my $safe_stack_def = 0;
my @known_platforms = ( "__FreeBSD__", "PERL5", "NeXT",
- "EXPORT_VAR_AS_FUNCTION", "ZLIB", "OPENSSL_FIPS" );
+ "EXPORT_VAR_AS_FUNCTION", "ZLIB",
+ "OPENSSL_FIPS", "OPENSSL_FIPSCAPABLE" );
my @known_ossl_platforms = ( "VMS", "WIN16", "WIN32", "WINNT", "OS2" );
my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",
"CAST", "MD2", "MD4", "MD5", "SHA", "SHA0", "SHA1",
"SHA256", "SHA512", "RIPEMD",
"MDC2", "WHIRLPOOL", "RSA", "DSA", "DH", "EC", "ECDH", "ECDSA", "EC2M",
"HMAC", "AES", "CAMELLIA", "SEED", "GOST",
+ # EC_NISTP_64_GCC_128
+ "EC_NISTP_64_GCC_128",
# Envelope "algorithms"
"EVP", "X509", "ASN1_TYPEDEFS",
# Helper "algorithms"
# RFC3779
"RFC3779",
# TLS
- "TLSEXT", "PSK", "SRP",
+ "TLSEXT", "PSK", "SRP", "HEARTBEATS",
# CMS
"CMS",
# CryptoAPI Engine
"CAPIENG",
- # SSL v2
- "SSL2",
+ # SSL v3 method
+ "SSL3_METHOD",
# JPAKE
"JPAKE",
# NEXTPROTONEG
"NEXTPROTONEG",
# Deprecated functions
- "DEPRECATED" );
+ "DEPRECATED",
+ # Hide SSL internals
+ "SSL_INTERN",
+ # SCTP
+ "SCTP",
+ # SRTP
+ "SRTP",
+ # SSL TRACE
+ "SSL_TRACE",
+ # Unit testing
+ "UNIT_TEST");
my $options="";
open(IN,"<Makefile") || die "unable to open Makefile!\n";
my $no_ec; my $no_ecdsa; my $no_ecdh; my $no_engine; my $no_hw;
my $no_fp_api; my $no_static_engine=1; my $no_gmp; my $no_deprecated;
my $no_rfc3779; my $no_psk; my $no_tlsext; my $no_cms; my $no_capieng;
-my $no_jpake; my $no_ssl2; my $no_ec2m; my $no_nextprotoneg;
-my $no_srp;
+my $no_jpake; my $no_srp; my $no_ec2m; my $no_nistp_gcc;
+my $no_nextprotoneg; my $no_sctp; my $no_srtp; my $no_ssl_trace;
+my $no_unit_test; my $no_ssl3_method;
my $fips;
elsif (/^no-tlsext$/) { $no_tlsext=1; }
elsif (/^no-cms$/) { $no_cms=1; }
elsif (/^no-ec2m$/) { $no_ec2m=1; }
+ elsif (/^no-ec-nistp224-64-gcc-128$/) { $no_nistp_gcc=1; }
elsif (/^no-nextprotoneg$/) { $no_nextprotoneg=1; }
- elsif (/^no-ssl2$/) { $no_ssl2=1; }
+ elsif (/^no-ssl3-method$/) { $no_ssl3_method=1; }
+ elsif (/^no-ssl-trace$/) { $no_ssl_trace=1; }
elsif (/^no-capieng$/) { $no_capieng=1; }
elsif (/^no-jpake$/) { $no_jpake=1; }
elsif (/^no-srp$/) { $no_srp=1; }
+ elsif (/^no-sctp$/) { $no_sctp=1; }
+ elsif (/^no-srtp$/) { $no_srtp=1; }
+ elsif (/^no-unit-test$/){ $no_unit_test=1; }
}
my $ssl="ssl/ssl.h";
$ssl.=" ssl/kssl.h";
$ssl.=" ssl/tls1.h";
+$ssl.=" ssl/srtp.h";
my $crypto ="crypto/crypto.h";
+$crypto.=" crypto/cryptlib.h";
$crypto.=" crypto/o_dir.h";
$crypto.=" crypto/o_str.h";
-$crypto.=" crypto/o_time.h";
$crypto.=" crypto/des/des.h crypto/des/des_old.h" ; # unless $no_des;
$crypto.=" crypto/idea/idea.h" ; # unless $no_idea;
$crypto.=" crypto/rc4/rc4.h" ; # unless $no_rc4;
$crypto.=" crypto/ecdsa/ecdsa.h" ; # unless $no_ecdsa;
$crypto.=" crypto/ecdh/ecdh.h" ; # unless $no_ecdh;
$crypto.=" crypto/hmac/hmac.h" ; # unless $no_hmac;
+$crypto.=" crypto/cmac/cmac.h" ;
$crypto.=" crypto/engine/engine.h"; # unless $no_engine;
$crypto.=" crypto/stack/stack.h" ; # unless $no_stack;
$crypto.=" crypto/jpake/jpake.h";
$crypto.=" crypto/srp/srp.h";
$crypto.=" crypto/modes/modes.h";
-$crypto.=" fips/fips.h fips/rand/fips_rand.h";
my $symhacks="crypto/symhacks.h";
$def .= "int PEM_write_bio_$1(void);";
next;
} elsif (/^DECLARE_PEM_write\s*\(\s*(\w*)\s*,/ ||
+ /^DECLARE_PEM_write_const\s*\(\s*(\w*)\s*,/ ||
/^DECLARE_PEM_write_cb\s*\(\s*(\w*)\s*,/ ) {
# Things not in Win16
$def .=
if ($keyword eq "EXPORT_VAR_AS_FUNCTION" && ($VMSVAX || $W32 || $W16)) {
return 1;
}
+ if ($keyword eq "OPENSSL_FIPSCAPABLE") {
+ return 0;
+ }
if ($keyword eq "OPENSSL_FIPS" && $fips) {
return 1;
}
if ($keyword eq "TLSEXT" && $no_tlsext) { return 0; }
if ($keyword eq "PSK" && $no_psk) { return 0; }
if ($keyword eq "CMS" && $no_cms) { return 0; }
+ if ($keyword eq "EC_NISTP_64_GCC_128" && $no_nistp_gcc)
+ { return 0; }
if ($keyword eq "EC2M" && $no_ec2m) { return 0; }
if ($keyword eq "NEXTPROTONEG" && $no_nextprotoneg) { return 0; }
- if ($keyword eq "SSL2" && $no_ssl2) { return 0; }
+ if ($keyword eq "SSL3_METHOD" && $no_ssl3_method) { return 0; }
+ if ($keyword eq "SSL_TRACE" && $no_ssl_trace) { return 0; }
if ($keyword eq "CAPIENG" && $no_capieng) { return 0; }
if ($keyword eq "JPAKE" && $no_jpake) { return 0; }
if ($keyword eq "SRP" && $no_srp) { return 0; }
+ if ($keyword eq "SCTP" && $no_sctp) { return 0; }
+ if ($keyword eq "SRTP" && $no_srtp) { return 0; }
+ if ($keyword eq "UNIT_TEST" && $no_unit_test) { return 0; }
if ($keyword eq "DEPRECATED" && $no_deprecated) { return 0; }
# Nothing recognise as true
next if defined($rsyms{$sym});
die "ERROR: Symbol $sym had no info attached to it."
if $i eq "";
+ next if $i =~ /OPENSSL_FIPSCAPABLE/;
if (!exists $nums{$s}) {
$new_syms++;
my $s2 = $s;