}
- if (crlnumberfile != NULL) /* we have a CRL number that need updating */
+ /* we have a CRL number that need updating */
+ if (crlnumberfile != NULL)
if (!save_serial(crlnumberfile,"new",crlnumber,NULL)) goto err;
if (!X509_CRL_sign(crl,pkey,dgst)) goto err;
*/
static char *md5crypt(const char *passwd, const char *magic, const char *salt)
{
- static char out_buf[6 + 9 + 24 + 2]; /* "$apr1$..salt..$.......md5hash..........\0" */
+ /* "$apr1$..salt..$.......md5hash..........\0" */
+ static char out_buf[6 + 9 + 24 + 2];
unsigned char buf[MD5_DIGEST_LENGTH];
char *salt_out;
int n;
* Hudson (tjh@cryptsoft.com).
*
*/
-#if !defined(OPENSSL_SYS_NETWARE) /* conflicts with winsock2 stuff on netware */
+/* conflicts with winsock2 stuff on netware */
+#if !defined(OPENSSL_SYS_NETWARE)
#include <sys/types.h>
#endif
#include <openssl/opensslconf.h>
#define APPS_WIN16
#endif
-#if !defined(OPENSSL_SYS_NETWARE) /* conflicts with winsock2 stuff on netware */
+/* conflicts with winsock2 stuff on netware */
+#if !defined(OPENSSL_SYS_NETWARE)
#include <sys/types.h>
#endif
return 0;
b->peer = NULL;
- b->size = 17*1024; /* enough for one TLS record (just a default) */
+ /* enough for one TLS record (just a default) */
+ b->size = 17*1024;
b->buf = NULL;
bio->ptr = b;
/*************************************************************************/
struct io_status { short status, count; long flags; };
-struct rpc_msg { /* Should have member alignment inhibited */
- char channel; /* 'A'-app data. 'R'-remote client 'G'-global */
- char function; /* 'G'-get, 'P'-put, 'C'-confirm, 'X'-close */
- unsigned short int length; /* Amount of data returned or max to return */
- char data[4092]; /* variable data */
+/* Should have member alignment inhibited */
+struct rpc_msg {
+ /* 'A'-app data. 'R'-remote client 'G'-global */
+ char channel;
+ /* 'G'-get, 'P'-put, 'C'-confirm, 'X'-close */
+ char function;
+ /* Amount of data returned or max to return */
+ unsigned short int length;
+ /* variable data */
+ char data[4092];
};
#define RPC_HDR_SIZE (sizeof(struct rpc_msg) - 4092)
a0=B[0]; a1=B[1]; a2=B[2]; a3=B[3];
A[0]=a0; A[1]=a1; A[2]=a2; A[3]=a3;
}
+ /*
+ * workaround for ultrix cc: without 'case 0', the optimizer does
+ * the switch table by doing a=top&3; a--; goto jump_table[a];
+ * which fails for top== 0
+ */
switch (b->top&3)
{
case 3: A[2]=B[2];
case 1: A[0]=B[0];
case 0:
;
- /*
- * workaround for ultrix cc: without 'case 0', the optimizer does
- * the switch table by doing a=top&3; a--; goto jump_table[a];
- * which fails for top== 0
- */
}
}
a0=B[0]; a1=B[1]; a2=B[2]; a3=B[3];
A[0]=a0; A[1]=a1; A[2]=a2; A[3]=a3;
}
+ /* ultrix cc workaround, see comments in bn_expand_internal */
switch (b->top&3)
{
case 3: A[2]=B[2];
case 2: A[1]=B[1];
case 1: A[0]=B[0];
- case 0: ; /* ultrix cc workaround, see comments in bn_expand_internal */
+ case 0: ;
}
#else
memcpy(a->d,b->d,sizeof(b->d[0])*b->top);
struct crypto_ex_data_st
{
STACK *sk;
- int dummy; /* gcc is screwing up this data structure :-( */
+ /* gcc is screwing up this data structure :-( */
+ int dummy;
};
/* This stuff is basically class callback functions
#define DES_version OSSL_DES_version
#define libdes_version OSSL_libdes_version
-OPENSSL_EXTERN const char OSSL_DES_version[]; /* SSLeay version string */
-OPENSSL_EXTERN const char OSSL_libdes_version[]; /* old libdes version string */
+/* SSLeay version string */
+OPENSSL_EXTERN const char OSSL_DES_version[];
+/* old libdes version string */
+OPENSSL_EXTERN const char OSSL_libdes_version[];
#define OPENSSL_DSA_FIPS_MIN_MODULUS_BITS 1024
#define DSA_FLAG_CACHE_MONT_P 0x01
-#define DSA_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DSA
- * implementation now uses constant time
- * modular exponentiation for secret exponents
- * by default. This flag causes the
- * faster variable sliding window method to
- * be used for all exponents.
- */
+/* new with 0.9.7h; the
+ * built-in DSA
+ * implementation now
+ * uses constant time
+ * modular exponentiation
+ * for secret exponents
+ * by default. This flag
+ * causes the faster
+ * variable sliding
+ * window method to be
+ * used for all
+ * exponents.
+ */
+#define DSA_FLAG_NO_EXP_CONSTTIME 0x02
/* If this flag is set the DSA method is FIPS compliant and can be used
* in FIPS mode. This is set in the validated module method. If an
* holds CRYPTO_LOCK_RAND
* (to prevent double locking) */
/* access to lockin_thread is synchronized by CRYPTO_LOCK_RAND2 */
-static unsigned long locking_thread = 0; /* valid iff crypto_lock_rand is set */
+/* valid iff crypto_lock_rand is set */
+static unsigned long locking_thread = 0;
#ifdef PREDICT
for (i=0; i<MD_DIGEST_LENGTH/2; i++)
{
- state[st_idx++]^=local_md[i]; /* may compete with other threads */
+ /* may compete with other threads */
+ state[st_idx++]^=local_md[i];
if (st_idx >= st_num)
st_idx=0;
if (i < j)
#error SEED is disabled.
#endif
-#ifdef AES_LONG /* look whether we need 'long' to get 32 bits */
+/* look whether we need 'long' to get 32 bits */
+#ifdef AES_LONG
# ifndef SEED_LONG
# define SEED_LONG 1
# endif
} PBE2PARAM;
typedef struct PBKDF2PARAM_st {
-ASN1_TYPE *salt; /* Usually OCTET STRING but could be anything */
+/* Usually OCTET STRING but could be anything */
+ASN1_TYPE *salt;
ASN1_INTEGER *iter;
ASN1_INTEGER *keylength;
X509_ALGOR *prf;
typedef struct pkcs8_priv_key_info_st
{
- int broken; /* Flag for various broken formats */
+ /* Flag for various broken formats */
+ int broken;
#define PKCS8_OK 0
#define PKCS8_NO_OCTET 1
#define PKCS8_EMBEDDED_PARAM 2
#define PKCS8_NS_DB 3
ASN1_INTEGER *version;
X509_ALGOR *pkeyalg;
- ASN1_TYPE *pkey; /* Should be OCTET STRING but some are broken */
+ /* Should be OCTET STRING but some are broken */
+ ASN1_TYPE *pkey;
STACK_OF(X509_ATTRIBUTE) *attributes;
} PKCS8_PRIV_KEY_INFO;
#endif /* ENGINE_DYNAMIC_SUPPORT */\r
\r
\r
-#endif /* !OPENSSL_NO_HW_IBMCA */\r
+#endif /* !OPENSSL_NO_HW_IBMCA */
#endif /* !OPENSSL_NO_HW */
static DSO *hwcrhk_dso = NULL;
static HWCryptoHook_ContextHandle hwcrhk_context = 0;
#ifndef OPENSSL_NO_RSA
-static int hndidx_rsa = -1; /* Index for KM handle. Not really used yet. */
+/* Index for KM handle. Not really used yet. */
+static int hndidx_rsa = -1;
#endif
/* These are the function pointers that are (un)set when the library has
* implicitly. */
static DSO *surewarehk_dso = NULL;
#ifndef OPENSSL_NO_RSA
-static int rsaHndidx = -1; /* Index for KM handle. Not really used yet. */
+/* Index for KM handle. Not really used yet. */
+static int rsaHndidx = -1;
#endif
#ifndef OPENSSL_NO_DSA
-static int dsaHndidx = -1; /* Index for KM handle. Not really used yet. */
+/* Index for KM handle. Not really used yet. */
+static int dsaHndidx = -1;
#endif
/* These are the function pointers that are (un)set when the library has
goto err;
}
- if (p_UBSEC_dsa_sign_ioctl(fd, 0, /* compute hash before signing */
+ if (p_UBSEC_dsa_sign_ioctl(fd,
+ /* compute hash before signing */
+ 0,
(unsigned char *)dgst, d_len,
- NULL, 0, /* compute random value */
+ NULL,
+ /* compute random value */
+ 0,
(unsigned char *)dsa->p->d, BN_num_bits(dsa->p),
(unsigned char *)dsa->q->d, BN_num_bits(dsa->q),
(unsigned char *)dsa->g->d, BN_num_bits(dsa->g),
krb5rc = krb5_kt_get_entry(krb5context, krb5keytab,
princ,
- 0 /* IGNORE_VNO */,
- 0 /* IGNORE_ENCTYPE */,
+ /* IGNORE_VNO */
+ 0,
+ /* IGNORE_ENCTYPE */
+ 0,
&entry);
if ( krb5rc == KRB5_KT_NOTFOUND ) {
rc = 1;
krb5_free_data_contents(NULL, data);
#endif
}
-#endif /* !OPENSSL_SYS_WINDOWS && !OPENSSL_SYS_WIN32 */
+#endif
+/* !OPENSSL_SYS_WINDOWS && !OPENSSL_SYS_WIN32 */
/* Given pointers to KerberosTime and struct tm structs, convert the
* the workaround is not needed. Unfortunately some broken SSL/TLS
* implementations cannot handle it at all, which is why we include
* it in SSL_OP_ALL. */
-#define SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS 0x00000800L /* added in 0.9.6e */
+/* added in 0.9.6e */
+#define SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS 0x00000800L
/* SSL_OP_ALL: various bug workarounds that should be rather harmless.
* This used to be 0x000FFFFFL before 0.9.7. */
#define SSL_AD_REASON_OFFSET 1000
/* These alert types are for SSLv3 and TLSv1 */
#define SSL_AD_CLOSE_NOTIFY SSL3_AD_CLOSE_NOTIFY
-#define SSL_AD_UNEXPECTED_MESSAGE SSL3_AD_UNEXPECTED_MESSAGE /* fatal */
-#define SSL_AD_BAD_RECORD_MAC SSL3_AD_BAD_RECORD_MAC /* fatal */
+/* fatal */
+#define SSL_AD_UNEXPECTED_MESSAGE SSL3_AD_UNEXPECTED_MESSAGE
+/* fatal */
+#define SSL_AD_BAD_RECORD_MAC SSL3_AD_BAD_RECORD_MAC
#define SSL_AD_DECRYPTION_FAILED TLS1_AD_DECRYPTION_FAILED
#define SSL_AD_RECORD_OVERFLOW TLS1_AD_RECORD_OVERFLOW
-#define SSL_AD_DECOMPRESSION_FAILURE SSL3_AD_DECOMPRESSION_FAILURE/* fatal */
-#define SSL_AD_HANDSHAKE_FAILURE SSL3_AD_HANDSHAKE_FAILURE/* fatal */
-#define SSL_AD_NO_CERTIFICATE SSL3_AD_NO_CERTIFICATE /* Not for TLS */
+/* fatal */
+#define SSL_AD_DECOMPRESSION_FAILURE SSL3_AD_DECOMPRESSION_FAILURE
+/* fatal */
+#define SSL_AD_HANDSHAKE_FAILURE SSL3_AD_HANDSHAKE_FAILURE
+/* Not for TLS */
+#define SSL_AD_NO_CERTIFICATE SSL3_AD_NO_CERTIFICATE
#define SSL_AD_BAD_CERTIFICATE SSL3_AD_BAD_CERTIFICATE
#define SSL_AD_UNSUPPORTED_CERTIFICATE SSL3_AD_UNSUPPORTED_CERTIFICATE
#define SSL_AD_CERTIFICATE_REVOKED SSL3_AD_CERTIFICATE_REVOKED
#define SSL_AD_CERTIFICATE_EXPIRED SSL3_AD_CERTIFICATE_EXPIRED
#define SSL_AD_CERTIFICATE_UNKNOWN SSL3_AD_CERTIFICATE_UNKNOWN
-#define SSL_AD_ILLEGAL_PARAMETER SSL3_AD_ILLEGAL_PARAMETER /* fatal */
-#define SSL_AD_UNKNOWN_CA TLS1_AD_UNKNOWN_CA /* fatal */
-#define SSL_AD_ACCESS_DENIED TLS1_AD_ACCESS_DENIED /* fatal */
-#define SSL_AD_DECODE_ERROR TLS1_AD_DECODE_ERROR /* fatal */
+/* fatal */
+#define SSL_AD_ILLEGAL_PARAMETER SSL3_AD_ILLEGAL_PARAMETER
+/* fatal */
+#define SSL_AD_UNKNOWN_CA TLS1_AD_UNKNOWN_CA
+/* fatal */
+#define SSL_AD_ACCESS_DENIED TLS1_AD_ACCESS_DENIED
+/* fatal */
+#define SSL_AD_DECODE_ERROR TLS1_AD_DECODE_ERROR
#define SSL_AD_DECRYPT_ERROR TLS1_AD_DECRYPT_ERROR
-#define SSL_AD_EXPORT_RESTRICTION TLS1_AD_EXPORT_RESTRICTION/* fatal */
-#define SSL_AD_PROTOCOL_VERSION TLS1_AD_PROTOCOL_VERSION /* fatal */
-#define SSL_AD_INSUFFICIENT_SECURITY TLS1_AD_INSUFFICIENT_SECURITY/* fatal */
-#define SSL_AD_INTERNAL_ERROR TLS1_AD_INTERNAL_ERROR /* fatal */
+/* fatal */
+#define SSL_AD_EXPORT_RESTRICTION TLS1_AD_EXPORT_RESTRICTION
+/* fatal */
+#define SSL_AD_PROTOCOL_VERSION TLS1_AD_PROTOCOL_VERSION
+/* fatal */
+#define SSL_AD_INSUFFICIENT_SECURITY TLS1_AD_INSUFFICIENT_SECURITY
+/* fatal */
+#define SSL_AD_INTERNAL_ERROR TLS1_AD_INTERNAL_ERROR
#define SSL_AD_USER_CANCELLED TLS1_AD_USER_CANCELLED
#define SSL_AD_NO_RENEGOTIATION TLS1_AD_NO_RENEGOTIATION
#define SSL_AD_UNSUPPORTED_EXTENSION TLS1_AD_UNSUPPORTED_EXTENSION
#define SSL_AD_UNRECOGNIZED_NAME TLS1_AD_UNRECOGNIZED_NAME
#define SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE
#define SSL_AD_BAD_CERTIFICATE_HASH_VALUE TLS1_AD_BAD_CERTIFICATE_HASH_VALUE
-#define SSL_AD_UNKNOWN_PSK_IDENTITY TLS1_AD_UNKNOWN_PSK_IDENTITY /* fatal */
-#define SSL_AD_INAPPROPRIATE_FALLBACK TLS1_AD_INAPPROPRIATE_FALLBACK /* fatal */
+/* fatal */
+#define SSL_AD_UNKNOWN_PSK_IDENTITY TLS1_AD_UNKNOWN_PSK_IDENTITY
+/* fatal */
+#define SSL_AD_INAPPROPRIATE_FALLBACK TLS1_AD_INAPPROPRIATE_FALLBACK
#define SSL_ERROR_NONE 0
#define SSL_ERROR_SSL 1
int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type);
int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type);
int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type);
-int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file); /* PEM type */
+/* PEM type */
+int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file);
STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file);
int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
const char *file);
* ONLY ONE BIT PER MASK CAN BE SET AT A TIME.
*/
#define SSL_MKEY_MASK 0x000000FFL
-#define SSL_kRSA 0x00000001L /* RSA key exchange */
-#define SSL_kDHr 0x00000002L /* DH cert RSA CA cert */
-#define SSL_kDHd 0x00000004L /* DH cert DSA CA cert */
+/* RSA key exchange */
+#define SSL_kRSA 0x00000001L
+/* DH cert RSA CA cert */
+#define SSL_kDHr 0x00000002L
+/* DH cert DSA CA cert */
+#define SSL_kDHd 0x00000004L
#define SSL_kFZA 0x00000008L
-#define SSL_kEDH 0x00000010L /* tmp DH key no DH cert */
-#define SSL_kKRB5 0x00000020L /* Kerberos5 key exchange */
-#define SSL_kECDH 0x00000040L /* ECDH w/ long-term keys */
-#define SSL_kECDHE 0x00000080L /* ephemeral ECDH */
+/* tmp DH key no DH cert */
+#define SSL_kEDH 0x00000010L
+/* Kerberos5 key exchange */
+#define SSL_kKRB5 0x00000020L
+/* ECDH w/ long-term keys */
+#define SSL_kECDH 0x00000040L
+/* ephemeral ECDH */
+#define SSL_kECDHE 0x00000080L
#define SSL_EDH (SSL_kEDH|(SSL_AUTH_MASK^SSL_aNULL))
#define SSL_AUTH_MASK 0x00007F00L
-#define SSL_aRSA 0x00000100L /* Authenticate with RSA */
-#define SSL_aDSS 0x00000200L /* Authenticate with DSS */
+/* Authenticate with RSA */
+#define SSL_aRSA 0x00000100L
+/* Authenticate with DSS */
+#define SSL_aDSS 0x00000200L
#define SSL_DSS SSL_aDSS
#define SSL_aFZA 0x00000400L
-#define SSL_aNULL 0x00000800L /* no Authenticate, ADH */
-#define SSL_aDH 0x00001000L /* no Authenticate, ADH */
-#define SSL_aKRB5 0x00002000L /* Authenticate with KRB5 */
-#define SSL_aECDSA 0x00004000L /* Authenticate with ECDSA */
+/* no Authenticate, ADH */
+#define SSL_aNULL 0x00000800L
+/* no Authenticate, ADH */
+#define SSL_aDH 0x00001000L
+/* Authenticate with KRB5 */
+#define SSL_aKRB5 0x00002000L
+/* Authenticate with ECDSA */
+#define SSL_aECDSA 0x00004000L
#define SSL_NULL (SSL_eNULL)
#define SSL_ADH (SSL_kEDH|SSL_aNULL)
#endif
#define TEST_SERVER_CERT "SSL_SERVER_CERTIFICATE"
/*************************************************************************/
-struct rpc_msg { /* Should have member alignment inhibited */
- char channel; /* 'A'-app data. 'R'-remote client 'G'-global */
- char function; /* 'G'-get, 'P'-put, 'C'-confirm, 'X'-close */
- unsigned short int length; /* Amount of data returned or max to return */
- char data[4092]; /* variable data */
+/* Should have member alignment inhibited */
+struct rpc_msg {
+ /* 'A'-app data. 'R'-remote client 'G'-global */
+ char channel;
+ /* 'G'-get, 'P'-put, 'C'-confirm, 'X'-close */
+ char function;
+ /* Amount of data returned or max to return */
+ unsigned short int length;
+ /* variable data */
+ char data[4092];
};
#define RPC_HDR_SIZE (sizeof(struct rpc_msg) - 4092)
projects / oweals / openssl.git / commitdiff