with OPENSSL_EXPERIMENTAL_FOO around it. Make JPAKE experimental.
Changes between 0.9.8i and 0.9.8j [xx XXX xxxx]
+ *) Update Configure code and WIN32 build scripts to support experimental
+ code. This is surrounded by OPENSSL_EXPERIMENTAL_FOO and not compiled
+ in by default. Using the configuration option "enable-experimental-foo"
+ enables it. Use this option for JPAKE.
+ [Steve Henson]
+
*) Use correct exit code if there is an error in dgst command.
[Steve Henson; problem pointed out by Roland Dirlewanger]
my $threads=0;
my $no_shared=0; # but "no-shared" is default
my $zlib=1; # but "no-zlib" is default
+my $jpake=1; # but "no-jpake" is default
my $no_krb5=0; # but "no-krb5" is implied unless "--with-krb5-..." is used
my $no_rfc3779=1; # but "no-rfc3779" is default
my $montasm=1; # but "no-montasm" is default
"camellia" => "default",
"capieng" => "default",
"cms" => "default",
+ "experimental-jpake" => "default",
"gmp" => "default",
"mdc2" => "default",
"montasm" => "default", # explicit option in 0.9.8 only (implicitly enabled in 0.9.9)
{ $no_threads = 1; }
elsif (/^shared$/)
{ $no_shared = 1; }
+ elsif (/^experimental-jpake$/)
+ { $jpake = 0; push @skip, "jpake"}
elsif (/^zlib$/)
{ $zlib = 0; }
elsif (/^montasm$/)
$openssl_thread_defines .= $thread_defines;
}
+if ($jpake)
+ {
+ $openssl_other_defines = "#define OPENSSL_EXPERIMENTAL_JPAKE\n";
+ }
+
if ($zlib)
{
$cflags = "-DZLIB $cflags";
if ($sdirs) {
my $dir;
foreach $dir (@skip) {
- s/([ ])$dir /\1/;
+ s/(\s)$dir\s/$1/;
+ s/\s$dir$//;
}
}
$sdirs = 0 unless /\\$/;
#include <openssl/rsa.h>
#endif
#include <openssl/bn.h>
+#ifdef OPENSSL_EXPERIMENTAL_JPAKE
#include <openssl/jpake.h>
+#endif
#define NON_MAIN
#include "apps.h"
BIO_free(out);
}
+#ifdef OPENSSL_EXPERIMENTAL_JPAKE
+
static JPAKE_CTX *jpake_init(const char *us, const char *them,
const char *secret)
{
BIO_pop(bconn);
BIO_free(bconn);
}
+
+#endif
int args_verify(char ***pargs, int *pargc,
int *badarg, BIO *err, X509_VERIFY_PARAM **pm);
void policies_print(BIO *out, X509_STORE_CTX *ctx);
+#ifdef OPENSSL_EXPERIMENTAL_JPAKE
void jpake_client_auth(BIO *out, BIO *conn, const char *secret);
void jpake_server_auth(BIO *out, BIO *conn, const char *secret);
+#endif
#define FORMAT_UNDEF 0
#define FORMAT_ASN1 1
int peerlen = sizeof(peer);
int enable_timeouts = 0 ;
long mtu = 0;
+#ifdef OPENSSL_EXPERIMENTAL_JPAKE
char *jpake_secret = NULL;
+#endif
#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
meth=SSLv23_client_method();
/* meth=TLSv1_client_method(); */
}
#endif
+#ifdef OPENSSL_EXPERIMENTAL_JPAKE
else if (strcmp(*argv,"-jpake") == 0)
{
if (--argc < 1) goto bad;
jpake_secret = *++argv;
}
+#endif
else
{
BIO_printf(bio_err,"unknown option %s\n",*argv);
#endif
}
#endif
-
+#ifdef OPENSSL_EXPERIMENTAL_JPAKE
if (jpake_secret)
jpake_client_auth(bio_c_out, sbio, jpake_secret);
+#endif
SSL_set_bio(con,sbio,sbio);
SSL_set_connect_state(con);
#endif
int MAIN(int, char **);
+#ifdef OPENSSL_EXPERIMENTAL_JPAKE
static char *jpake_secret = NULL;
+#endif
int MAIN(int argc, char *argv[])
{
}
#endif
+#ifdef OPENSSL_EXPERIMENTAL_JPAKE
else if (strcmp(*argv,"-jpake") == 0)
{
if (--argc < 1) goto bad;
jpake_secret = *(++argv);
}
+#endif
else
{
BIO_printf(bio_err,"unknown option %s\n",*argv);
test=BIO_new(BIO_f_nbio_test());
sbio=BIO_push(test,sbio);
}
-
+#ifdef OPENSSL_EXPERIMENTAL_JPAKE
if(jpake_secret)
jpake_server_auth(bio_s_out, sbio, jpake_secret);
+#endif
SSL_set_bio(con,sbio,sbio);
SSL_set_accept_state(con);
#ifndef OPENSSL_NO_CMS
#include <openssl/cms.h>
#endif
-
+#ifdef OPENSSL_EXPERIMENTAL_JPAKE
#include <openssl/jpake.h>
+#endif
void ERR_load_crypto_strings(void)
{
#ifndef OPENSSL_NO_CMS
ERR_load_CMS_strings();
#endif
+#ifdef OPENSSL_EXPERIMENTAL_JPAKE
ERR_load_JPAKE_strings();
+#endif
#endif
}
#ifndef HEADER_JPAKE_H
#define HEADER_JPAKE_H
+#include <openssl/opensslconf.h>
+
+#ifndef OPENSSL_EXPERIMENTAL_JPAKE
+#error JPAKE is disabled.
+#endif
+
#ifdef __cplusplus
extern "C" {
#endif
CRYPTO_dbg_remove_all_info 4090 EXIST::FUNCTION:
OPENSSL_init 4091 EXIST::FUNCTION:
private_Camellia_set_key 4092 EXIST:OPENSSL_FIPS:FUNCTION:CAMELLIA
-JPAKE_STEP3A_process 4093 EXIST::FUNCTION:
-JPAKE_STEP1_release 4094 EXIST::FUNCTION:
-JPAKE_get_shared_key 4095 EXIST::FUNCTION:
-JPAKE_STEP3B_init 4096 EXIST::FUNCTION:
-JPAKE_STEP1_generate 4097 EXIST::FUNCTION:
-JPAKE_STEP1_init 4098 EXIST::FUNCTION:
-JPAKE_STEP3B_process 4099 EXIST::FUNCTION:
-JPAKE_STEP2_generate 4100 EXIST::FUNCTION:
-JPAKE_CTX_new 4101 EXIST::FUNCTION:
-JPAKE_CTX_free 4102 EXIST::FUNCTION:
-JPAKE_STEP3B_release 4103 EXIST::FUNCTION:
-JPAKE_STEP3A_release 4104 EXIST::FUNCTION:
-JPAKE_STEP2_process 4105 EXIST::FUNCTION:
-CRYPTO_strdup 4106 EXIST::FUNCTION:
-JPAKE_STEP3B_generate 4107 EXIST::FUNCTION:
-JPAKE_STEP1_process 4108 EXIST::FUNCTION:
-JPAKE_STEP3A_generate 4109 EXIST::FUNCTION:
-JPAKE_STEP2_release 4110 EXIST::FUNCTION:
-JPAKE_STEP3A_init 4111 EXIST::FUNCTION:
-ERR_load_JPAKE_strings 4112 EXIST::FUNCTION:
-JPAKE_STEP2_init 4113 EXIST::FUNCTION:
+CRYPTO_strdup 4093 EXIST::FUNCTION:
+JPAKE_STEP3A_process 4094 EXIST:OPENSSL_EXPERIMENTAL_JPAKE:FUNCTION:
+JPAKE_STEP1_release 4095 EXIST:OPENSSL_EXPERIMENTAL_JPAKE:FUNCTION:
+JPAKE_get_shared_key 4096 EXIST:OPENSSL_EXPERIMENTAL_JPAKE:FUNCTION:
+JPAKE_STEP3B_init 4097 EXIST:OPENSSL_EXPERIMENTAL_JPAKE:FUNCTION:
+JPAKE_STEP1_generate 4098 EXIST:OPENSSL_EXPERIMENTAL_JPAKE:FUNCTION:
+JPAKE_STEP1_init 4099 EXIST:OPENSSL_EXPERIMENTAL_JPAKE:FUNCTION:
+JPAKE_STEP3B_process 4100 EXIST:OPENSSL_EXPERIMENTAL_JPAKE:FUNCTION:
+JPAKE_STEP2_generate 4101 EXIST:OPENSSL_EXPERIMENTAL_JPAKE:FUNCTION:
+JPAKE_CTX_new 4102 EXIST:OPENSSL_EXPERIMENTAL_JPAKE:FUNCTION:
+JPAKE_CTX_free 4103 EXIST:OPENSSL_EXPERIMENTAL_JPAKE:FUNCTION:
+JPAKE_STEP3B_release 4104 EXIST:OPENSSL_EXPERIMENTAL_JPAKE:FUNCTION:
+JPAKE_STEP3A_release 4105 EXIST:OPENSSL_EXPERIMENTAL_JPAKE:FUNCTION:
+JPAKE_STEP2_process 4106 EXIST:OPENSSL_EXPERIMENTAL_JPAKE:FUNCTION:
+JPAKE_STEP3B_generate 4107 EXIST:OPENSSL_EXPERIMENTAL_JPAKE:FUNCTION:
+JPAKE_STEP1_process 4108 EXIST:OPENSSL_EXPERIMENTAL_JPAKE:FUNCTION:
+JPAKE_STEP3A_generate 4109 EXIST:OPENSSL_EXPERIMENTAL_JPAKE:FUNCTION:
+JPAKE_STEP2_release 4110 EXIST:OPENSSL_EXPERIMENTAL_JPAKE:FUNCTION:
+JPAKE_STEP3A_init 4111 EXIST:OPENSSL_EXPERIMENTAL_JPAKE:FUNCTION:
+ERR_load_JPAKE_strings 4112 EXIST:OPENSSL_EXPERIMENTAL_JPAKE:FUNCTION:
+JPAKE_STEP2_init 4113 EXIST:OPENSSL_EXPERIMENTAL_JPAKE:FUNCTION:
my $safe_stack_def = 0;
my @known_platforms = ( "__FreeBSD__", "PERL5", "NeXT",
- "EXPORT_VAR_AS_FUNCTION", "ZLIB", "OPENSSL_FIPS" );
+ "EXPORT_VAR_AS_FUNCTION", "ZLIB", "OPENSSL_FIPS",
+ "OPENSSL_EXPERIMENTAL_JPAKE" );
my @known_ossl_platforms = ( "VMS", "WIN16", "WIN32", "WINNT", "OS2" );
my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",
"CAST", "MD2", "MD4", "MD5", "SHA", "SHA0", "SHA1",
|| $_ eq "enable-zlib-dynamic") {
$zlib = 1;
}
-
+
+ if ($_ eq "enable-experimental-jpake") {
+ $jpake = 1;
+ }
$do_ssl=1 if $_ eq "ssleay";
if ($_ eq "ssl") {
$tag{$tag[$tag_i]}=2;
print STDERR "DEBUG: $file: chaged tag $1 = 2\n" if $debug;
}
+ if ($tag[$tag_i] eq "OPENSSL_EXPERIMENTAL_".$1) {
+ $tag{$tag[$tag_i]}=-2;
+ print STDERR "DEBUG: $file: chaged tag $1 = -2\n" if $debug;
+ }
$tag_i--;
}
} elsif (/^\#\s*endif/) {
print STDERR "DEBUG: \$t=\"$t\"\n" if $debug;
if ($tag{$t}==2) {
$tag{$t}=-1;
+ } elsif ($tag{$t}==-2) {
+ $tag{$t}=1;
} else {
$tag{$t}=0;
}
return 1;
}
if ($keyword eq "ZLIB" && $zlib) { return 1; }
+ if ($keyword eq "OPENSSL_EXPERIMENTAL_JPAKE" && $jpake) {
+ return 1;
+ }
return 0;
} else {
# algorithms
projects / oweals / openssl.git / commitdiff