $(RANLIB) $(LIB)
|
||||
$(RANLIB) $(LIB)
|
||||
@touch lib
|
||||
|
||||
libs:
|
||||
@@ -134,7 +133,7 @@ depend:
|
||||
@for i in $(SDIRS) ;\
|
||||
do \
|
||||
(cd $$i; echo "making depend in crypto/$$i..."; \
|
||||
$(MAKE) MAKEFILE='${MAKEFILE}' INCLUDES='${INCLUDES}' DEPFLAG='${DEPFLAG}' PERL='${PERL}' depend ); \
|
||||
$(MAKE) MAKEFILE='${MAKEFILE}' INCLUDES='${INCLUDES}' DEPFLAG='${DEPFLAG}' depend ); \
|
||||
done;
|
||||
|
||||
clean:
|
||||
@@ -198,6 +197,3 @@ tmdiff.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
|
||||
tmdiff.o: ../include/openssl/opensslv.h ../include/openssl/safestack.h
|
||||
tmdiff.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
|
||||
tmdiff.o: ../include/openssl/tmdiff.h cryptlib.h
|
||||
uid.o: ../include/openssl/crypto.h ../include/openssl/opensslv.h
|
||||
uid.o: ../include/openssl/safestack.h ../include/openssl/stack.h
|
||||
uid.o: ../include/openssl/symhacks.h
|
||||
|
||||
@@ -75,8 +75,7 @@ all: lib
|
||||
|
||||
lib: $(LIBOBJ)
|
||||
$(AR) $(LIB) $(LIBOBJ)
|
||||
@echo You may get an error following this line. Please ignore.
|
||||
- $(RANLIB) $(LIB)
|
||||
$(RANLIB) $(LIB)
|
||||
@touch lib
|
||||
|
||||
files:
|
||||
@@ -936,40 +935,40 @@ t_bitst.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
|
||||
t_bitst.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
|
||||
t_bitst.o: ../../include/openssl/des.h ../../include/openssl/dh.h
|
||||
t_bitst.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
|
||||
t_bitst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
|
||||
t_bitst.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
|
||||
t_bitst.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
|
||||
t_bitst.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
|
||||
t_bitst.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
|
||||
t_bitst.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
|
||||
t_bitst.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
|
||||
t_bitst.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
|
||||
t_bitst.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
|
||||
t_bitst.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
|
||||
t_bitst.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
|
||||
t_bitst.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
|
||||
t_bitst.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
|
||||
t_bitst.o: ../cryptlib.h
|
||||
t_bitst.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
|
||||
t_bitst.o: ../../include/openssl/err.h ../../include/openssl/evp.h
|
||||
t_bitst.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
|
||||
t_bitst.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
|
||||
t_bitst.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
|
||||
t_bitst.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
|
||||
t_bitst.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
|
||||
t_bitst.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
|
||||
t_bitst.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
|
||||
t_bitst.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
|
||||
t_bitst.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
|
||||
t_bitst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
|
||||
t_bitst.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
|
||||
t_bitst.o: ../../include/openssl/x509v3.h ../cryptlib.h
|
||||
t_crl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
|
||||
t_crl.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
|
||||
t_crl.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
|
||||
t_crl.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
|
||||
t_crl.o: ../../include/openssl/des.h ../../include/openssl/dh.h
|
||||
t_crl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
|
||||
t_crl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
|
||||
t_crl.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
|
||||
t_crl.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
|
||||
t_crl.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
|
||||
t_crl.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
|
||||
t_crl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
|
||||
t_crl.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
|
||||
t_crl.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
|
||||
t_crl.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
|
||||
t_crl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
|
||||
t_crl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
|
||||
t_crl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
|
||||
t_crl.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
|
||||
t_crl.o: ../cryptlib.h
|
||||
t_crl.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
|
||||
t_crl.o: ../../include/openssl/err.h ../../include/openssl/evp.h
|
||||
t_crl.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
|
||||
t_crl.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
|
||||
t_crl.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
|
||||
t_crl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
|
||||
t_crl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
|
||||
t_crl.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
|
||||
t_crl.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
|
||||
t_crl.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
|
||||
t_crl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
|
||||
t_crl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
|
||||
t_crl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
|
||||
t_crl.o: ../../include/openssl/x509v3.h ../cryptlib.h
|
||||
t_pkey.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
|
||||
t_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
|
||||
t_pkey.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
|
||||
@@ -985,20 +984,20 @@ t_req.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
|
||||
t_req.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
|
||||
t_req.o: ../../include/openssl/des.h ../../include/openssl/dh.h
|
||||
t_req.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
|
||||
t_req.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
|
||||
t_req.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
|
||||
t_req.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
|
||||
t_req.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
|
||||
t_req.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
|
||||
t_req.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
|
||||
t_req.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
|
||||
t_req.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
|
||||
t_req.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
|
||||
t_req.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
|
||||
t_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
|
||||
t_req.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
|
||||
t_req.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
|
||||
t_req.o: ../cryptlib.h
|
||||
t_req.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
|
||||
t_req.o: ../../include/openssl/err.h ../../include/openssl/evp.h
|
||||
t_req.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
|
||||
t_req.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
|
||||
t_req.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
|
||||
t_req.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
|
||||
t_req.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
|
||||
t_req.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
|
||||
t_req.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
|
||||
t_req.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
|
||||
t_req.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
|
||||
t_req.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
|
||||
t_req.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
|
||||
t_req.o: ../../include/openssl/x509v3.h ../cryptlib.h
|
||||
t_spki.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
|
||||
t_spki.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
|
||||
t_spki.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
|
||||
@@ -1024,20 +1023,20 @@ t_x509.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
|
||||
t_x509.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
|
||||
t_x509.o: ../../include/openssl/des.h ../../include/openssl/dh.h
|
||||
t_x509.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
|
||||
t_x509.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
|
||||
t_x509.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
|
||||
t_x509.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
|
||||
t_x509.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
|
||||
t_x509.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
|
||||
t_x509.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
|
||||
t_x509.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
|
||||
t_x509.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
|
||||
t_x509.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
|
||||
t_x509.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
|
||||
t_x509.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
|
||||
t_x509.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
|
||||
t_x509.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
|
||||
t_x509.o: ../cryptlib.h
|
||||
t_x509.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
|
||||
t_x509.o: ../../include/openssl/err.h ../../include/openssl/evp.h
|
||||
t_x509.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
|
||||
t_x509.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
|
||||
t_x509.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
|
||||
t_x509.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
|
||||
t_x509.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
|
||||
t_x509.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
|
||||
t_x509.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
|
||||
t_x509.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
|
||||
t_x509.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
|
||||
t_x509.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
|
||||
t_x509.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
|
||||
t_x509.o: ../../include/openssl/x509v3.h ../cryptlib.h
|
||||
t_x509a.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
|
||||
t_x509a.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
|
||||
t_x509a.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
|
||||
@@ -1310,20 +1309,21 @@ x_x509.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
|
||||
x_x509.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
|
||||
x_x509.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
|
||||
x_x509.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
|
||||
x_x509.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
|
||||
x_x509.o: ../../include/openssl/err.h ../../include/openssl/evp.h
|
||||
x_x509.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
|
||||
x_x509.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
|
||||
x_x509.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
|
||||
x_x509.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
|
||||
x_x509.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
|
||||
x_x509.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
|
||||
x_x509.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
|
||||
x_x509.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
|
||||
x_x509.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
|
||||
x_x509.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
|
||||
x_x509.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
|
||||
x_x509.o: ../../include/openssl/x509v3.h ../cryptlib.h
|
||||
x_x509.o: ../../include/openssl/e_os.h ../../include/openssl/e_os.h
|
||||
x_x509.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
|
||||
x_x509.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
|
||||
x_x509.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
|
||||
x_x509.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
|
||||
x_x509.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
|
||||
x_x509.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
|
||||
x_x509.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
|
||||
x_x509.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
|
||||
x_x509.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
|
||||
x_x509.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
|
||||
x_x509.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
|
||||
x_x509.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
|
||||
x_x509.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
|
||||
x_x509.o: ../cryptlib.h
|
||||
x_x509a.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
|
||||
x_x509a.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
|
||||
x_x509a.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
|
||||
|
||||
@@ -89,6 +89,8 @@ int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp)
|
||||
if (a == NULL) return(0);
|
||||
|
||||
len=a->length;
|
||||
ret=1+len;
|
||||
if (pp == NULL) return(ret);
|
||||
|
||||
if (len > 0)
|
||||
{
|
||||
@@ -116,10 +118,6 @@ int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp)
|
||||
}
|
||||
else
|
||||
bits=0;
|
||||
|
||||
ret=1+len;
|
||||
if (pp == NULL) return(ret);
|
||||
|
||||
p= *pp;
|
||||
|
||||
*(p++)=(unsigned char)bits;
|
||||
@@ -226,7 +224,6 @@ int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value)
|
||||
w=n/8;
|
||||
v=1<<(7-(n&0x07));
|
||||
iv= ~v;
|
||||
if (!value) v=0;
|
||||
|
||||
a->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); /* clear, set on write */
|
||||
|
||||
|
||||
@@ -205,18 +205,7 @@ ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai)
|
||||
else ret->type=V_ASN1_ENUMERATED;
|
||||
j=BN_num_bits(bn);
|
||||
len=((j == 0)?0:((j/8)+1));
|
||||
if (ret->length < len+4)
|
||||
{
|
||||
unsigned char *new_data=
|
||||
OPENSSL_realloc(ret->data, len+4);
|
||||
if (!new_data)
|
||||
{
|
||||
ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_MALLOC_FAILURE);
|
||||
goto err;
|
||||
}
|
||||
ret->data=new_data;
|
||||
}
|
||||
|
||||
ret->data=(unsigned char *)OPENSSL_malloc(len+4);
|
||||
ret->length=BN_bn2bin(bn,ret->data);
|
||||
return(ret);
|
||||
err:
|
||||
|
||||
@@ -203,7 +203,7 @@ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
|
||||
if (s == NULL)
|
||||
return(NULL);
|
||||
|
||||
#if defined(THREADS) && !defined(WIN32) && ! defined(_DARWIN)
|
||||
#if defined(THREADS) && !defined(WIN32)
|
||||
gmtime_r(&t,&data); /* should return &data, but doesn't on some systems, so we don't even look at the return value */
|
||||
ts=&data;
|
||||
#else
|
||||
|
||||
@@ -451,16 +451,7 @@ ASN1_INTEGER *BN_to_ASN1_INTEGER(BIGNUM *bn, ASN1_INTEGER *ai)
|
||||
else ret->type=V_ASN1_INTEGER;
|
||||
j=BN_num_bits(bn);
|
||||
len=((j == 0)?0:((j/8)+1));
|
||||
if (ret->length < len+4)
|
||||
{
|
||||
unsigned char *new_data= OPENSSL_realloc(ret->data, len+4);
|
||||
if (!new_data)
|
||||
{
|
||||
ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_MALLOC_FAILURE);
|
||||
goto err;
|
||||
}
|
||||
ret->data=new_data;
|
||||
}
|
||||
ret->data=(unsigned char *)OPENSSL_malloc(len+4);
|
||||
ret->length=BN_bn2bin(bn,ret->data);
|
||||
return(ret);
|
||||
err:
|
||||
|
||||
@@ -116,7 +116,7 @@ int i2d_ASN1_SET(STACK *a, unsigned char **pp, int (*func)(), int ex_tag,
|
||||
}
|
||||
|
||||
pStart = p; /* Catch the beg of Setblobs*/
|
||||
if (!(rgSetBlob = (MYBLOB *)OPENSSL_malloc( sk_num(a) * sizeof(MYBLOB)))) return 0; /* In this array
|
||||
rgSetBlob = (MYBLOB *)OPENSSL_malloc( sk_num(a) * sizeof(MYBLOB)); /* In this array
|
||||
we will store the SET blobs */
|
||||
|
||||
for (i=0; i<sk_num(a); i++)
|
||||
@@ -133,7 +133,7 @@ SetBlob
|
||||
/* Now we have to sort the blobs. I am using a simple algo.
|
||||
*Sort ptrs *Copy to temp-mem *Copy from temp-mem to user-mem*/
|
||||
qsort( rgSetBlob, sk_num(a), sizeof(MYBLOB), SetBlobCmp);
|
||||
if (!(pTempMem = OPENSSL_malloc(totSize))) return 0;
|
||||
pTempMem = OPENSSL_malloc(totSize);
|
||||
|
||||
/* Copy to temp mem */
|
||||
p = pTempMem;
|
||||
@@ -158,7 +158,7 @@ STACK *d2i_ASN1_SET(STACK **a, unsigned char **pp, long length,
|
||||
STACK *ret=NULL;
|
||||
|
||||
if ((a == NULL) || ((*a) == NULL))
|
||||
{ if ((ret=sk_new_null()) == NULL) goto err; }
|
||||
{ if ((ret=sk_new(NULL)) == NULL) goto err; }
|
||||
else
|
||||
ret=(*a);
|
||||
|
||||
|
||||
@@ -55,59 +55,6 @@
|
||||
* copied and put under another distribution licence
|
||||
* [including the GNU Public Licence.]
|
||||
*/
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
* the documentation and/or other materials provided with the
|
||||
* distribution.
|
||||
*
|
||||
* 3. All advertising materials mentioning features or use of this
|
||||
* software must display the following acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||
*
|
||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||
* endorse or promote products derived from this software without
|
||||
* prior written permission. For written permission, please contact
|
||||
* openssl-core@openssl.org.
|
||||
*
|
||||
* 5. Products derived from this software may not be called "OpenSSL"
|
||||
* nor may "OpenSSL" appear in their names without prior written
|
||||
* permission of the OpenSSL Project.
|
||||
*
|
||||
* 6. Redistributions of any form whatsoever must retain the following
|
||||
* acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
* ====================================================================
|
||||
*
|
||||
* This product includes cryptographic software written by Eric Young
|
||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||
* Hudson (tjh@cryptsoft.com).
|
||||
*
|
||||
*/
|
||||
|
||||
#include <stdio.h>
|
||||
#include <time.h>
|
||||
@@ -140,14 +87,7 @@ int ASN1_sign(int (*i2d)(), X509_ALGOR *algor1, X509_ALGOR *algor2,
|
||||
else
|
||||
a=algor2;
|
||||
if (a == NULL) continue;
|
||||
if (type->pkey_type == NID_dsaWithSHA1)
|
||||
{
|
||||
/* special case: RFC 2459 tells us to omit 'parameters'
|
||||
* with id-dsa-with-sha1 */
|
||||
ASN1_TYPE_free(a->parameter);
|
||||
a->parameter = NULL;
|
||||
}
|
||||
else if ((a->parameter == NULL) ||
|
||||
if ( (a->parameter == NULL) ||
|
||||
(a->parameter->type != V_ASN1_NULL))
|
||||
{
|
||||
ASN1_TYPE_free(a->parameter);
|
||||
|
||||
@@ -105,9 +105,9 @@ int ASN1_STRING_set_default_mask_asc(char *p)
|
||||
mask = strtoul(p + 5, &end, 0);
|
||||
if(*end) return 0;
|
||||
} else if(!strcmp(p, "nombstr"))
|
||||
mask = ~((unsigned long)(B_ASN1_BMPSTRING|B_ASN1_UTF8STRING));
|
||||
mask = ~(B_ASN1_BMPSTRING|B_ASN1_UTF8STRING);
|
||||
else if(!strcmp(p, "pkix"))
|
||||
mask = ~((unsigned long)B_ASN1_T61STRING);
|
||||
mask = ~B_ASN1_T61STRING;
|
||||
else if(!strcmp(p, "utf8only")) mask = B_ASN1_UTF8STRING;
|
||||
else if(!strcmp(p, "default"))
|
||||
mask = 0xFFFFFFFFL;
|
||||
@@ -133,7 +133,7 @@ ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out, const unsigned char *in,
|
||||
if(tbl) {
|
||||
mask = tbl->mask;
|
||||
if(!(tbl->flags & STABLE_NO_MASK)) mask &= global_mask;
|
||||
ret = ASN1_mbstring_ncopy(out, in, inlen, inform, mask,
|
||||
ret = ASN1_mbstring_ncopy(out, in, inlen, inform, tbl->mask,
|
||||
tbl->minsize, tbl->maxsize);
|
||||
} else ret = ASN1_mbstring_copy(out, in, inlen, inform, DIRSTRING_TYPE & global_mask);
|
||||
if(ret <= 0) return NULL;
|
||||
|
||||
@@ -113,7 +113,7 @@ ASN1_TIME *d2i_ASN1_TIME(ASN1_TIME **a, unsigned char **pp, long length)
|
||||
ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t)
|
||||
{
|
||||
struct tm *ts;
|
||||
#if defined(THREADS) && !defined(WIN32) && !defined(__CYGWIN32__) && !defined(_DARWIN)
|
||||
#if defined(THREADS) && !defined(WIN32) && !defined(__CYGWIN32__)
|
||||
struct tm data;
|
||||
|
||||
gmtime_r(&t,&data);
|
||||
|
||||
@@ -123,8 +123,6 @@ int i2d_ASN1_TYPE(ASN1_TYPE *a, unsigned char **pp)
|
||||
break;
|
||||
case V_ASN1_SET:
|
||||
case V_ASN1_SEQUENCE:
|
||||
case V_ASN1_OTHER:
|
||||
default:
|
||||
if (a->value.set == NULL)
|
||||
r=0;
|
||||
else
|
||||
@@ -161,8 +159,6 @@ ASN1_TYPE *d2i_ASN1_TYPE(ASN1_TYPE **a, unsigned char **pp, long length)
|
||||
|
||||
inf=ASN1_get_object(&q,&len,&tag,&xclass,length);
|
||||
if (inf & 0x80) goto err;
|
||||
/* If not universal tag we've no idea what it is */
|
||||
if(xclass != V_ASN1_UNIVERSAL) tag = V_ASN1_OTHER;
|
||||
|
||||
ASN1_TYPE_component_free(ret);
|
||||
|
||||
@@ -249,8 +245,6 @@ ASN1_TYPE *d2i_ASN1_TYPE(ASN1_TYPE **a, unsigned char **pp, long length)
|
||||
break;
|
||||
case V_ASN1_SET:
|
||||
case V_ASN1_SEQUENCE:
|
||||
case V_ASN1_OTHER:
|
||||
default:
|
||||
/* Sets and sequences are left complete */
|
||||
if ((ret->value.set=ASN1_STRING_new()) == NULL) goto err;
|
||||
ret->value.set->type=tag;
|
||||
@@ -258,6 +252,9 @@ ASN1_TYPE *d2i_ASN1_TYPE(ASN1_TYPE **a, unsigned char **pp, long length)
|
||||
if (!ASN1_STRING_set(ret->value.set,p,(int)len)) goto err;
|
||||
p+=len;
|
||||
break;
|
||||
default:
|
||||
ASN1err(ASN1_F_D2I_ASN1_TYPE,ASN1_R_BAD_TYPE);
|
||||
goto err;
|
||||
}
|
||||
|
||||
ret->type=tag;
|
||||
@@ -315,8 +312,6 @@ static void ASN1_TYPE_component_free(ASN1_TYPE *a)
|
||||
case V_ASN1_OBJECT:
|
||||
ASN1_OBJECT_free(a->value.object);
|
||||
break;
|
||||
case V_ASN1_NULL:
|
||||
break;
|
||||
case V_ASN1_INTEGER:
|
||||
case V_ASN1_NEG_INTEGER:
|
||||
case V_ASN1_ENUMERATED:
|
||||
@@ -338,10 +333,11 @@ static void ASN1_TYPE_component_free(ASN1_TYPE *a)
|
||||
case V_ASN1_UNIVERSALSTRING:
|
||||
case V_ASN1_BMPSTRING:
|
||||
case V_ASN1_UTF8STRING:
|
||||
case V_ASN1_OTHER:
|
||||
default:
|
||||
ASN1_STRING_free((ASN1_STRING *)a->value.ptr);
|
||||
break;
|
||||
default:
|
||||
/* MEMORY LEAK */
|
||||
break;
|
||||
}
|
||||
a->type=0;
|
||||
a->value.ptr=NULL;
|
||||
|
||||
@@ -203,7 +203,7 @@ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t)
|
||||
if (s == NULL)
|
||||
return(NULL);
|
||||
|
||||
#if defined(THREADS) && !defined(WIN32) && !defined(__CYGWIN32__) && !defined(_DARWIN)
|
||||
#if defined(THREADS) && !defined(WIN32) && !defined(__CYGWIN32__)
|
||||
gmtime_r(&t,&data); /* should return &data, but doesn't on some systems, so we don't even look at the return value */
|
||||
ts=&data;
|
||||
#else
|
||||
@@ -270,9 +270,6 @@ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t)
|
||||
int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t)
|
||||
{
|
||||
struct tm *tm;
|
||||
#if defined(THREADS) && !defined(WIN32) && !defined(__CYGWIN32__) && !defined(_DARWIN)
|
||||
struct tm data;
|
||||
#endif
|
||||
int offset;
|
||||
int year;
|
||||
|
||||
@@ -289,9 +286,8 @@ int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t)
|
||||
|
||||
t -= offset*60; /* FIXME: may overflow in extreme cases */
|
||||
|
||||
#if defined(THREADS) && !defined(WIN32) && !defined(__CYGWIN32__) && !defined(_DARWIN)
|
||||
gmtime_r(&t, &data);
|
||||
tm = &data;
|
||||
#if defined(THREADS) && !defined(WIN32) && !defined(__CYGWIN32__)
|
||||
{ struct tm data; gmtime_r(&t, &data); tm = &data; }
|
||||
#else
|
||||
tm = gmtime(&t);
|
||||
#endif
|
||||
|
||||
@@ -83,7 +83,6 @@ extern "C" {
|
||||
#define V_ASN1_PRIMATIVE_TAG 0x1f
|
||||
|
||||
#define V_ASN1_APP_CHOOSE -2 /* let the recipient choose */
|
||||
#define V_ASN1_OTHER -3 /* used in ASN1_TYPE */
|
||||
|
||||
#define V_ASN1_NEG 0x100 /* negative flag */
|
||||
|
||||
@@ -834,6 +833,8 @@ void ASN1_HEADER_free(ASN1_HEADER *a);
|
||||
|
||||
int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s);
|
||||
|
||||
void ERR_load_ASN1_strings(void);
|
||||
|
||||
/* Not used that much at this point, except for the first two */
|
||||
ASN1_METHOD *X509_asn1_meth(void);
|
||||
ASN1_METHOD *RSAPrivateKey_asn1_meth(void);
|
||||
@@ -875,7 +876,6 @@ void ASN1_STRING_TABLE_cleanup(void);
|
||||
/* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||
* made after this point may be overwritten when the script is next run.
|
||||
*/
|
||||
void ERR_load_ASN1_strings(void);
|
||||
|
||||
/* Error codes for the ASN1 functions. */
|
||||
|
||||
@@ -1147,3 +1147,4 @@ void ERR_load_ASN1_strings(void);
|
||||
}
|
||||
#endif
|
||||
#endif
|
||||
|
||||
|
||||
@@ -57,7 +57,6 @@
|
||||
*/
|
||||
|
||||
#include <stdio.h>
|
||||
#include <limits.h>
|
||||
#include "cryptlib.h"
|
||||
#include <openssl/asn1.h>
|
||||
#include <openssl/asn1_mac.h>
|
||||
@@ -125,13 +124,15 @@ int ASN1_get_object(unsigned char **pp, long *plength, int *ptag, int *pclass,
|
||||
(int)(omax+ *pp));
|
||||
|
||||
#endif
|
||||
if (*plength > (omax - (p - *pp)))
|
||||
#if 0
|
||||
if ((p+ *plength) > (omax+ *pp))
|
||||
{
|
||||
ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_TOO_LONG);
|
||||
/* Set this so that even if things are not long enough
|
||||
* the values are set correctly */
|
||||
ret|=0x80;
|
||||
}
|
||||
#endif
|
||||
*pp=p;
|
||||
return(ret|inf);
|
||||
err:
|
||||
@@ -142,7 +143,7 @@ err:
|
||||
static int asn1_get_length(unsigned char **pp, int *inf, long *rl, int max)
|
||||
{
|
||||
unsigned char *p= *pp;
|
||||
unsigned long ret=0;
|
||||
long ret=0;
|
||||
int i;
|
||||
|
||||
if (max-- < 1) return(0);
|
||||
@@ -158,8 +159,6 @@ static int asn1_get_length(unsigned char **pp, int *inf, long *rl, int max)
|
||||
i= *p&0x7f;
|
||||
if (*(p++) & 0x80)
|
||||
{
|
||||
if (i > sizeof(long))
|
||||
return 0;
|
||||
if (max-- == 0) return(0);
|
||||
while (i-- > 0)
|
||||
{
|
||||
@@ -171,10 +170,8 @@ static int asn1_get_length(unsigned char **pp, int *inf, long *rl, int max)
|
||||
else
|
||||
ret=i;
|
||||
}
|
||||
if (ret > LONG_MAX)
|
||||
return 0;
|
||||
*pp=p;
|
||||
*rl=(long)ret;
|
||||
*rl=ret;
|
||||
return(1);
|
||||
}
|
||||
|
||||
@@ -304,7 +301,7 @@ int asn1_GetSequence(ASN1_CTX *c, long *length)
|
||||
return(0);
|
||||
}
|
||||
if (c->inf == (1|V_ASN1_CONSTRUCTED))
|
||||
c->slen= *length;
|
||||
c->slen= *length+ *(c->pp)-c->p;
|
||||
c->eos=0;
|
||||
return(1);
|
||||
}
|
||||
@@ -410,7 +407,7 @@ int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b)
|
||||
|
||||
void asn1_add_error(unsigned char *address, int offset)
|
||||
{
|
||||
char buf1[DECIMAL_SIZE(address)+1],buf2[DECIMAL_SIZE(offset)+1];
|
||||
char buf1[16],buf2[16];
|
||||
|
||||
sprintf(buf1,"%lu",(unsigned long)address);
|
||||
sprintf(buf2,"%d",offset);
|
||||
|
||||
@@ -196,9 +196,6 @@ err:\
|
||||
if ((a != NULL) && (sk_##type##_num(a) != 0)) \
|
||||
M_ASN1_I2D_put_SEQUENCE_type(type,a,f);
|
||||
|
||||
#define M_ASN1_I2D_put_SEQUENCE_opt_ex_type(type,a,f) \
|
||||
if (a) M_ASN1_I2D_put_SEQUENCE_type(type,a,f);
|
||||
|
||||
#define M_ASN1_D2I_get_IMP_set_opt(b,func,free_func,tag) \
|
||||
if ((c.slen != 0) && \
|
||||
(M_ASN1_next == \
|
||||
@@ -392,9 +389,6 @@ err:\
|
||||
if ((a != NULL) && (sk_##type##_num(a) != 0)) \
|
||||
M_ASN1_I2D_len_SEQUENCE_type(type,a,f);
|
||||
|
||||
#define M_ASN1_I2D_len_SEQUENCE_opt_ex_type(type,a,f) \
|
||||
if (a) M_ASN1_I2D_len_SEQUENCE_type(type,a,f);
|
||||
|
||||
#define M_ASN1_I2D_len_IMP_SET(a,f,x) \
|
||||
ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC,IS_SET);
|
||||
|
||||
@@ -458,15 +452,6 @@ err:\
|
||||
ret+=ASN1_object_size(1,v,mtag); \
|
||||
}
|
||||
|
||||
#define M_ASN1_I2D_len_EXP_SEQUENCE_opt_ex_type(type,a,f,mtag,tag,v) \
|
||||
if (a)\
|
||||
{ \
|
||||
v=i2d_ASN1_SET_OF_##type(a,NULL,f,tag, \
|
||||
V_ASN1_UNIVERSAL, \
|
||||
IS_SEQUENCE); \
|
||||
ret+=ASN1_object_size(1,v,mtag); \
|
||||
}
|
||||
|
||||
/* Put Macros */
|
||||
#define M_ASN1_I2D_put(a,f) f(a,&p)
|
||||
|
||||
@@ -551,14 +536,6 @@ err:\
|
||||
IS_SEQUENCE); \
|
||||
}
|
||||
|
||||
#define M_ASN1_I2D_put_EXP_SEQUENCE_opt_ex_type(type,a,f,mtag,tag,v) \
|
||||
if (a) \
|
||||
{ \
|
||||
ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \
|
||||
i2d_ASN1_SET_OF_##type(a,&p,f,tag,V_ASN1_UNIVERSAL, \
|
||||
IS_SEQUENCE); \
|
||||
}
|
||||
|
||||
#define M_ASN1_I2D_seq_total() \
|
||||
r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE); \
|
||||
if (pp == NULL) return(r); \
|
||||
|
||||
@@ -87,7 +87,6 @@ DH *d2i_DHparams(DH **a, unsigned char **pp, long length)
|
||||
}
|
||||
|
||||
M_ASN1_BIT_STRING_free(bs);
|
||||
bs = NULL;
|
||||
|
||||
M_ASN1_D2I_Finish_2(a);
|
||||
|
||||
|
||||
@@ -84,7 +84,6 @@ DSA *d2i_DSAparams(DSA **a, unsigned char **pp, long length)
|
||||
if ((ret->g=BN_bin2bn(bs->data,bs->length,ret->g)) == NULL) goto err_bn;
|
||||
|
||||
M_ASN1_BIT_STRING_free(bs);
|
||||
bs = NULL;
|
||||
|
||||
M_ASN1_D2I_Finish_2(a);
|
||||
|
||||
|
||||
@@ -108,7 +108,6 @@ RSA *d2i_RSAPrivateKey(RSA **a, unsigned char **pp, long length)
|
||||
goto err_bn;
|
||||
|
||||
M_ASN1_INTEGER_free(bs);
|
||||
bs = NULL;
|
||||
|
||||
M_ASN1_D2I_Finish_2(a);
|
||||
err_bn:
|
||||
|
||||
@@ -307,14 +307,12 @@ PKCS7 *d2i_PKCS7(PKCS7 **a, unsigned char **pp, long length)
|
||||
}
|
||||
if (Tinf == (1|V_ASN1_CONSTRUCTED))
|
||||
{
|
||||
c.q=c.p;
|
||||
if (!ASN1_check_infinite_end(&c.p,c.slen))
|
||||
{
|
||||
c.error=ERR_R_MISSING_ASN1_EOS;
|
||||
c.line=__LINE__;
|
||||
goto err;
|
||||
}
|
||||
c.slen-=(c.p-c.q);
|
||||
}
|
||||
}
|
||||
else
|
||||
|
||||
@@ -96,34 +96,10 @@ int RSA_print(BIO *bp, RSA *x, int off)
|
||||
char str[128];
|
||||
const char *s;
|
||||
unsigned char *m=NULL;
|
||||
int ret=0;
|
||||
size_t buf_len=0, i;
|
||||
int i,ret=0;
|
||||
|
||||
if (x->n)
|
||||
buf_len = (size_t)BN_num_bytes(x->n);
|
||||
if (x->e)
|
||||
if (buf_len < (i = (size_t)BN_num_bytes(x->e)))
|
||||
buf_len = i;
|
||||
if (x->d)
|
||||
if (buf_len < (i = (size_t)BN_num_bytes(x->d)))
|
||||
buf_len = i;
|
||||
if (x->p)
|
||||
if (buf_len < (i = (size_t)BN_num_bytes(x->p)))
|
||||
buf_len = i;
|
||||
if (x->q)
|
||||
if (buf_len < (i = (size_t)BN_num_bytes(x->q)))
|
||||
buf_len = i;
|
||||
if (x->dmp1)
|
||||
if (buf_len < (i = (size_t)BN_num_bytes(x->dmp1)))
|
||||
buf_len = i;
|
||||
if (x->dmq1)
|
||||
if (buf_len < (i = (size_t)BN_num_bytes(x->dmq1)))
|
||||
buf_len = i;
|
||||
if (x->iqmp)
|
||||
if (buf_len < (i = (size_t)BN_num_bytes(x->iqmp)))
|
||||
buf_len = i;
|
||||
|
||||
m=(unsigned char *)OPENSSL_malloc(buf_len+10);
|
||||
i=RSA_size(x);
|
||||
m=(unsigned char *)OPENSSL_malloc((unsigned int)i+10);
|
||||
if (m == NULL)
|
||||
{
|
||||
RSAerr(RSA_F_RSA_PRINT,ERR_R_MALLOC_FAILURE);
|
||||
@@ -185,25 +161,22 @@ int DSA_print(BIO *bp, DSA *x, int off)
|
||||
{
|
||||
char str[128];
|
||||
unsigned char *m=NULL;
|
||||
int ret=0;
|
||||
size_t buf_len=0,i;
|
||||
int i,ret=0;
|
||||
BIGNUM *bn=NULL;
|
||||
|
||||
if (x->p)
|
||||
buf_len = (size_t)BN_num_bytes(x->p);
|
||||
if (x->q)
|
||||
if (buf_len < (i = (size_t)BN_num_bytes(x->q)))
|
||||
buf_len = i;
|
||||
if (x->g)
|
||||
if (buf_len < (i = (size_t)BN_num_bytes(x->g)))
|
||||
buf_len = i;
|
||||
if (x->priv_key)
|
||||
if (buf_len < (i = (size_t)BN_num_bytes(x->priv_key)))
|
||||
buf_len = i;
|
||||
if (x->pub_key)
|
||||
if (buf_len < (i = (size_t)BN_num_bytes(x->pub_key)))
|
||||
buf_len = i;
|
||||
|
||||
m=(unsigned char *)OPENSSL_malloc(buf_len+10);
|
||||
if (x->p != NULL)
|
||||
bn=x->p;
|
||||
else if (x->priv_key != NULL)
|
||||
bn=x->priv_key;
|
||||
else if (x->pub_key != NULL)
|
||||
bn=x->pub_key;
|
||||
|
||||
/* larger than needed but what the hell :-) */
|
||||
if (bn != NULL)
|
||||
i=BN_num_bytes(bn)*2;
|
||||
else
|
||||
i=256;
|
||||
m=(unsigned char *)OPENSSL_malloc((unsigned int)i+10);
|
||||
if (m == NULL)
|
||||
{
|
||||
DSAerr(DSA_F_DSA_PRINT,ERR_R_MALLOC_FAILURE);
|
||||
@@ -308,15 +281,10 @@ int DHparams_print_fp(FILE *fp, DH *x)
|
||||
int DHparams_print(BIO *bp, DH *x)
|
||||
{
|
||||
unsigned char *m=NULL;
|
||||
int reason=ERR_R_BUF_LIB,ret=0;
|
||||
size_t buf_len=0, i;
|
||||
int reason=ERR_R_BUF_LIB,i,ret=0;
|
||||
|
||||
if (x->p)
|
||||
buf_len = (size_t)BN_num_bytes(x->p);
|
||||
if (x->g)
|
||||
if (buf_len < (i = (size_t)BN_num_bytes(x->g)))
|
||||
buf_len = i;
|
||||
m=(unsigned char *)OPENSSL_malloc(buf_len+10);
|
||||
i=BN_num_bytes(x->p);
|
||||
m=(unsigned char *)OPENSSL_malloc((unsigned int)i+10);
|
||||
if (m == NULL)
|
||||
{
|
||||
reason=ERR_R_MALLOC_FAILURE;
|
||||
@@ -366,18 +334,10 @@ int DSAparams_print_fp(FILE *fp, DSA *x)
|
||||
int DSAparams_print(BIO *bp, DSA *x)
|
||||
{
|
||||
unsigned char *m=NULL;
|
||||
int reason=ERR_R_BUF_LIB,ret=0;
|
||||
size_t buf_len=0, i;
|
||||
int reason=ERR_R_BUF_LIB,i,ret=0;
|
||||
|
||||
if (x->p)
|
||||
buf_len = (size_t)BN_num_bytes(x->p);
|
||||
if (x->q)
|
||||
if (buf_len < (i = (size_t)BN_num_bytes(x->q)))
|
||||
buf_len = i;
|
||||
if (x->g)
|
||||
if (buf_len < (i = (size_t)BN_num_bytes(x->g)))
|
||||
buf_len = i;
|
||||
m=(unsigned char *)OPENSSL_malloc(buf_len+10);
|
||||
i=BN_num_bytes(x->p);
|
||||
m=(unsigned char *)OPENSSL_malloc((unsigned int)i+10);
|
||||
if (m == NULL)
|
||||
{
|
||||
reason=ERR_R_MALLOC_FAILURE;
|
||||
|
||||
@@ -349,8 +349,6 @@ int X509_NAME_print(BIO *bp, X509_NAME *name, int obase)
|
||||
ll=80-2-obase;
|
||||
|
||||
s=X509_NAME_oneline(name,buf,256);
|
||||
if (!*s)
|
||||
return 1;
|
||||
s++; /* skip the first slash */
|
||||
|
||||
l=ll;
|
||||
|
||||
@@ -71,14 +71,14 @@ int i2d_X509_REVOKED(X509_REVOKED *a, unsigned char **pp)
|
||||
|
||||
M_ASN1_I2D_len(a->serialNumber,i2d_ASN1_INTEGER);
|
||||
M_ASN1_I2D_len(a->revocationDate,i2d_ASN1_TIME);
|
||||
M_ASN1_I2D_len_SEQUENCE_opt_ex_type(X509_EXTENSION,a->extensions,
|
||||
M_ASN1_I2D_len_SEQUENCE_opt_type(X509_EXTENSION,a->extensions,
|
||||
i2d_X509_EXTENSION);
|
||||
|
||||
M_ASN1_I2D_seq_total();
|
||||
|
||||
M_ASN1_I2D_put(a->serialNumber,i2d_ASN1_INTEGER);
|
||||
M_ASN1_I2D_put(a->revocationDate,i2d_ASN1_TIME);
|
||||
M_ASN1_I2D_put_SEQUENCE_opt_ex_type(X509_EXTENSION,a->extensions,
|
||||
M_ASN1_I2D_put_SEQUENCE_opt_type(X509_EXTENSION,a->extensions,
|
||||
i2d_X509_EXTENSION);
|
||||
|
||||
M_ASN1_I2D_finish();
|
||||
@@ -121,7 +121,7 @@ int i2d_X509_CRL_INFO(X509_CRL_INFO *a, unsigned char **pp)
|
||||
{ M_ASN1_I2D_len(a->nextUpdate,i2d_ASN1_TIME); }
|
||||
M_ASN1_I2D_len_SEQUENCE_opt_type(X509_REVOKED,a->revoked,
|
||||
i2d_X509_REVOKED);
|
||||
M_ASN1_I2D_len_EXP_SEQUENCE_opt_ex_type(X509_EXTENSION,a->extensions,
|
||||
M_ASN1_I2D_len_EXP_SEQUENCE_opt_type(X509_EXTENSION,a->extensions,
|
||||
i2d_X509_EXTENSION,0,
|
||||
V_ASN1_SEQUENCE,v1);
|
||||
|
||||
@@ -138,7 +138,7 @@ int i2d_X509_CRL_INFO(X509_CRL_INFO *a, unsigned char **pp)
|
||||
{ M_ASN1_I2D_put(a->nextUpdate,i2d_ASN1_TIME); }
|
||||
M_ASN1_I2D_put_SEQUENCE_opt_type(X509_REVOKED,a->revoked,
|
||||
i2d_X509_REVOKED);
|
||||
M_ASN1_I2D_put_EXP_SEQUENCE_opt_ex_type(X509_EXTENSION,a->extensions,
|
||||
M_ASN1_I2D_put_EXP_SEQUENCE_opt_type(X509_EXTENSION,a->extensions,
|
||||
i2d_X509_EXTENSION,0,
|
||||
V_ASN1_SEQUENCE,v1);
|
||||
|
||||
@@ -260,7 +260,7 @@ X509_CRL_INFO *X509_CRL_INFO_new(void)
|
||||
M_ASN1_New(ret->lastUpdate,M_ASN1_UTCTIME_new);
|
||||
ret->nextUpdate=NULL;
|
||||
M_ASN1_New(ret->revoked,sk_X509_REVOKED_new_null);
|
||||
ret->extensions = NULL;
|
||||
M_ASN1_New(ret->extensions,sk_X509_EXTENSION_new_null);
|
||||
sk_X509_REVOKED_set_cmp_func(ret->revoked,X509_REVOKED_cmp);
|
||||
return(ret);
|
||||
M_ASN1_New_Error(ASN1_F_X509_CRL_INFO_NEW);
|
||||
|
||||
@@ -141,12 +141,10 @@ static int i2d_X509_NAME_entries(X509_NAME *a)
|
||||
}
|
||||
size+=i2d_X509_NAME_ENTRY(ne,NULL);
|
||||
}
|
||||
|
||||
ret+=ASN1_object_size(1,size,V_ASN1_SET);
|
||||
if (fe != NULL)
|
||||
{
|
||||
/* SET OF needed only if entries is non empty */
|
||||
ret+=ASN1_object_size(1,size,V_ASN1_SET);
|
||||
fe->size=size;
|
||||
}
|
||||
|
||||
r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE);
|
||||
|
||||
|
||||
@@ -156,7 +156,7 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
|
||||
dsa->write_params=0;
|
||||
ASN1_TYPE_free(a->parameter);
|
||||
i=i2d_DSAparams(dsa,NULL);
|
||||
if ((p=(unsigned char *)OPENSSL_malloc(i)) == NULL) goto err;
|
||||
p=(unsigned char *)OPENSSL_malloc(i);
|
||||
pp=p;
|
||||
i2d_DSAparams(dsa,&pp);
|
||||
a->parameter=ASN1_TYPE_new();
|
||||
@@ -234,7 +234,7 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key)
|
||||
a=key->algor;
|
||||
if (ret->type == EVP_PKEY_DSA)
|
||||
{
|
||||
if (a->parameter && (a->parameter->type == V_ASN1_SEQUENCE))
|
||||
if (a->parameter->type == V_ASN1_SEQUENCE)
|
||||
{
|
||||
ret->pkey.dsa->write_params=0;
|
||||
p=a->parameter->value.sequence->data;
|
||||
|
||||
@@ -44,8 +44,7 @@ all: lib
|
||||
|
||||
lib: $(LIBOBJ)
|
||||
$(AR) $(LIB) $(LIBOBJ)
|
||||
@echo You may get an error following this line. Please ignore.
|
||||
- $(RANLIB) $(LIB)
|
||||
$(RANLIB) $(LIB)
|
||||
@touch lib
|
||||
|
||||
# elf
|
||||
|
||||
@@ -27,13 +27,11 @@ LIBSRC= bio_lib.c bio_cb.c bio_err.c \
|
||||
bss_file.c bss_sock.c bss_conn.c \
|
||||
bf_null.c bf_buff.c b_print.c b_dump.c \
|
||||
b_sock.c bss_acpt.c bf_nbio.c bss_log.c bss_bio.c
|
||||
# bf_lbuf.c
|
||||
LIBOBJ= bio_lib.o bio_cb.o bio_err.o \
|
||||
bss_mem.o bss_null.o bss_fd.o \
|
||||
bss_file.o bss_sock.o bss_conn.o \
|
||||
bf_null.o bf_buff.o b_print.o b_dump.o \
|
||||
b_sock.o bss_acpt.o bf_nbio.o bss_log.o bss_bio.o
|
||||
# bf_lbuf.o
|
||||
|
||||
SRC= $(LIBSRC)
|
||||
|
||||
@@ -49,8 +47,7 @@ all: lib
|
||||
|
||||
lib: $(LIBOBJ)
|
||||
$(AR) $(LIB) $(LIBOBJ)
|
||||
@echo You may get an error following this line. Please ignore.
|
||||
- $(RANLIB) $(LIB)
|
||||
$(RANLIB) $(LIB)
|
||||
@touch lib
|
||||
|
||||
files:
|
||||
@@ -96,13 +93,13 @@ b_dump.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
|
||||
b_dump.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
|
||||
b_dump.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
|
||||
b_dump.o: ../cryptlib.h
|
||||
b_print.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
|
||||
b_print.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
|
||||
b_print.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
|
||||
b_print.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
|
||||
b_print.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
|
||||
b_print.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
|
||||
b_print.o: ../../include/openssl/symhacks.h ../cryptlib.h
|
||||
b_print.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
|
||||
b_print.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
|
||||
b_print.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
|
||||
b_print.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
|
||||
b_print.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
|
||||
b_print.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
|
||||
b_print.o: ../cryptlib.h
|
||||
b_sock.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
|
||||
b_sock.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
|
||||
b_sock.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
|
||||
|
||||
@@ -56,13 +56,6 @@
|
||||
* [including the GNU Public Licence.]
|
||||
*/
|
||||
|
||||
/* disable assert() unless BIO_DEBUG has been defined */
|
||||
#ifndef BIO_DEBUG
|
||||
# ifndef NDEBUG
|
||||
# define NDEBUG
|
||||
# endif
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Stolen from tjh's ssl/ssl_trc.c stuff.
|
||||
*/
|
||||
@@ -76,7 +69,6 @@
|
||||
#ifndef NO_SYS_TYPES_H
|
||||
#include <sys/types.h>
|
||||
#endif
|
||||
#include <openssl/bn.h> /* To get BN_LLONG properly defined */
|
||||
#include <openssl/bio.h>
|
||||
|
||||
#ifdef BN_LLONG
|
||||
@@ -109,18 +101,14 @@
|
||||
* o ... (for OpenSSL)
|
||||
*/
|
||||
|
||||
#ifdef HAVE_LONG_DOUBLE
|
||||
#if HAVE_LONG_DOUBLE
|
||||
#define LDOUBLE long double
|
||||
#else
|
||||
#define LDOUBLE double
|
||||
#endif
|
||||
|
||||
#if HAVE_LONG_LONG
|
||||
# if defined(WIN32) && !defined(__GNUC__)
|
||||
# define LLONG _int64
|
||||
# else
|
||||
# define LLONG long long
|
||||
# endif
|
||||
#define LLONG long long
|
||||
#else
|
||||
#define LLONG long
|
||||
#endif
|
||||
@@ -163,7 +151,7 @@ static void _dopr(char **sbuffer, char **buffer,
|
||||
|
||||
/* some handy macros */
|
||||
#define char_to_int(p) (p - '0')
|
||||
#define OSSL_MAX(p,q) ((p >= q) ? p : q)
|
||||
#define MAX(p,q) ((p >= q) ? p : q)
|
||||
|
||||
static void
|
||||
_dopr(
|
||||
@@ -514,13 +502,13 @@ fmtint(
|
||||
convert[place] = 0;
|
||||
|
||||
zpadlen = max - place;
|
||||
spadlen = min - OSSL_MAX(max, place) - (signvalue ? 1 : 0);
|
||||
spadlen = min - MAX(max, place) - (signvalue ? 1 : 0);
|
||||
if (zpadlen < 0)
|
||||
zpadlen = 0;
|
||||
if (spadlen < 0)
|
||||
spadlen = 0;
|
||||
if (flags & DP_F_ZERO) {
|
||||
zpadlen = OSSL_MAX(zpadlen, spadlen);
|
||||
zpadlen = MAX(zpadlen, spadlen);
|
||||
spadlen = 0;
|
||||
}
|
||||
if (flags & DP_F_MINUS)
|
||||
@@ -576,7 +564,7 @@ pow10(int exp)
|
||||
}
|
||||
|
||||
static long
|
||||
roundv(LDOUBLE value)
|
||||
round(LDOUBLE value)
|
||||
{
|
||||
long intpart;
|
||||
intpart = (long) value;
|
||||
@@ -628,7 +616,7 @@ fmtfp(
|
||||
|
||||
/* we "cheat" by converting the fractional part to integer by
|
||||
multiplying by a factor of 10 */
|
||||
fracpart = roundv((pow10(max)) * (ufvalue - intpart));
|
||||
fracpart = round((pow10(max)) * (ufvalue - intpart));
|
||||
|
||||
if (fracpart >= pow10(max)) {
|
||||
intpart++;
|
||||
@@ -652,7 +640,7 @@ fmtfp(
|
||||
(caps ? "0123456789ABCDEF"
|
||||
: "0123456789abcdef")[fracpart % 10];
|
||||
fracpart = (fracpart / 10);
|
||||
} while (fplace < max);
|
||||
} while (fracpart && (fplace < 20));
|
||||
if (fplace == 20)
|
||||
fplace--;
|
||||
fconvert[fplace] = 0;
|
||||
@@ -723,13 +711,12 @@ doapr_outch(
|
||||
if (buffer) {
|
||||
while (*currlen >= *maxlen) {
|
||||
if (*buffer == NULL) {
|
||||
assert(*sbuffer != NULL);
|
||||
if (*maxlen == 0)
|
||||
*maxlen = 1024;
|
||||
*buffer = OPENSSL_malloc(*maxlen);
|
||||
if (*currlen > 0) {
|
||||
assert(*sbuffer != NULL);
|
||||
if (*currlen > 0)
|
||||
memcpy(*buffer, *sbuffer, *currlen);
|
||||
}
|
||||
*sbuffer = NULL;
|
||||
} else {
|
||||
*maxlen += 1024;
|
||||
@@ -769,9 +756,7 @@ int BIO_vprintf (BIO *bio, const char *format, va_list args)
|
||||
{
|
||||
int ret;
|
||||
size_t retlen;
|
||||
char hugebuf[1024*2]; /* Was previously 10k, which is unreasonable
|
||||
in small-stack environments, like threads
|
||||
or DOS programs. */
|
||||
MS_STATIC char hugebuf[1024*10];
|
||||
char *hugebufp = hugebuf;
|
||||
size_t hugebufsize = sizeof(hugebuf);
|
||||
char *dynbuf = NULL;
|
||||
|
||||
@@ -72,9 +72,9 @@
|
||||
#endif
|
||||
|
||||
#ifdef SO_MAXCONN
|
||||
#define MAX_LISTEN SO_MAXCONN
|
||||
#elif defined(SOMAXCONN)
|
||||
#define MAX_LISTEN SOMAXCONN
|
||||
#elif defined(SO_MAXCONN)
|
||||
#define MAX_LISTEN SO_MAXCONN
|
||||
#else
|
||||
#define MAX_LISTEN 32
|
||||
#endif
|
||||
@@ -95,10 +95,8 @@ static struct ghbn_cache_st
|
||||
} ghbn_cache[GHBN_NUM];
|
||||
|
||||
static int get_ip(const char *str,unsigned char *ip);
|
||||
#if 0
|
||||
static void ghbn_free(struct hostent *a);
|
||||
static struct hostent *ghbn_dup(struct hostent *a);
|
||||
#endif
|
||||
int BIO_get_host_ip(const char *str, unsigned char *ip)
|
||||
{
|
||||
int i;
|
||||
@@ -115,8 +113,8 @@ int BIO_get_host_ip(const char *str, unsigned char *ip)
|
||||
|
||||
/* At this point, we have something that is most probably correct
|
||||
in some way, so let's init the socket. */
|
||||
if (BIO_sock_init() != 1)
|
||||
return 0; /* don't generate another error code here */
|
||||
if (!BIO_sock_init())
|
||||
return(0); /* don't generate another error code here */
|
||||
|
||||
/* If the string actually contained an IP address, we need not do
|
||||
anything more */
|
||||
@@ -268,7 +266,6 @@ long BIO_ghbn_ctrl(int cmd, int iarg, char *parg)
|
||||
return(1);
|
||||
}
|
||||
|
||||
#if 0
|
||||
static struct hostent *ghbn_dup(struct hostent *a)
|
||||
{
|
||||
struct hostent *ret;
|
||||
@@ -345,27 +342,21 @@ static void ghbn_free(struct hostent *a)
|
||||
if (a->h_name != NULL) OPENSSL_free(a->h_name);
|
||||
OPENSSL_free(a);
|
||||
}
|
||||
#endif
|
||||
|
||||
struct hostent *BIO_gethostbyname(const char *name)
|
||||
{
|
||||
#if 1
|
||||
/* Caching gethostbyname() results forever is wrong,
|
||||
* so we have to let the true gethostbyname() worry about this */
|
||||
return gethostbyname(name);
|
||||
#else
|
||||
struct hostent *ret;
|
||||
int i,lowi=0,j;
|
||||
unsigned long low= (unsigned long)-1;
|
||||
|
||||
/* return(gethostbyname(name)); */
|
||||
|
||||
# if 0
|
||||
/* It doesn't make sense to use locking here: The function interface
|
||||
* is not thread-safe, because threads can never be sure when
|
||||
* some other thread destroys the data they were given a pointer to.
|
||||
*/
|
||||
#if 0 /* It doesn't make sense to use locking here: The function interface
|
||||
* is not thread-safe, because threads can never be sure when
|
||||
* some other thread destroys the data they were given a pointer to.
|
||||
*/
|
||||
CRYPTO_w_lock(CRYPTO_LOCK_GETHOSTBYNAME);
|
||||
# endif
|
||||
#endif
|
||||
j=strlen(name);
|
||||
if (j < 128)
|
||||
{
|
||||
@@ -393,21 +384,20 @@ struct hostent *BIO_gethostbyname(const char *name)
|
||||
* parameter is 'char *', instead of 'const char *'
|
||||
*/
|
||||
ret=gethostbyname(
|
||||
# ifndef CONST_STRICT
|
||||
#ifndef CONST_STRICT
|
||||
(char *)
|
||||
# endif
|
||||
#endif
|
||||
name);
|
||||
|
||||
if (ret == NULL)
|
||||
goto end;
|
||||
if (j > 128) /* too big to cache */
|
||||
{
|
||||
# if 0
|
||||
/* If we were trying to make this function thread-safe (which
|
||||
* is bound to fail), we'd have to give up in this case
|
||||
* (or allocate more memory). */
|
||||
#if 0 /* If we were trying to make this function thread-safe (which
|
||||
* is bound to fail), we'd have to give up in this case
|
||||
* (or allocate more memory). */
|
||||
ret = NULL;
|
||||
# endif
|
||||
#endif
|
||||
goto end;
|
||||
}
|
||||
|
||||
@@ -431,14 +421,12 @@ struct hostent *BIO_gethostbyname(const char *name)
|
||||
ghbn_cache[i].order=BIO_ghbn_miss+BIO_ghbn_hits;
|
||||
}
|
||||
end:
|
||||
# if 0
|
||||
#if 0
|
||||
CRYPTO_w_unlock(CRYPTO_LOCK_GETHOSTBYNAME);
|
||||
# endif
|
||||
return(ret);
|
||||
#endif
|
||||
return(ret);
|
||||
}
|
||||
|
||||
|
||||
int BIO_sock_init(void)
|
||||
{
|
||||
#ifdef WINDOWS
|
||||
@@ -531,15 +519,15 @@ int BIO_get_accept_socket(char *host, int bind_mode)
|
||||
{
|
||||
int ret=0;
|
||||
struct sockaddr_in server,client;
|
||||
int s=INVALID_SOCKET,cs;
|
||||
int s= -1,cs;
|
||||
unsigned char ip[4];
|
||||
unsigned short port;
|
||||
char *str=NULL,*e;
|
||||
char *str,*e;
|
||||
const char *h,*p;
|
||||
unsigned long l;
|
||||
int err_num;
|
||||
|
||||
if (BIO_sock_init() != 1) return(INVALID_SOCKET);
|
||||
if (!BIO_sock_init()) return(INVALID_SOCKET);
|
||||
|
||||
if ((str=BUF_strdup(host)) == NULL) return(INVALID_SOCKET);
|
||||
|
||||
@@ -565,7 +553,7 @@ int BIO_get_accept_socket(char *host, int bind_mode)
|
||||
h="*";
|
||||
}
|
||||
|
||||
if (!BIO_get_port(p,&port)) goto err;
|
||||
if (!BIO_get_port(p,&port)) return(INVALID_SOCKET);
|
||||
|
||||
memset((char *)&server,0,sizeof(server));
|
||||
server.sin_family=AF_INET;
|
||||
@@ -575,7 +563,7 @@ int BIO_get_accept_socket(char *host, int bind_mode)
|
||||
server.sin_addr.s_addr=INADDR_ANY;
|
||||
else
|
||||
{
|
||||
if (!BIO_get_host_ip(h,&(ip[0]))) goto err;
|
||||
if (!BIO_get_host_ip(h,&(ip[0]))) return(INVALID_SOCKET);
|
||||
l=(unsigned long)
|
||||
((unsigned long)ip[0]<<24L)|
|
||||
((unsigned long)ip[1]<<16L)|
|
||||
|
||||
@@ -70,7 +70,7 @@ static long buffer_ctrl(BIO *h, int cmd, long arg1, void *arg2);
|
||||
static int buffer_new(BIO *h);
|
||||
static int buffer_free(BIO *data);
|
||||
static long buffer_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
|
||||
#define DEFAULT_BUFFER_SIZE 4096
|
||||
#define DEFAULT_BUFFER_SIZE 1024
|
||||
|
||||
static BIO_METHOD methods_buffer=
|
||||
{
|
||||
|
||||
@@ -1,397 +0,0 @@
|
||||
/* crypto/bio/bf_buff.c */
|
||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||
* All rights reserved.
|
||||
*
|
||||
* This package is an SSL implementation written
|
||||
* by Eric Young (eay@cryptsoft.com).
|
||||
* The implementation was written so as to conform with Netscapes SSL.
|
||||
*
|
||||
* This library is free for commercial and non-commercial use as long as
|
||||
* the following conditions are aheared to. The following conditions
|
||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||
* included with this distribution is covered by the same copyright terms
|
||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||
*
|
||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||
* the code are not to be removed.
|
||||
* If this package is used in a product, Eric Young should be given attribution
|
||||
* as the author of the parts of the library used.
|
||||
* This can be in the form of a textual message at program startup or
|
||||
* in documentation (online or textual) provided with the package.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
* 1. Redistributions of source code must retain the copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
* 3. All advertising materials mentioning features or use of this software
|
||||
* must display the following acknowledgement:
|
||||
* "This product includes cryptographic software written by
|
||||
* Eric Young (eay@cryptsoft.com)"
|
||||
* The word 'cryptographic' can be left out if the rouines from the library
|
||||
* being used are not cryptographic related :-).
|
||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||
* the apps directory (application code) you must include an acknowledgement:
|
||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* The licence and distribution terms for any publically available version or
|
||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||
* copied and put under another distribution licence
|
||||
* [including the GNU Public Licence.]
|
||||
*/
|
||||
|
||||
#include <stdio.h>
|
||||
#include <errno.h>
|
||||
#include "cryptlib.h"
|
||||
#include <openssl/bio.h>
|
||||
#include <openssl/evp.h>
|
||||
|
||||
static int linebuffer_write(BIO *h, const char *buf,int num);
|
||||
static int linebuffer_read(BIO *h, char *buf, int size);
|
||||
static int linebuffer_puts(BIO *h, const char *str);
|
||||
static int linebuffer_gets(BIO *h, char *str, int size);
|
||||
static long linebuffer_ctrl(BIO *h, int cmd, long arg1, void *arg2);
|
||||
static int linebuffer_new(BIO *h);
|
||||
static int linebuffer_free(BIO *data);
|
||||
static long linebuffer_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
|
||||
|
||||
/* A 10k maximum should be enough for most purposes */
|
||||
#define DEFAULT_LINEBUFFER_SIZE 1024*10
|
||||
|
||||
/* #define DEBUG */
|
||||
|
||||
static BIO_METHOD methods_linebuffer=
|
||||
{
|
||||
BIO_TYPE_LINEBUFFER,
|
||||
"linebuffer",
|
||||
linebuffer_write,
|
||||
linebuffer_read,
|
||||
linebuffer_puts,
|
||||
linebuffer_gets,
|
||||
linebuffer_ctrl,
|
||||
linebuffer_new,
|
||||
linebuffer_free,
|
||||
linebuffer_callback_ctrl,
|
||||
};
|
||||
|
||||
BIO_METHOD *BIO_f_linebuffer(void)
|
||||
{
|
||||
return(&methods_linebuffer);
|
||||
}
|
||||
|
||||
typedef struct bio_linebuffer_ctx_struct
|
||||
{
|
||||
char *obuf; /* the output char array */
|
||||
int obuf_size; /* how big is the output buffer */
|
||||
int obuf_len; /* how many bytes are in it */
|
||||
} BIO_LINEBUFFER_CTX;
|
||||
|
||||
static int linebuffer_new(BIO *bi)
|
||||
{
|
||||
BIO_LINEBUFFER_CTX *ctx;
|
||||
|
||||
ctx=(BIO_LINEBUFFER_CTX *)OPENSSL_malloc(sizeof(BIO_LINEBUFFER_CTX));
|
||||
if (ctx == NULL) return(0);
|
||||
ctx->obuf=(char *)OPENSSL_malloc(DEFAULT_LINEBUFFER_SIZE);
|
||||
if (ctx->obuf == NULL) { OPENSSL_free(ctx); return(0); }
|
||||
ctx->obuf_size=DEFAULT_LINEBUFFER_SIZE;
|
||||
ctx->obuf_len=0;
|
||||
|
||||
bi->init=1;
|
||||
bi->ptr=(char *)ctx;
|
||||
bi->flags=0;
|
||||
return(1);
|
||||
}
|
||||
|
||||
static int linebuffer_free(BIO *a)
|
||||
{
|
||||
BIO_LINEBUFFER_CTX *b;
|
||||
|
||||
if (a == NULL) return(0);
|
||||
b=(BIO_LINEBUFFER_CTX *)a->ptr;
|
||||
if (b->obuf != NULL) OPENSSL_free(b->obuf);
|
||||
OPENSSL_free(a->ptr);
|
||||
a->ptr=NULL;
|
||||
a->init=0;
|
||||
a->flags=0;
|
||||
return(1);
|
||||
}
|
||||
|
||||
static int linebuffer_read(BIO *b, char *out, int outl)
|
||||
{
|
||||
int ret=0;
|
||||
|
||||
if (out == NULL) return(0);
|
||||
if (b->next_bio == NULL) return(0);
|
||||
ret=BIO_read(b->next_bio,out,outl);
|
||||
BIO_clear_retry_flags(b);
|
||||
BIO_copy_next_retry(b);
|
||||
return(ret);
|
||||
}
|
||||
|
||||
static int linebuffer_write(BIO *b, const char *in, int inl)
|
||||
{
|
||||
int i,num=0,foundnl;
|
||||
BIO_LINEBUFFER_CTX *ctx;
|
||||
|
||||
if ((in == NULL) || (inl <= 0)) return(0);
|
||||
ctx=(BIO_LINEBUFFER_CTX *)b->ptr;
|
||||
if ((ctx == NULL) || (b->next_bio == NULL)) return(0);
|
||||
|
||||
BIO_clear_retry_flags(b);
|
||||
|
||||
do
|
||||
{
|
||||
const char *p;
|
||||
|
||||
for(p = in; p < in + inl && *p != '\n'; p++)
|
||||
;
|
||||
if (*p == '\n')
|
||||
{
|
||||
p++;
|
||||
foundnl = 1;
|
||||
}
|
||||
else
|
||||
foundnl = 0;
|
||||
|
||||
/* If a NL was found and we already have text in the save
|
||||
buffer, concatenate them and write */
|
||||
while ((foundnl || p - in > ctx->obuf_size - ctx->obuf_len)
|
||||
&& ctx->obuf_len > 0)
|
||||
{
|
||||
int orig_olen = ctx->obuf_len;
|
||||
|
||||
i = ctx->obuf_size - ctx->obuf_len;
|
||||
if (p - in > 0)
|
||||
{
|
||||
if (i >= p - in)
|
||||
{
|
||||
memcpy(&(ctx->obuf[ctx->obuf_len]),
|
||||
in,p - in);
|
||||
ctx->obuf_len += p - in;
|
||||
inl -= p - in;
|
||||
num += p - in;
|
||||
in = p;
|
||||
}
|
||||
else
|
||||
{
|
||||
memcpy(&(ctx->obuf[ctx->obuf_len]),
|
||||
in,i);
|
||||
ctx->obuf_len += i;
|
||||
inl -= i;
|
||||
in += i;
|
||||
num += i;
|
||||
}
|
||||
}
|
||||
|
||||
#if 0
|
||||
BIO_write(b->next_bio, "<*<", 3);
|
||||
#endif
|
||||
i=BIO_write(b->next_bio,
|
||||
ctx->obuf, ctx->obuf_len);
|
||||
if (i <= 0)
|
||||
{
|
||||
ctx->obuf_len = orig_olen;
|
||||
BIO_copy_next_retry(b);
|
||||
|
||||
#if 0
|
||||
BIO_write(b->next_bio, ">*>", 3);
|
||||
#endif
|
||||
if (i < 0) return((num > 0)?num:i);
|
||||
if (i == 0) return(num);
|
||||
}
|
||||
#if 0
|
||||
BIO_write(b->next_bio, ">*>", 3);
|
||||
#endif
|
||||
if (i < ctx->obuf_len)
|
||||
memmove(ctx->obuf, ctx->obuf + i,
|
||||
ctx->obuf_len - i);
|
||||
ctx->obuf_len-=i;
|
||||
}
|
||||
|
||||
/* Now that the save buffer is emptied, let's write the input
|
||||
buffer if a NL was found and there is anything to write. */
|
||||
if ((foundnl || p - in > ctx->obuf_size) && p - in > 0)
|
||||
{
|
||||
#if 0
|
||||
BIO_write(b->next_bio, "<*<", 3);
|
||||
#endif
|
||||
i=BIO_write(b->next_bio,in,p - in);
|
||||
if (i <= 0)
|
||||
{
|
||||
BIO_copy_next_retry(b);
|
||||
#if 0
|
||||
BIO_write(b->next_bio, ">*>", 3);
|
||||
#endif
|
||||
if (i < 0) return((num > 0)?num:i);
|
||||
if (i == 0) return(num);
|
||||
}
|
||||
#if 0
|
||||
BIO_write(b->next_bio, ">*>", 3);
|
||||
#endif
|
||||
num+=i;
|
||||
in+=i;
|
||||
inl-=i;
|
||||
}
|
||||
}
|
||||
while(foundnl && inl > 0);
|
||||
/* We've written as much as we can. The rest of the input buffer, if
|
||||
any, is text that doesn't and with a NL and therefore needs to be
|
||||
saved for the next trip. */
|
||||
if (inl > 0)
|
||||
{
|
||||
memcpy(&(ctx->obuf[ctx->obuf_len]), in, inl);
|
||||
ctx->obuf_len += inl;
|
||||
num += inl;
|
||||
}
|
||||
return num;
|
||||
}
|
||||
|
||||
static long linebuffer_ctrl(BIO *b, int cmd, long num, void *ptr)
|
||||
{
|
||||
BIO *dbio;
|
||||
BIO_LINEBUFFER_CTX *ctx;
|
||||
long ret=1;
|
||||
char *p;
|
||||
int r;
|
||||
int obs;
|
||||
|
||||
ctx=(BIO_LINEBUFFER_CTX *)b->ptr;
|
||||
|
||||
switch (cmd)
|
||||
{
|
||||
case BIO_CTRL_RESET:
|
||||
ctx->obuf_len=0;
|
||||
if (b->next_bio == NULL) return(0);
|
||||
ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
|
||||
break;
|
||||
case BIO_CTRL_INFO:
|
||||
ret=(long)ctx->obuf_len;
|
||||
break;
|
||||
case BIO_CTRL_WPENDING:
|
||||
ret=(long)ctx->obuf_len;
|
||||
if (ret == 0)
|
||||
{
|
||||
if (b->next_bio == NULL) return(0);
|
||||
ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
|
||||
}
|
||||
break;
|
||||
case BIO_C_SET_BUFF_SIZE:
|
||||
obs=(int)num;
|
||||
p=ctx->obuf;
|
||||
if ((obs > DEFAULT_LINEBUFFER_SIZE) && (obs != ctx->obuf_size))
|
||||
{
|
||||
p=(char *)OPENSSL_malloc((int)num);
|
||||
if (p == NULL)
|
||||
goto malloc_error;
|
||||
}
|
||||
if (ctx->obuf != p)
|
||||
{
|
||||
if (ctx->obuf_len > obs)
|
||||
{
|
||||
ctx->obuf_len = obs;
|
||||
}
|
||||
memcpy(p, ctx->obuf, ctx->obuf_len);
|
||||
OPENSSL_free(ctx->obuf);
|
||||
ctx->obuf=p;
|
||||
ctx->obuf_size=obs;
|
||||
}
|
||||
break;
|
||||
case BIO_C_DO_STATE_MACHINE:
|
||||
if (b->next_bio == NULL) return(0);
|
||||
BIO_clear_retry_flags(b);
|
||||
ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
|
||||
BIO_copy_next_retry(b);
|
||||
break;
|
||||
|
||||
case BIO_CTRL_FLUSH:
|
||||
if (b->next_bio == NULL) return(0);
|
||||
if (ctx->obuf_len <= 0)
|
||||
{
|
||||
ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
|
||||
break;
|
||||
}
|
||||
|
||||
for (;;)
|
||||
{
|
||||
BIO_clear_retry_flags(b);
|
||||
if (ctx->obuf_len > 0)
|
||||
{
|
||||
r=BIO_write(b->next_bio,
|
||||
ctx->obuf, ctx->obuf_len);
|
||||
#if 0
|
||||
fprintf(stderr,"FLUSH %3d -> %3d\n",ctx->obuf_len,r);
|
||||
#endif
|
||||
BIO_copy_next_retry(b);
|
||||
if (r <= 0) return((long)r);
|
||||
if (r < ctx->obuf_len)
|
||||
memmove(ctx->obuf, ctx->obuf + r,
|
||||
ctx->obuf_len - r);
|
||||
ctx->obuf_len-=r;
|
||||
}
|
||||
else
|
||||
{
|
||||
ctx->obuf_len=0;
|
||||
ret=1;
|
||||
break;
|
||||
}
|
||||
}
|
||||
ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
|
||||
break;
|
||||
case BIO_CTRL_DUP:
|
||||
dbio=(BIO *)ptr;
|
||||
if ( !BIO_set_write_buffer_size(dbio,ctx->obuf_size))
|
||||
ret=0;
|
||||
break;
|
||||
default:
|
||||
if (b->next_bio == NULL) return(0);
|
||||
ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
|
||||
break;
|
||||
}
|
||||
return(ret);
|
||||
malloc_error:
|
||||
BIOerr(BIO_F_LINEBUFFER_CTRL,ERR_R_MALLOC_FAILURE);
|
||||
return(0);
|
||||
}
|
||||
|
||||
static long linebuffer_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
|
||||
{
|
||||
long ret=1;
|
||||
|
||||
if (b->next_bio == NULL) return(0);
|
||||
switch (cmd)
|
||||
{
|
||||
default:
|
||||
ret=BIO_callback_ctrl(b->next_bio,cmd,fp);
|
||||
break;
|
||||
}
|
||||
return(ret);
|
||||
}
|
||||
|
||||
static int linebuffer_gets(BIO *b, char *buf, int size)
|
||||
{
|
||||
if (b->next_bio == NULL) return(0);
|
||||
return(BIO_gets(b->next_bio,buf,size));
|
||||
}
|
||||
|
||||
static int linebuffer_puts(BIO *b, const char *str)
|
||||
{
|
||||
return(linebuffer_write(b,str,strlen(str)));
|
||||
}
|
||||
|
||||
@@ -104,7 +104,7 @@ static int nbiof_new(BIO *bi)
|
||||
{
|
||||
NBIO_TEST *nt;
|
||||
|
||||
if (!(nt=(NBIO_TEST *)OPENSSL_malloc(sizeof(NBIO_TEST)))) return(0);
|
||||
nt=(NBIO_TEST *)OPENSSL_malloc(sizeof(NBIO_TEST));
|
||||
nt->lrn= -1;
|
||||
nt->lwn= -1;
|
||||
bi->ptr=(char *)nt;
|
||||
|
||||
@@ -91,7 +91,6 @@ extern "C" {
|
||||
#define BIO_TYPE_NULL_FILTER (17|0x0200)
|
||||
#define BIO_TYPE_BER (18|0x0200) /* BER -> bin filter */
|
||||
#define BIO_TYPE_BIO (19|0x0400) /* (half a) BIO pair */
|
||||
#define BIO_TYPE_LINEBUFFER (20|0x0200) /* filter */
|
||||
|
||||
#define BIO_TYPE_DESCRIPTOR 0x0100 /* socket, fd, connect or accept */
|
||||
#define BIO_TYPE_FILTER 0x0200
|
||||
@@ -356,8 +355,8 @@ typedef struct bio_f_buffer_ctx_struct
|
||||
#define BIO_set_conn_int_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,3,(char *)port)
|
||||
#define BIO_get_conn_hostname(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,0)
|
||||
#define BIO_get_conn_port(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,1)
|
||||
#define BIO_get_conn_ip(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,2)
|
||||
#define BIO_get_conn_int_port(b) BIO_int_ctrl(b,BIO_C_GET_CONNECT,3)
|
||||
#define BIO_get_conn_ip(b,ip) BIO_ptr_ctrl(b,BIO_C_SET_CONNECT,2)
|
||||
#define BIO_get_conn_int_port(b,port) BIO_int_ctrl(b,BIO_C_SET_CONNECT,3,port)
|
||||
|
||||
|
||||
#define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL)
|
||||
@@ -431,7 +430,7 @@ int BIO_read_filename(BIO *b,const char *name);
|
||||
#define BIO_set_ssl_renegotiate_bytes(b,num) \
|
||||
BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_BYTES,num,NULL);
|
||||
#define BIO_get_num_renegotiates(b) \
|
||||
BIO_ctrl(b,BIO_C_GET_SSL_NUM_RENEGOTIATES,0,NULL);
|
||||
BIO_ctrl(b,BIO_C_SET_SSL_NUM_RENEGOTIATES,0,NULL);
|
||||
#define BIO_set_ssl_renegotiate_timeout(b,seconds) \
|
||||
BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT,seconds,NULL);
|
||||
|
||||
@@ -475,7 +474,6 @@ size_t BIO_ctrl_wpending(BIO *b);
|
||||
#define BIO_get_write_buf_size(b,size) (size_t)BIO_ctrl(b,BIO_C_GET_WRITE_BUF_SIZE,size,NULL)
|
||||
#define BIO_make_bio_pair(b1,b2) (int)BIO_ctrl(b1,BIO_C_MAKE_BIO_PAIR,0,b2)
|
||||
#define BIO_destroy_bio_pair(b) (int)BIO_ctrl(b,BIO_C_DESTROY_BIO_PAIR,0,NULL)
|
||||
#define BIO_shutdown_wr(b) (int)BIO_ctrl(b, BIO_C_SHUTDOWN_WR, 0, NULL)
|
||||
/* macros with inappropriate type -- but ...pending macros use int too: */
|
||||
#define BIO_get_write_guarantee(b) (int)BIO_ctrl(b,BIO_C_GET_WRITE_GUARANTEE,0,NULL)
|
||||
#define BIO_get_read_request(b) (int)BIO_ctrl(b,BIO_C_GET_READ_REQUEST,0,NULL)
|
||||
@@ -555,9 +553,6 @@ BIO_METHOD *BIO_s_bio(void);
|
||||
BIO_METHOD *BIO_s_null(void);
|
||||
BIO_METHOD *BIO_f_null(void);
|
||||
BIO_METHOD *BIO_f_buffer(void);
|
||||
#ifdef VMS
|
||||
BIO_METHOD *BIO_f_linebuffer(void);
|
||||
#endif
|
||||
BIO_METHOD *BIO_f_nbio_test(void);
|
||||
/* BIO_METHOD *BIO_f_ber(void); */
|
||||
|
||||
@@ -588,6 +583,8 @@ int BIO_sock_init(void );
|
||||
void BIO_sock_cleanup(void);
|
||||
int BIO_set_tcp_ndelay(int sock,int turn_on);
|
||||
|
||||
void ERR_load_BIO_strings(void );
|
||||
|
||||
BIO *BIO_new_socket(int sock, int close_flag);
|
||||
BIO *BIO_new_fd(int fd, int close_flag);
|
||||
BIO *BIO_new_connect(char *host_port);
|
||||
@@ -613,7 +610,6 @@ int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args);
|
||||
/* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||
* made after this point may be overwritten when the script is next run.
|
||||
*/
|
||||
void ERR_load_BIO_strings(void);
|
||||
|
||||
/* Error codes for the BIO functions. */
|
||||
|
||||
@@ -643,7 +639,6 @@ void ERR_load_BIO_strings(void);
|
||||
#define BIO_F_CONN_CTRL 127
|
||||
#define BIO_F_CONN_STATE 115
|
||||
#define BIO_F_FILE_CTRL 116
|
||||
#define BIO_F_LINEBUFFER_CTRL 129
|
||||
#define BIO_F_MEM_READ 128
|
||||
#define BIO_F_MEM_WRITE 117
|
||||
#define BIO_F_SSL_NEW 118
|
||||
@@ -683,3 +678,4 @@ void ERR_load_BIO_strings(void);
|
||||
}
|
||||
#endif
|
||||
#endif
|
||||
|
||||
|
||||
@@ -91,7 +91,6 @@ static ERR_STRING_DATA BIO_str_functs[]=
|
||||
{ERR_PACK(0,BIO_F_CONN_CTRL,0), "CONN_CTRL"},
|
||||
{ERR_PACK(0,BIO_F_CONN_STATE,0), "CONN_STATE"},
|
||||
{ERR_PACK(0,BIO_F_FILE_CTRL,0), "FILE_CTRL"},
|
||||
{ERR_PACK(0,BIO_F_LINEBUFFER_CTRL,0), "LINEBUFFER_CTRL"},
|
||||
{ERR_PACK(0,BIO_F_MEM_READ,0), "MEM_READ"},
|
||||
{ERR_PACK(0,BIO_F_MEM_WRITE,0), "MEM_WRITE"},
|
||||
{ERR_PACK(0,BIO_F_SSL_NEW,0), "SSL_new"},
|
||||
|
||||
@@ -7,18 +7,9 @@
|
||||
* for which no specific BIO method is available.
|
||||
* See ssl/ssltest.c for some hints on how this can be used. */
|
||||
|
||||
/* BIO_DEBUG implies BIO_PAIR_DEBUG */
|
||||
#ifdef BIO_DEBUG
|
||||
# ifndef BIO_PAIR_DEBUG
|
||||
# define BIO_PAIR_DEBUG
|
||||
# endif
|
||||
#endif
|
||||
|
||||
/* disable assert() unless BIO_PAIR_DEBUG has been defined */
|
||||
#ifndef BIO_PAIR_DEBUG
|
||||
# ifndef NDEBUG
|
||||
# define NDEBUG
|
||||
# endif
|
||||
# undef NDEBUG /* avoid conflicting definitions */
|
||||
# define NDEBUG
|
||||
#endif
|
||||
|
||||
#include <assert.h>
|
||||
@@ -32,12 +23,7 @@
|
||||
#include <openssl/crypto.h>
|
||||
|
||||
#include "openssl/e_os.h"
|
||||
|
||||
/* VxWorks defines SSiZE_MAX with an empty value causing compile errors */
|
||||
#if defined(VXWORKS)
|
||||
# undef SSIZE_MAX
|
||||
# define SSIZE_MAX INT_MAX
|
||||
#elif !defined(SSIZE_MAX)
|
||||
#ifndef SSIZE_MAX
|
||||
# define SSIZE_MAX INT_MAX
|
||||
#endif
|
||||
|
||||
@@ -488,8 +474,7 @@ static long bio_ctrl(BIO *bio, int cmd, long num, void *ptr)
|
||||
break;
|
||||
|
||||
case BIO_C_GET_WRITE_BUF_SIZE:
|
||||
ret = (long) b->size;
|
||||
break;
|
||||
num = (long) b->size;
|
||||
|
||||
case BIO_C_MAKE_BIO_PAIR:
|
||||
{
|
||||
|
||||
@@ -236,7 +236,7 @@ static int conn_state(BIO *b, BIO_CONNECT *c)
|
||||
}
|
||||
c->state=BIO_CONN_S_CONNECT;
|
||||
|
||||
#if defined(SO_KEEPALIVE) && !defined(MPE)
|
||||
#ifdef SO_KEEPALIVE
|
||||
i=1;
|
||||
i=setsockopt(b->num,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
|
||||
if (i < 0)
|
||||
|
||||
@@ -75,7 +75,7 @@
|
||||
# include <starlet.h>
|
||||
#elif defined(__ultrix)
|
||||
# include <sys/syslog.h>
|
||||
#elif !defined(MSDOS) && !defined(VXWORKS) /* Unix */
|
||||
#elif !defined(MSDOS) /* Unix */
|
||||
# include <syslog.h>
|
||||
#endif
|
||||
|
||||
|
||||
@@ -68,8 +68,7 @@ bnbug: bnbug.c ../../libcrypto.a top
|
||||
|
||||
lib: $(LIBOBJ)
|
||||
$(AR) $(LIB) $(LIBOBJ)
|
||||
@echo You may get an error following this line. Please ignore.
|
||||
- $(RANLIB) $(LIB)
|
||||
$(RANLIB) $(LIB)
|
||||
@touch lib
|
||||
|
||||
# elf
|
||||
@@ -124,8 +123,6 @@ asm/sparcv8plus-gcc27.o: asm/sparcv8plus.S
|
||||
$(CC) $(ASFLAGS) -E asm/sparcv8plus.S | \
|
||||
/usr/ccs/bin/as -xarch=v8plus - -o asm/sparcv8plus-gcc27.o
|
||||
|
||||
asm/ia64.o: asm/ia64.S
|
||||
|
||||
files:
|
||||
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
|
||||
|
||||
|
||||
@@ -15,9 +15,9 @@ On the 2 alpha C compilers I had access to, it was not possible to do
|
||||
were 64 bits). So the hand assember gives access to the 128 bit result and
|
||||
a 2 times speedup :-).
|
||||
|
||||
There are 3 versions of assember for the HP PA-RISC.
|
||||
|
||||
pa-risc.s is the origional one which works fine and generated using gcc :-)
|
||||
|
||||
pa-risc2W.s and pa-risc2.s are 64 and 32-bit PA-RISC 2.0 implementations
|
||||
by Chris Ruemmler from HP (with some help from the HP C compiler).
|
||||
There are 2 versions of assember for the HP PA-RISC.
|
||||
pa-risc.s is the origional one which works fine.
|
||||
pa-risc2.s is a new version that often generates warnings but if the
|
||||
tests pass, it gives performance that is over 2 times faster than
|
||||
pa-risc.s.
|
||||
Both were generated using gcc :-)
|
||||
|
||||
1498
crypto/bn/asm/ia64.S
1498
crypto/bn/asm/ia64.S
File diff suppressed because it is too large
Load Diff
@@ -1,5 +1,5 @@
|
||||
.rdata
|
||||
.asciiz "mips3.s, Version 1.1"
|
||||
.asciiz "mips3.s, Version 1.0"
|
||||
.asciiz "MIPS III/IV ISA artwork by Andy Polyakov <appro@fy.chalmers.se>"
|
||||
|
||||
/*
|
||||
@@ -586,13 +586,13 @@ LEAF(bn_div_3_words)
|
||||
ld a0,(a3)
|
||||
move ta2,a1
|
||||
ld a1,-8(a3)
|
||||
bne a0,a2,.L_bn_div_3_words_proceed
|
||||
li v0,-1
|
||||
jr ra
|
||||
.L_bn_div_3_words_proceed:
|
||||
move ta3,ra
|
||||
move v1,zero
|
||||
li v0,-1
|
||||
beq a0,a2,.L_bn_div_3_words_skip_div
|
||||
bal bn_div_words
|
||||
move ra,ta3
|
||||
.L_bn_div_3_words_skip_div:
|
||||
dmultu ta2,v0
|
||||
ld t2,-16(a3)
|
||||
move ta0,zero
|
||||
@@ -849,7 +849,6 @@ LEAF(bn_mul_comba8)
|
||||
sltu AT,c_1,t_1
|
||||
daddu t_2,AT
|
||||
daddu c_2,t_2
|
||||
sltu c_3,c_2,t_2
|
||||
dmultu a_1,b_2 /* mul_add_c(a[1],b[2],c1,c2,c3); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
@@ -857,8 +856,7 @@ LEAF(bn_mul_comba8)
|
||||
sltu AT,c_1,t_1
|
||||
daddu t_2,AT
|
||||
daddu c_2,t_2
|
||||
sltu AT,c_2,t_2
|
||||
daddu c_3,AT
|
||||
sltu c_3,c_2,t_2
|
||||
dmultu a_2,b_1 /* mul_add_c(a[2],b[1],c1,c2,c3); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
@@ -886,7 +884,6 @@ LEAF(bn_mul_comba8)
|
||||
sltu AT,c_2,t_1
|
||||
daddu t_2,AT
|
||||
daddu c_3,t_2
|
||||
sltu c_1,c_3,t_2
|
||||
dmultu a_3,b_1 /* mul_add_c(a[3],b[1],c2,c3,c1); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
@@ -894,8 +891,7 @@ LEAF(bn_mul_comba8)
|
||||
sltu AT,c_2,t_1
|
||||
daddu t_2,AT
|
||||
daddu c_3,t_2
|
||||
sltu AT,c_3,t_2
|
||||
daddu c_1,AT
|
||||
sltu c_1,c_3,t_2
|
||||
dmultu a_2,b_2 /* mul_add_c(a[2],b[2],c2,c3,c1); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
@@ -932,7 +928,6 @@ LEAF(bn_mul_comba8)
|
||||
sltu AT,c_3,t_1
|
||||
daddu t_2,AT
|
||||
daddu c_1,t_2
|
||||
sltu c_2,c_1,t_2
|
||||
dmultu a_1,b_4 /* mul_add_c(a[1],b[4],c3,c1,c2); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
@@ -940,8 +935,7 @@ LEAF(bn_mul_comba8)
|
||||
sltu AT,c_3,t_1
|
||||
daddu t_2,AT
|
||||
daddu c_1,t_2
|
||||
sltu AT,c_1,t_2
|
||||
daddu c_2,AT
|
||||
sltu c_2,c_1,t_2
|
||||
dmultu a_2,b_3 /* mul_add_c(a[2],b[3],c3,c1,c2); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
@@ -987,7 +981,6 @@ LEAF(bn_mul_comba8)
|
||||
sltu AT,c_1,t_1
|
||||
daddu t_2,AT
|
||||
daddu c_2,t_2
|
||||
sltu c_3,c_2,t_2
|
||||
dmultu a_5,b_1 /* mul_add_c(a[5],b[1],c1,c2,c3); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
@@ -995,8 +988,7 @@ LEAF(bn_mul_comba8)
|
||||
sltu AT,c_1,t_1
|
||||
daddu t_2,AT
|
||||
daddu c_2,t_2
|
||||
sltu AT,c_2,t_2
|
||||
daddu c_3,AT
|
||||
sltu c_3,c_2,t_2
|
||||
dmultu a_4,b_2 /* mul_add_c(a[4],b[2],c1,c2,c3); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
@@ -1051,7 +1043,6 @@ LEAF(bn_mul_comba8)
|
||||
sltu AT,c_2,t_1
|
||||
daddu t_2,AT
|
||||
daddu c_3,t_2
|
||||
sltu c_1,c_3,t_2
|
||||
dmultu a_1,b_6 /* mul_add_c(a[1],b[6],c2,c3,c1); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
@@ -1059,8 +1050,7 @@ LEAF(bn_mul_comba8)
|
||||
sltu AT,c_2,t_1
|
||||
daddu t_2,AT
|
||||
daddu c_3,t_2
|
||||
sltu AT,c_3,t_2
|
||||
daddu c_1,AT
|
||||
sltu c_1,c_3,t_2
|
||||
dmultu a_2,b_5 /* mul_add_c(a[2],b[5],c2,c3,c1); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
@@ -1124,7 +1114,6 @@ LEAF(bn_mul_comba8)
|
||||
sltu AT,c_3,t_1
|
||||
daddu t_2,AT
|
||||
daddu c_1,t_2
|
||||
sltu c_2,c_1,t_2
|
||||
dmultu a_6,b_2 /* mul_add_c(a[6],b[2],c3,c1,c2); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
@@ -1132,8 +1121,7 @@ LEAF(bn_mul_comba8)
|
||||
sltu AT,c_3,t_1
|
||||
daddu t_2,AT
|
||||
daddu c_1,t_2
|
||||
sltu AT,c_1,t_2
|
||||
daddu c_2,AT
|
||||
sltu c_2,c_1,t_2
|
||||
dmultu a_5,b_3 /* mul_add_c(a[5],b[3],c3,c1,c2); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
@@ -1188,7 +1176,6 @@ LEAF(bn_mul_comba8)
|
||||
sltu AT,c_1,t_1
|
||||
daddu t_2,AT
|
||||
daddu c_2,t_2
|
||||
sltu c_3,c_2,t_2
|
||||
dmultu a_3,b_6 /* mul_add_c(a[3],b[6],c1,c2,c3); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
@@ -1196,8 +1183,7 @@ LEAF(bn_mul_comba8)
|
||||
sltu AT,c_1,t_1
|
||||
daddu t_2,AT
|
||||
daddu c_2,t_2
|
||||
sltu AT,c_2,t_2
|
||||
daddu c_3,AT
|
||||
sltu c_3,c_2,t_2
|
||||
dmultu a_4,b_5 /* mul_add_c(a[4],b[5],c1,c2,c3); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
@@ -1243,7 +1229,6 @@ LEAF(bn_mul_comba8)
|
||||
sltu AT,c_2,t_1
|
||||
daddu t_2,AT
|
||||
daddu c_3,t_2
|
||||
sltu c_1,c_3,t_2
|
||||
dmultu a_6,b_4 /* mul_add_c(a[6],b[4],c2,c3,c1); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
@@ -1251,8 +1236,7 @@ LEAF(bn_mul_comba8)
|
||||
sltu AT,c_2,t_1
|
||||
daddu t_2,AT
|
||||
daddu c_3,t_2
|
||||
sltu AT,c_3,t_2
|
||||
daddu c_1,AT
|
||||
sltu c_1,c_3,t_2
|
||||
dmultu a_5,b_5 /* mul_add_c(a[5],b[5],c2,c3,c1); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
@@ -1289,7 +1273,6 @@ LEAF(bn_mul_comba8)
|
||||
sltu AT,c_3,t_1
|
||||
daddu t_2,AT
|
||||
daddu c_1,t_2
|
||||
sltu c_2,c_1,t_2
|
||||
dmultu a_5,b_6 /* mul_add_c(a[5],b[6],c3,c1,c2); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
@@ -1297,8 +1280,7 @@ LEAF(bn_mul_comba8)
|
||||
sltu AT,c_3,t_1
|
||||
daddu t_2,AT
|
||||
daddu c_1,t_2
|
||||
sltu AT,c_1,t_2
|
||||
daddu c_2,AT
|
||||
sltu c_2,c_1,t_2
|
||||
dmultu a_6,b_5 /* mul_add_c(a[6],b[5],c3,c1,c2); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
@@ -1326,7 +1308,6 @@ LEAF(bn_mul_comba8)
|
||||
sltu AT,c_1,t_1
|
||||
daddu t_2,AT
|
||||
daddu c_2,t_2
|
||||
sltu c_3,c_2,t_2
|
||||
dmultu a_6,b_6 /* mul_add_c(a[6],b[6],c1,c2,c3); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
@@ -1334,8 +1315,7 @@ LEAF(bn_mul_comba8)
|
||||
sltu AT,c_1,t_1
|
||||
daddu t_2,AT
|
||||
daddu c_2,t_2
|
||||
sltu AT,c_2,t_2
|
||||
daddu c_3,AT
|
||||
sltu c_3,c_2,t_2
|
||||
dmultu a_5,b_7 /* mul_add_c(a[5],b[7],c1,c2,c3); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
@@ -1354,7 +1334,6 @@ LEAF(bn_mul_comba8)
|
||||
sltu AT,c_2,t_1
|
||||
daddu t_2,AT
|
||||
daddu c_3,t_2
|
||||
sltu c_1,c_3,t_2
|
||||
dmultu a_7,b_6 /* mul_add_c(a[7],b[6],c2,c3,c1); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
@@ -1362,8 +1341,7 @@ LEAF(bn_mul_comba8)
|
||||
sltu AT,c_2,t_1
|
||||
daddu t_2,AT
|
||||
daddu c_3,t_2
|
||||
sltu AT,c_3,t_2
|
||||
daddu c_1,AT
|
||||
sltu c_1,c_3,t_2
|
||||
sd c_2,104(a0) /* r[13]=c2; */
|
||||
|
||||
dmultu a_7,b_7 /* mul_add_c(a[7],b[7],c3,c1,c2); */
|
||||
@@ -1452,7 +1430,6 @@ LEAF(bn_mul_comba4)
|
||||
sltu AT,c_1,t_1
|
||||
daddu t_2,AT
|
||||
daddu c_2,t_2
|
||||
sltu c_3,c_2,t_2
|
||||
dmultu a_1,b_2 /* mul_add_c(a[1],b[2],c1,c2,c3); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
@@ -1460,8 +1437,7 @@ LEAF(bn_mul_comba4)
|
||||
sltu AT,c_1,t_1
|
||||
daddu t_2,AT
|
||||
daddu c_2,t_2
|
||||
sltu AT,c_2,t_2
|
||||
daddu c_3,AT
|
||||
sltu c_3,c_2,t_2
|
||||
dmultu a_2,b_1 /* mul_add_c(a[2],b[1],c1,c2,c3); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
@@ -1489,7 +1465,6 @@ LEAF(bn_mul_comba4)
|
||||
sltu AT,c_2,t_1
|
||||
daddu t_2,AT
|
||||
daddu c_3,t_2
|
||||
sltu c_1,c_3,t_2
|
||||
dmultu a_2,b_2 /* mul_add_c(a[2],b[2],c2,c3,c1); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
@@ -1497,8 +1472,7 @@ LEAF(bn_mul_comba4)
|
||||
sltu AT,c_2,t_1
|
||||
daddu t_2,AT
|
||||
daddu c_3,t_2
|
||||
sltu AT,c_3,t_2
|
||||
daddu c_1,AT
|
||||
sltu c_1,c_3,t_2
|
||||
dmultu a_1,b_3 /* mul_add_c(a[1],b[3],c2,c3,c1); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
@@ -1517,7 +1491,6 @@ LEAF(bn_mul_comba4)
|
||||
sltu AT,c_3,t_1
|
||||
daddu t_2,AT
|
||||
daddu c_1,t_2
|
||||
sltu c_2,c_1,t_2
|
||||
dmultu a_3,b_2 /* mul_add_c(a[3],b[2],c3,c1,c2); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
@@ -1525,8 +1498,7 @@ LEAF(bn_mul_comba4)
|
||||
sltu AT,c_3,t_1
|
||||
daddu t_2,AT
|
||||
daddu c_1,t_2
|
||||
sltu AT,c_1,t_2
|
||||
daddu c_2,AT
|
||||
sltu c_2,c_1,t_2
|
||||
sd c_3,40(a0)
|
||||
|
||||
dmultu a_3,b_3 /* mul_add_c(a[3],b[3],c1,c2,c3); */
|
||||
@@ -1571,30 +1543,28 @@ LEAF(bn_sqr_comba8)
|
||||
dmultu a_0,a_1 /* mul_add_c2(a[0],b[1],c2,c3,c1); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
slt c_1,t_2,zero
|
||||
dsll t_2,1
|
||||
slt a2,t_1,zero
|
||||
daddu t_2,a2
|
||||
dsll t_1,1
|
||||
daddu c_2,t_1
|
||||
sltu AT,c_2,t_1
|
||||
daddu c_3,t_2,AT
|
||||
daddu c_2,t_1
|
||||
sltu AT,c_2,t_1
|
||||
daddu t_2,AT
|
||||
daddu c_3,t_2
|
||||
sltu c_1,c_3,t_2
|
||||
sd c_2,8(a0)
|
||||
|
||||
dmultu a_2,a_0 /* mul_add_c2(a[2],b[0],c3,c1,c2); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
slt c_2,t_2,zero
|
||||
dsll t_2,1
|
||||
slt a2,t_1,zero
|
||||
daddu t_2,a2
|
||||
dsll t_1,1
|
||||
daddu c_3,t_1
|
||||
sltu AT,c_3,t_1
|
||||
daddu a2,t_2,AT
|
||||
daddu c_1,a2
|
||||
daddu c_3,t_1
|
||||
sltu AT,c_3,t_1
|
||||
daddu t_2,AT
|
||||
daddu c_1,t_2
|
||||
sltu AT,c_1,t_2
|
||||
daddu c_2,AT
|
||||
sltu c_2,c_1,t_2
|
||||
dmultu a_1,a_1 /* mul_add_c(a[1],b[1],c3,c1,c2); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
@@ -1609,26 +1579,24 @@ LEAF(bn_sqr_comba8)
|
||||
dmultu a_0,a_3 /* mul_add_c2(a[0],b[3],c1,c2,c3); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
slt c_3,t_2,zero
|
||||
dsll t_2,1
|
||||
slt a2,t_1,zero
|
||||
daddu t_2,a2
|
||||
dsll t_1,1
|
||||
daddu c_1,t_1
|
||||
sltu AT,c_1,t_1
|
||||
daddu a2,t_2,AT
|
||||
daddu c_2,a2
|
||||
daddu c_1,t_1
|
||||
sltu AT,c_1,t_1
|
||||
daddu t_2,AT
|
||||
daddu c_2,t_2
|
||||
sltu AT,c_2,t_2
|
||||
daddu c_3,AT
|
||||
sltu c_3,c_2,t_2
|
||||
dmultu a_1,a_2 /* mul_add_c2(a[1],b[2],c1,c2,c3); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
slt AT,t_2,zero
|
||||
daddu c_1,t_1
|
||||
sltu AT,c_1,t_1
|
||||
daddu a2,t_2,AT
|
||||
daddu c_2,a2
|
||||
sltu AT,c_2,a2
|
||||
daddu c_3,AT
|
||||
dsll t_2,1
|
||||
slt a2,t_1,zero
|
||||
daddu t_2,a2
|
||||
dsll t_1,1
|
||||
daddu c_1,t_1
|
||||
sltu AT,c_1,t_1
|
||||
daddu t_2,AT
|
||||
@@ -1640,26 +1608,24 @@ LEAF(bn_sqr_comba8)
|
||||
dmultu a_4,a_0 /* mul_add_c2(a[4],b[0],c2,c3,c1); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
slt c_1,t_2,zero
|
||||
dsll t_2,1
|
||||
slt a2,t_1,zero
|
||||
daddu t_2,a2
|
||||
dsll t_1,1
|
||||
daddu c_2,t_1
|
||||
sltu AT,c_2,t_1
|
||||
daddu a2,t_2,AT
|
||||
daddu c_3,a2
|
||||
daddu c_2,t_1
|
||||
sltu AT,c_2,t_1
|
||||
daddu t_2,AT
|
||||
daddu c_3,t_2
|
||||
sltu AT,c_3,t_2
|
||||
daddu c_1,AT
|
||||
sltu c_1,c_3,t_2
|
||||
dmultu a_3,a_1 /* mul_add_c2(a[3],b[1],c2,c3,c1); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
slt AT,t_2,zero
|
||||
daddu c_2,t_1
|
||||
sltu AT,c_2,t_1
|
||||
daddu a2,t_2,AT
|
||||
daddu c_3,a2
|
||||
sltu AT,c_3,a2
|
||||
daddu c_1,AT
|
||||
dsll t_2,1
|
||||
slt a2,t_1,zero
|
||||
daddu t_2,a2
|
||||
dsll t_1,1
|
||||
daddu c_2,t_1
|
||||
sltu AT,c_2,t_1
|
||||
daddu t_2,AT
|
||||
@@ -1680,26 +1646,24 @@ LEAF(bn_sqr_comba8)
|
||||
dmultu a_0,a_5 /* mul_add_c2(a[0],b[5],c3,c1,c2); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
slt c_2,t_2,zero
|
||||
dsll t_2,1
|
||||
slt a2,t_1,zero
|
||||
daddu t_2,a2
|
||||
dsll t_1,1
|
||||
daddu c_3,t_1
|
||||
sltu AT,c_3,t_1
|
||||
daddu a2,t_2,AT
|
||||
daddu c_1,a2
|
||||
daddu c_3,t_1
|
||||
sltu AT,c_3,t_1
|
||||
daddu t_2,AT
|
||||
daddu c_1,t_2
|
||||
sltu AT,c_1,t_2
|
||||
daddu c_2,AT
|
||||
sltu c_2,c_1,t_2
|
||||
dmultu a_1,a_4 /* mul_add_c2(a[1],b[4],c3,c1,c2); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
slt AT,t_2,zero
|
||||
daddu c_3,t_1
|
||||
sltu AT,c_3,t_1
|
||||
daddu a2,t_2,AT
|
||||
daddu c_1,a2
|
||||
sltu AT,c_1,a2
|
||||
daddu c_2,AT
|
||||
dsll t_2,1
|
||||
slt a2,t_1,zero
|
||||
daddu t_2,a2
|
||||
dsll t_1,1
|
||||
daddu c_3,t_1
|
||||
sltu AT,c_3,t_1
|
||||
daddu t_2,AT
|
||||
@@ -1709,12 +1673,12 @@ LEAF(bn_sqr_comba8)
|
||||
dmultu a_2,a_3 /* mul_add_c2(a[2],b[3],c3,c1,c2); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
slt AT,t_2,zero
|
||||
daddu c_3,t_1
|
||||
sltu AT,c_3,t_1
|
||||
daddu a2,t_2,AT
|
||||
daddu c_1,a2
|
||||
sltu AT,c_1,a2
|
||||
daddu c_2,AT
|
||||
dsll t_2,1
|
||||
slt a2,t_1,zero
|
||||
daddu t_2,a2
|
||||
dsll t_1,1
|
||||
daddu c_3,t_1
|
||||
sltu AT,c_3,t_1
|
||||
daddu t_2,AT
|
||||
@@ -1726,26 +1690,24 @@ LEAF(bn_sqr_comba8)
|
||||
dmultu a_6,a_0 /* mul_add_c2(a[6],b[0],c1,c2,c3); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
slt c_3,t_2,zero
|
||||
dsll t_2,1
|
||||
slt a2,t_1,zero
|
||||
daddu t_2,a2
|
||||
dsll t_1,1
|
||||
daddu c_1,t_1
|
||||
sltu AT,c_1,t_1
|
||||
daddu a2,t_2,AT
|
||||
daddu c_2,a2
|
||||
daddu c_1,t_1
|
||||
sltu AT,c_1,t_1
|
||||
daddu t_2,AT
|
||||
daddu c_2,t_2
|
||||
sltu AT,c_2,t_2
|
||||
daddu c_3,AT
|
||||
sltu c_3,c_2,t_2
|
||||
dmultu a_5,a_1 /* mul_add_c2(a[5],b[1],c1,c2,c3); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
slt AT,t_2,zero
|
||||
daddu c_1,t_1
|
||||
sltu AT,c_1,t_1
|
||||
daddu a2,t_2,AT
|
||||
daddu c_2,a2
|
||||
sltu AT,c_2,a2
|
||||
daddu c_3,AT
|
||||
dsll t_2,1
|
||||
slt a2,t_1,zero
|
||||
daddu t_2,a2
|
||||
dsll t_1,1
|
||||
daddu c_1,t_1
|
||||
sltu AT,c_1,t_1
|
||||
daddu t_2,AT
|
||||
@@ -1755,12 +1717,12 @@ LEAF(bn_sqr_comba8)
|
||||
dmultu a_4,a_2 /* mul_add_c2(a[4],b[2],c1,c2,c3); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
slt AT,t_2,zero
|
||||
daddu c_1,t_1
|
||||
sltu AT,c_1,t_1
|
||||
daddu a2,t_2,AT
|
||||
daddu c_2,a2
|
||||
sltu AT,c_2,a2
|
||||
daddu c_3,AT
|
||||
dsll t_2,1
|
||||
slt a2,t_1,zero
|
||||
daddu t_2,a2
|
||||
dsll t_1,1
|
||||
daddu c_1,t_1
|
||||
sltu AT,c_1,t_1
|
||||
daddu t_2,AT
|
||||
@@ -1781,26 +1743,24 @@ LEAF(bn_sqr_comba8)
|
||||
dmultu a_0,a_7 /* mul_add_c2(a[0],b[7],c2,c3,c1); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
slt c_1,t_2,zero
|
||||
dsll t_2,1
|
||||
slt a2,t_1,zero
|
||||
daddu t_2,a2
|
||||
dsll t_1,1
|
||||
daddu c_2,t_1
|
||||
sltu AT,c_2,t_1
|
||||
daddu a2,t_2,AT
|
||||
daddu c_3,a2
|
||||
daddu c_2,t_1
|
||||
sltu AT,c_2,t_1
|
||||
daddu t_2,AT
|
||||
daddu c_3,t_2
|
||||
sltu AT,c_3,t_2
|
||||
daddu c_1,AT
|
||||
sltu c_1,c_3,t_2
|
||||
dmultu a_1,a_6 /* mul_add_c2(a[1],b[6],c2,c3,c1); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
slt AT,t_2,zero
|
||||
daddu c_2,t_1
|
||||
sltu AT,c_2,t_1
|
||||
daddu a2,t_2,AT
|
||||
daddu c_3,a2
|
||||
sltu AT,c_3,a2
|
||||
daddu c_1,AT
|
||||
dsll t_2,1
|
||||
slt a2,t_1,zero
|
||||
daddu t_2,a2
|
||||
dsll t_1,1
|
||||
daddu c_2,t_1
|
||||
sltu AT,c_2,t_1
|
||||
daddu t_2,AT
|
||||
@@ -1810,12 +1770,12 @@ LEAF(bn_sqr_comba8)
|
||||
dmultu a_2,a_5 /* mul_add_c2(a[2],b[5],c2,c3,c1); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
slt AT,t_2,zero
|
||||
daddu c_2,t_1
|
||||
sltu AT,c_2,t_1
|
||||
daddu a2,t_2,AT
|
||||
daddu c_3,a2
|
||||
sltu AT,c_3,a2
|
||||
daddu c_1,AT
|
||||
dsll t_2,1
|
||||
slt a2,t_1,zero
|
||||
daddu t_2,a2
|
||||
dsll t_1,1
|
||||
daddu c_2,t_1
|
||||
sltu AT,c_2,t_1
|
||||
daddu t_2,AT
|
||||
@@ -1825,12 +1785,12 @@ LEAF(bn_sqr_comba8)
|
||||
dmultu a_3,a_4 /* mul_add_c2(a[3],b[4],c2,c3,c1); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
slt AT,t_2,zero
|
||||
daddu c_2,t_1
|
||||
sltu AT,c_2,t_1
|
||||
daddu a2,t_2,AT
|
||||
daddu c_3,a2
|
||||
sltu AT,c_3,a2
|
||||
daddu c_1,AT
|
||||
dsll t_2,1
|
||||
slt a2,t_1,zero
|
||||
daddu t_2,a2
|
||||
dsll t_1,1
|
||||
daddu c_2,t_1
|
||||
sltu AT,c_2,t_1
|
||||
daddu t_2,AT
|
||||
@@ -1842,26 +1802,24 @@ LEAF(bn_sqr_comba8)
|
||||
dmultu a_7,a_1 /* mul_add_c2(a[7],b[1],c3,c1,c2); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
slt c_2,t_2,zero
|
||||
dsll t_2,1
|
||||
slt a2,t_1,zero
|
||||
daddu t_2,a2
|
||||
dsll t_1,1
|
||||
daddu c_3,t_1
|
||||
sltu AT,c_3,t_1
|
||||
daddu a2,t_2,AT
|
||||
daddu c_1,a2
|
||||
daddu c_3,t_1
|
||||
sltu AT,c_3,t_1
|
||||
daddu t_2,AT
|
||||
daddu c_1,t_2
|
||||
sltu AT,c_1,t_2
|
||||
daddu c_2,AT
|
||||
sltu c_2,c_1,t_2
|
||||
dmultu a_6,a_2 /* mul_add_c2(a[6],b[2],c3,c1,c2); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
slt AT,t_2,zero
|
||||
daddu c_3,t_1
|
||||
sltu AT,c_3,t_1
|
||||
daddu a2,t_2,AT
|
||||
daddu c_1,a2
|
||||
sltu AT,c_1,a2
|
||||
daddu c_2,AT
|
||||
dsll t_2,1
|
||||
slt a2,t_1,zero
|
||||
daddu t_2,a2
|
||||
dsll t_1,1
|
||||
daddu c_3,t_1
|
||||
sltu AT,c_3,t_1
|
||||
daddu t_2,AT
|
||||
@@ -1871,12 +1829,12 @@ LEAF(bn_sqr_comba8)
|
||||
dmultu a_5,a_3 /* mul_add_c2(a[5],b[3],c3,c1,c2); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
slt AT,t_2,zero
|
||||
daddu c_3,t_1
|
||||
sltu AT,c_3,t_1
|
||||
daddu a2,t_2,AT
|
||||
daddu c_1,a2
|
||||
sltu AT,c_1,a2
|
||||
daddu c_2,AT
|
||||
dsll t_2,1
|
||||
slt a2,t_1,zero
|
||||
daddu t_2,a2
|
||||
dsll t_1,1
|
||||
daddu c_3,t_1
|
||||
sltu AT,c_3,t_1
|
||||
daddu t_2,AT
|
||||
@@ -1897,26 +1855,24 @@ LEAF(bn_sqr_comba8)
|
||||
dmultu a_2,a_7 /* mul_add_c2(a[2],b[7],c1,c2,c3); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
slt c_3,t_2,zero
|
||||
dsll t_2,1
|
||||
slt a2,t_1,zero
|
||||
daddu t_2,a2
|
||||
dsll t_1,1
|
||||
daddu c_1,t_1
|
||||
sltu AT,c_1,t_1
|
||||
daddu a2,t_2,AT
|
||||
daddu c_2,a2
|
||||
daddu c_1,t_1
|
||||
sltu AT,c_1,t_1
|
||||
daddu t_2,AT
|
||||
daddu c_2,t_2
|
||||
sltu AT,c_2,t_2
|
||||
daddu c_3,AT
|
||||
sltu c_3,c_2,t_2
|
||||
dmultu a_3,a_6 /* mul_add_c2(a[3],b[6],c1,c2,c3); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
slt AT,t_2,zero
|
||||
daddu c_1,t_1
|
||||
sltu AT,c_1,t_1
|
||||
daddu a2,t_2,AT
|
||||
daddu c_2,a2
|
||||
sltu AT,c_2,a2
|
||||
daddu c_3,AT
|
||||
dsll t_2,1
|
||||
slt a2,t_1,zero
|
||||
daddu t_2,a2
|
||||
dsll t_1,1
|
||||
daddu c_1,t_1
|
||||
sltu AT,c_1,t_1
|
||||
daddu t_2,AT
|
||||
@@ -1926,12 +1882,12 @@ LEAF(bn_sqr_comba8)
|
||||
dmultu a_4,a_5 /* mul_add_c2(a[4],b[5],c1,c2,c3); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
slt AT,t_2,zero
|
||||
daddu c_1,t_1
|
||||
sltu AT,c_1,t_1
|
||||
daddu a2,t_2,AT
|
||||
daddu c_2,a2
|
||||
sltu AT,c_2,a2
|
||||
daddu c_3,AT
|
||||
dsll t_2,1
|
||||
slt a2,t_1,zero
|
||||
daddu t_2,a2
|
||||
dsll t_1,1
|
||||
daddu c_1,t_1
|
||||
sltu AT,c_1,t_1
|
||||
daddu t_2,AT
|
||||
@@ -1943,26 +1899,24 @@ LEAF(bn_sqr_comba8)
|
||||
dmultu a_7,a_3 /* mul_add_c2(a[7],b[3],c2,c3,c1); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
slt c_1,t_2,zero
|
||||
dsll t_2,1
|
||||
slt a2,t_1,zero
|
||||
daddu t_2,a2
|
||||
dsll t_1,1
|
||||
daddu c_2,t_1
|
||||
sltu AT,c_2,t_1
|
||||
daddu a2,t_2,AT
|
||||
daddu c_3,a2
|
||||
daddu c_2,t_1
|
||||
sltu AT,c_2,t_1
|
||||
daddu t_2,AT
|
||||
daddu c_3,t_2
|
||||
sltu AT,c_3,t_2
|
||||
daddu c_1,AT
|
||||
sltu c_1,c_3,t_2
|
||||
dmultu a_6,a_4 /* mul_add_c2(a[6],b[4],c2,c3,c1); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
slt AT,t_2,zero
|
||||
daddu c_2,t_1
|
||||
sltu AT,c_2,t_1
|
||||
daddu a2,t_2,AT
|
||||
daddu c_3,a2
|
||||
sltu AT,c_3,a2
|
||||
daddu c_1,AT
|
||||
dsll t_2,1
|
||||
slt a2,t_1,zero
|
||||
daddu t_2,a2
|
||||
dsll t_1,1
|
||||
daddu c_2,t_1
|
||||
sltu AT,c_2,t_1
|
||||
daddu t_2,AT
|
||||
@@ -1983,26 +1937,24 @@ LEAF(bn_sqr_comba8)
|
||||
dmultu a_4,a_7 /* mul_add_c2(a[4],b[7],c3,c1,c2); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
slt c_2,t_2,zero
|
||||
dsll t_2,1
|
||||
slt a2,t_1,zero
|
||||
daddu t_2,a2
|
||||
dsll t_1,1
|
||||
daddu c_3,t_1
|
||||
sltu AT,c_3,t_1
|
||||
daddu a2,t_2,AT
|
||||
daddu c_1,a2
|
||||
daddu c_3,t_1
|
||||
sltu AT,c_3,t_1
|
||||
daddu t_2,AT
|
||||
daddu c_1,t_2
|
||||
sltu AT,c_1,t_2
|
||||
daddu c_2,AT
|
||||
sltu c_2,c_1,t_2
|
||||
dmultu a_5,a_6 /* mul_add_c2(a[5],b[6],c3,c1,c2); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
slt AT,t_2,zero
|
||||
daddu c_3,t_1
|
||||
sltu AT,c_3,t_1
|
||||
daddu a2,t_2,AT
|
||||
daddu c_1,a2
|
||||
sltu AT,c_1,a2
|
||||
daddu c_2,AT
|
||||
dsll t_2,1
|
||||
slt a2,t_1,zero
|
||||
daddu t_2,a2
|
||||
dsll t_1,1
|
||||
daddu c_3,t_1
|
||||
sltu AT,c_3,t_1
|
||||
daddu t_2,AT
|
||||
@@ -2014,17 +1966,15 @@ LEAF(bn_sqr_comba8)
|
||||
dmultu a_7,a_5 /* mul_add_c2(a[7],b[5],c1,c2,c3); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
slt c_3,t_2,zero
|
||||
dsll t_2,1
|
||||
slt a2,t_1,zero
|
||||
daddu t_2,a2
|
||||
dsll t_1,1
|
||||
daddu c_1,t_1
|
||||
sltu AT,c_1,t_1
|
||||
daddu a2,t_2,AT
|
||||
daddu c_2,a2
|
||||
daddu c_1,t_1
|
||||
sltu AT,c_1,t_1
|
||||
daddu t_2,AT
|
||||
daddu c_2,t_2
|
||||
sltu AT,c_2,t_2
|
||||
daddu c_3,AT
|
||||
sltu c_3,c_2,t_2
|
||||
dmultu a_6,a_6 /* mul_add_c(a[6],b[6],c1,c2,c3); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
@@ -2039,17 +1989,15 @@ LEAF(bn_sqr_comba8)
|
||||
dmultu a_6,a_7 /* mul_add_c2(a[6],b[7],c2,c3,c1); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
slt c_1,t_2,zero
|
||||
dsll t_2,1
|
||||
slt a2,t_1,zero
|
||||
daddu t_2,a2
|
||||
dsll t_1,1
|
||||
daddu c_2,t_1
|
||||
sltu AT,c_2,t_1
|
||||
daddu a2,t_2,AT
|
||||
daddu c_3,a2
|
||||
daddu c_2,t_1
|
||||
sltu AT,c_2,t_1
|
||||
daddu t_2,AT
|
||||
daddu c_3,t_2
|
||||
sltu AT,c_3,t_2
|
||||
daddu c_1,AT
|
||||
sltu c_1,c_3,t_2
|
||||
sd c_2,104(a0)
|
||||
|
||||
dmultu a_7,a_7 /* mul_add_c(a[7],b[7],c3,c1,c2); */
|
||||
@@ -2080,30 +2028,28 @@ LEAF(bn_sqr_comba4)
|
||||
dmultu a_0,a_1 /* mul_add_c2(a[0],b[1],c2,c3,c1); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
slt c_1,t_2,zero
|
||||
dsll t_2,1
|
||||
slt a2,t_1,zero
|
||||
daddu t_2,a2
|
||||
dsll t_1,1
|
||||
daddu c_2,t_1
|
||||
sltu AT,c_2,t_1
|
||||
daddu c_3,t_2,AT
|
||||
daddu c_2,t_1
|
||||
sltu AT,c_2,t_1
|
||||
daddu t_2,AT
|
||||
daddu c_3,t_2
|
||||
sltu c_1,c_3,t_2
|
||||
sd c_2,8(a0)
|
||||
|
||||
dmultu a_2,a_0 /* mul_add_c2(a[2],b[0],c3,c1,c2); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
slt c_2,t_2,zero
|
||||
dsll t_2,1
|
||||
slt a2,t_1,zero
|
||||
daddu t_2,a2
|
||||
dsll t_1,1
|
||||
daddu c_3,t_1
|
||||
sltu AT,c_3,t_1
|
||||
daddu a2,t_2,AT
|
||||
daddu c_1,a2
|
||||
daddu c_3,t_1
|
||||
sltu AT,c_3,t_1
|
||||
daddu t_2,AT
|
||||
daddu c_1,t_2
|
||||
sltu AT,c_1,t_2
|
||||
daddu c_2,AT
|
||||
sltu c_2,c_1,t_2
|
||||
dmultu a_1,a_1 /* mul_add_c(a[1],b[1],c3,c1,c2); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
@@ -2118,26 +2064,24 @@ LEAF(bn_sqr_comba4)
|
||||
dmultu a_0,a_3 /* mul_add_c2(a[0],b[3],c1,c2,c3); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
slt c_3,t_2,zero
|
||||
dsll t_2,1
|
||||
slt a2,t_1,zero
|
||||
daddu t_2,a2
|
||||
dsll t_1,1
|
||||
daddu c_1,t_1
|
||||
sltu AT,c_1,t_1
|
||||
daddu a2,t_2,AT
|
||||
daddu c_2,a2
|
||||
daddu c_1,t_1
|
||||
sltu AT,c_1,t_1
|
||||
daddu t_2,AT
|
||||
daddu c_2,t_2
|
||||
sltu AT,c_2,t_2
|
||||
daddu c_3,AT
|
||||
sltu c_3,c_2,t_2
|
||||
dmultu a_1,a_2 /* mul_add_c(a2[1],b[2],c1,c2,c3); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
slt AT,t_2,zero
|
||||
daddu c_1,t_1
|
||||
sltu AT,c_1,t_1
|
||||
daddu a2,t_2,AT
|
||||
daddu c_2,a2
|
||||
sltu AT,c_2,a2
|
||||
daddu c_3,AT
|
||||
dsll t_2,1
|
||||
slt a2,t_1,zero
|
||||
daddu t_2,a2
|
||||
dsll t_1,1
|
||||
daddu c_1,t_1
|
||||
sltu AT,c_1,t_1
|
||||
daddu t_2,AT
|
||||
@@ -2149,17 +2093,15 @@ LEAF(bn_sqr_comba4)
|
||||
dmultu a_3,a_1 /* mul_add_c2(a[3],b[1],c2,c3,c1); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
slt c_1,t_2,zero
|
||||
dsll t_2,1
|
||||
slt a2,t_1,zero
|
||||
daddu t_2,a2
|
||||
dsll t_1,1
|
||||
daddu c_2,t_1
|
||||
sltu AT,c_2,t_1
|
||||
daddu a2,t_2,AT
|
||||
daddu c_3,a2
|
||||
daddu c_2,t_1
|
||||
sltu AT,c_2,t_1
|
||||
daddu t_2,AT
|
||||
daddu c_3,t_2
|
||||
sltu AT,c_3,t_2
|
||||
daddu c_1,AT
|
||||
sltu c_1,c_3,t_2
|
||||
dmultu a_2,a_2 /* mul_add_c(a[2],b[2],c2,c3,c1); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
@@ -2174,17 +2116,15 @@ LEAF(bn_sqr_comba4)
|
||||
dmultu a_2,a_3 /* mul_add_c2(a[2],b[3],c3,c1,c2); */
|
||||
mflo t_1
|
||||
mfhi t_2
|
||||
slt c_2,t_2,zero
|
||||
dsll t_2,1
|
||||
slt a2,t_1,zero
|
||||
daddu t_2,a2
|
||||
dsll t_1,1
|
||||
daddu c_3,t_1
|
||||
sltu AT,c_3,t_1
|
||||
daddu a2,t_2,AT
|
||||
daddu c_1,a2
|
||||
daddu c_3,t_1
|
||||
sltu AT,c_3,t_1
|
||||
daddu t_2,AT
|
||||
daddu c_1,t_2
|
||||
sltu AT,c_1,t_2
|
||||
daddu c_2,AT
|
||||
sltu c_2,c_1,t_2
|
||||
sd c_3,40(a0)
|
||||
|
||||
dmultu a_3,a_3 /* mul_add_c(a[3],b[3],c1,c2,c3); */
|
||||
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user