}
}
}
-}
\ No newline at end of file
+}
ThrowDescriptiveException(gErrorMessage);
}
-#endif
\ No newline at end of file
+#endif
tests:
links:
- @$(TOP)/util/point.sh Makefile.ssl Makefile
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
char *make_config_name()
{
const char *t=X509_get_default_cert_area();
+ size_t len;
char *p;
- p=OPENSSL_malloc(strlen(t)+strlen(OPENSSL_CONF)+2);
- strcpy(p,t);
+ len=strlen(t)+strlen(OPENSSL_CONF)+2;
+ p=OPENSSL_malloc(len);
+ BUF_strlcpy(p,t,len);
#ifndef OPENSSL_SYS_VMS
- strcat(p,"/");
+ BUF_strlcat(p,"/",len);
#endif
- strcat(p,OPENSSL_CONF);
+ BUF_strlcat(p,OPENSSL_CONF,len);
return p;
}
if (configfile == NULL)
{
const char *s=X509_get_default_cert_area();
+ size_t len;
#ifdef OPENSSL_SYS_VMS
- tofree=OPENSSL_malloc(strlen(s)+sizeof(CONFIG_FILE));
+ len = strlen(s)+sizeof(CONFIG_FILE);
+ tofree=OPENSSL_malloc(len);
strcpy(tofree,s);
#else
- tofree=OPENSSL_malloc(strlen(s)+sizeof(CONFIG_FILE)+1);
- strcpy(tofree,s);
- strcat(tofree,"/");
+ len = strlen(s)+sizeof(CONFIG_FILE)+1;
+ tofree=OPENSSL_malloc(len);
+ BUF_strlcpy(tofree,s,len);
+ BUF_strlcat(tofree,"/",len);
#endif
- strcat(tofree,CONFIG_FILE);
+ BUF_strlcat(tofree,CONFIG_FILE,len);
configfile=tofree;
}
#ifdef OPENSSL_SYS_VMS
strcat(buf[0],"-new");
#else
- strcat(buf[0],".new");
+ BUF_strlcat(buf[0],".new",sizeof(buf[0]));
#endif
if (!save_serial(buf[0],serial)) goto err;
#ifdef OPENSSL_SYS_VMS
strcat(buf[1],"-new");
#else
- strcat(buf[1],".new");
+ BUF_strlcat(buf[1],".new",sizeof(buf[1]));
#endif
if (BIO_write_filename(out,buf[1]) <= 0)
for (i=0; i<sk_X509_num(cert_sk); i++)
{
int k;
- unsigned char *n;
+ char *n;
x=sk_X509_value(cert_sk,i);
strcpy(buf[2],outdir);
#ifndef OPENSSL_SYS_VMS
- strcat(buf[2],"/");
+ BUF_strlcat(buf[2],"/",sizeof(buf[2]));
#endif
- n=(unsigned char *)&(buf[2][strlen(buf[2])]);
+ n=(char *)&(buf[2][strlen(buf[2])]);
if (j > 0)
{
for (k=0; k<j; k++)
{
- sprintf((char *)n,"%02X",(unsigned char)*(p++));
+ if (n >= &(buf[2][sizeof(buf[2])]))
+ break;
+ BIO_snprintf(n,
+ &buf[2][0] + sizeof(buf[2]) - n,
+ "%02X",(unsigned char)*(p++));
n+=2;
}
}
#ifdef OPENSSL_SYS_VMS
strcat(buf[2],"-old");
#else
- strcat(buf[2],".old");
+ BUF_strlcat(buf[2],".old",sizeof(buf[2]));
#endif
BIO_free(in);
#ifdef OPENSSL_SYS_VMS
strcat(buf[2],"-old");
#else
- strcat(buf[2],".old");
+ BUF_strlcat(buf[2],".old",sizeof(buf[2]));
#endif
if (rename(dbfile,buf[2]) < 0)
strcpy(buf[0],dbfile);
#ifndef OPENSSL_SYS_VMS
- strcat(buf[0],".new");
+ BUF_strlcat(buf[0],".new",sizeof(buf[0]));
#else
strcat(buf[0],"-new");
#endif
strncpy(buf[1],dbfile,BSIZE-4);
buf[1][BSIZE-4]='\0';
#ifndef OPENSSL_SYS_VMS
- strcat(buf[1],".old");
+ BUF_strlcat(buf[1],".old",sizeof(buf[1]));
#else
strcat(buf[1],"-old");
#endif
BIO_printf(bio_err,"Memory allocation failure\n");
goto err;
}
- strcpy(row[DB_file],"unknown");
+ BUF_strlcpy(row[DB_file],"unknown",8);
row[DB_type][0]='V';
row[DB_type][1]='\0';
BIO_printf(bio_err,"Memory allocation failure\n");
goto err;
}
- strcpy(row[DB_file],"unknown");
+ BUF_strlcpy(row[DB_file],"unknown",8);
row[DB_type][0]='V';
row[DB_type][1]='\0';
if (!str) return NULL;
- strcpy(str, (char *)revtm->data);
+ BUF_strlcpy(str, (char *)revtm->data, i);
if (reason)
{
- strcat(str, ",");
- strcat(str, reason);
+ BUF_strlcat(str, ",", i);
+ BUF_strlcat(str, reason, i);
}
if (other)
{
- strcat(str, ",");
- strcat(str, other);
+ BUF_strlcat(str, ",", i);
+ BUF_strlcat(str, other, i);
}
ASN1_UTCTIME_free(revtm);
return str;
}
if(!out_bin)
{
- tmp=tofree=OPENSSL_malloc(strlen(name)+strlen(argv[i])+5);
- sprintf(tmp,"%s(%s)= ",name,argv[i]);
+ size_t len = strlen(name)+strlen(argv[i])+5;
+ tmp=tofree=OPENSSL_malloc(len);
+ BIO_snprintf(tmp,len,"%s(%s)= ",name,argv[i]);
}
else
tmp="";
{
char buf[200];
- sprintf(buf,"enter %s %s password:",
- OBJ_nid2ln(EVP_CIPHER_nid(cipher)),
- (enc)?"encryption":"decryption");
+ BIO_snprintf(buf,sizeof buf,"enter %s %s password:",
+ OBJ_nid2ln(EVP_CIPHER_nid(cipher)),
+ (enc)?"encryption":"decryption");
strbuf[0]='\0';
i=EVP_read_pw_string((char *)strbuf,SIZE,buf,enc);
if (i == 0)
return 0;
if (**buf != '\0')
- strcat(*buf, ", ");
- strcat(*buf, s);
+ BUF_strlcat(*buf, ", ", *size);
+ BUF_strlcat(*buf, s, *size);
return 1;
}
BIO_printf (bio_err, "Can't read Password\n");
goto export_end;
}
- if (!twopass) strcpy(macpass, pass);
+ if (!twopass) BUF_strlcpy(macpass, pass, sizeof macpass);
/* Turn certbags into encrypted authsafe */
authsafe = PKCS12_pack_p7encdata(cert_pbe, cpass, -1, NULL, 0,
iter, bags);
CRYPTO_pop_info();
#endif
- if (!twopass) strcpy(macpass, pass);
+ if (!twopass) BUF_strlcpy(macpass, pass, sizeof macpass);
if (options & INFO) BIO_printf (bio_err, "MAC Iteration %ld\n", p12->mac->iter ? ASN1_INTEGER_get (p12->mac->iter) : 1);
if(macver) {
}
/* If OBJ not recognised ignore it */
if ((nid=OBJ_txt2nid(type)) == NID_undef) goto start;
-
- if(strlen(v->name) > sizeof buf-9)
+ if (BIO_snprintf(buf,sizeof buf,"%s_default",v->name)
+ >= sizeof buf)
{
BIO_printf(bio_err,"Name '%s' too long\n",v->name);
return 0;
}
- sprintf(buf,"%s_default",v->name);
if ((def=NCONF_get_string(req_conf,dn_sect,buf)) == NULL)
{
ERR_clear_error();
def="";
}
- sprintf(buf,"%s_value",v->name);
+
+ BIO_snprintf(buf,sizeof buf,"%s_value",v->name);
if ((value=NCONF_get_string(req_conf,dn_sect,buf)) == NULL)
{
ERR_clear_error();
value=NULL;
}
- sprintf(buf,"%s_min",v->name);
+ BIO_snprintf(buf,sizeof buf,"%s_min",v->name);
if (!NCONF_get_number(req_conf,dn_sect,buf, &n_min))
{
ERR_clear_error();
n_min = -1;
}
- sprintf(buf,"%s_max",v->name);
+ BIO_snprintf(buf,sizeof buf,"%s_max",v->name);
if (!NCONF_get_number(req_conf,dn_sect,buf, &n_max))
{
ERR_clear_error();
if ((nid=OBJ_txt2nid(type)) == NID_undef)
goto start2;
- if(strlen(v->name) > sizeof buf-9)
+ if (BIO_snprintf(buf,sizeof buf,"%s_default",type)
+ >= sizeof buf)
{
BIO_printf(bio_err,"Name '%s' too long\n",v->name);
return 0;
}
- sprintf(buf,"%s_default",type);
if ((def=NCONF_get_string(req_conf,attr_sect,buf))
== NULL)
{
}
- sprintf(buf,"%s_value",type);
+ BIO_snprintf(buf,sizeof buf,"%s_value",type);
if ((value=NCONF_get_string(req_conf,attr_sect,buf))
== NULL)
{
value=NULL;
}
- sprintf(buf,"%s_min",type);
+ BIO_snprintf(buf,sizeof buf,"%s_min",type);
if (!NCONF_get_number(req_conf,attr_sect,buf, &n_min))
n_min = -1;
- sprintf(buf,"%s_max",type);
+ BIO_snprintf(buf,sizeof buf,"%s_max",type);
if (!NCONF_get_number(req_conf,attr_sect,buf, &n_max))
n_max = -1;
(void)BIO_flush(bio_err);
if(value != NULL)
{
- OPENSSL_assert(strlen(value) < sizeof buf-2);
- strcpy(buf,value);
- strcat(buf,"\n");
+ BUF_strlcpy(buf,value,sizeof buf);
+ BUF_strlcat(buf,"\n",sizeof buf);
BIO_printf(bio_err,"%s\n",value);
}
else
{
if ((def == NULL) || (def[0] == '\0'))
return(1);
- strcpy(buf,def);
- strcat(buf,"\n");
+ BUF_strlcpy(buf,def,sizeof buf);
+ BUF_strlcat(buf,"\n",sizeof buf);
}
else if ((buf[0] == '.') && (buf[1] == '\n')) return(1);
(void)BIO_flush(bio_err);
if (value != NULL)
{
- OPENSSL_assert(strlen(value) < sizeof buf-2);
- strcpy(buf,value);
- strcat(buf,"\n");
+ BUF_strlcpy(buf,value,sizeof buf);
+ BUF_strlcat(buf,"\n",sizeof buf);
BIO_printf(bio_err,"%s\n",value);
}
else
{
if ((def == NULL) || (def[0] == '\0'))
return(1);
- strcpy(buf,def);
- strcat(buf,"\n");
+ BUF_strlcpy(buf,def,sizeof buf);
+ BUF_strlcat(buf,"\n",sizeof buf);
}
else if ((buf[0] == '.') && (buf[1] == '\n')) return(1);
perror("OPENSSL_malloc");
return(0);
}
- strcpy(*host,h1->h_name);
+ BUF_strlcpy(*host,h1->h_name,strlen(h1->h_name)+1);
h2=GetHostByName(*host);
if (h2 == NULL)
if (s_www_path != NULL)
{
- sprintf(buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
+ BIO_snprintf(buf,sizeof buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
SSL_write(scon,buf,strlen(buf));
while ((i=SSL_read(scon,buf,sizeof(buf))) > 0)
bytes_read+=i;
if (s_www_path != NULL)
{
- sprintf(buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
+ BIO_snprintf(buf,sizeof buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
SSL_write(scon,buf,strlen(buf));
while (SSL_read(scon,buf,sizeof(buf)) > 0)
;
if (s_www_path)
{
- sprintf(buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
+ BIO_snprintf(buf,sizeof buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
SSL_write(scon,buf,strlen(buf));
while ((i=SSL_read(scon,buf,sizeof(buf))) > 0)
bytes_read+=i;
{
dsa_doit[R_DSA_512]=1;
dsa_doit[R_DSA_1024]=1;
+ dsa_doit[R_DSA_2048]=1;
}
else
#endif
ASN1_INTEGER *bs = NULL, *bs2 = NULL;
BIO *io = NULL;
BIGNUM *serial = NULL;
+ size_t len;
- buf=OPENSSL_malloc( ((serialfile == NULL)
- ?(strlen(CAfile)+strlen(POSTFIX)+1)
- :(strlen(serialfile)))+1);
+ len = ((serialfile == NULL)
+ ?(strlen(CAfile)+strlen(POSTFIX)+1)
+ :(strlen(serialfile)))+1;
+ buf=OPENSSL_malloc(len);
if (buf == NULL) { BIO_printf(bio_err,"out of mem\n"); goto end; }
if (serialfile == NULL)
{
- strcpy(buf,CAfile);
+ BUF_strlcpy(buf,CAfile,len);
for (p=buf; *p; p++)
if (*p == '.')
{
*p='\0';
break;
}
- strcat(buf,POSTFIX);
+ BUF_strlcat(buf,POSTFIX,len);
}
else
- strcpy(buf,serialfile);
+ BUF_strlcpy(buf,serialfile,len);
serial=BN_new();
bs=ASN1_INTEGER_new();
if ((serial == NULL) || (bs == NULL))
done;
links:
- @$(TOP)/util/point.sh Makefile.ssl Makefile
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../apps $(APPS)
- @$(TOP)/util/point.sh Makefile.ssl Makefile
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile
@for i in $(SDIRS); do \
(cd $$i && echo "making links in crypto/$$i..." && \
$(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PERL='${PERL}' links ); \
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
- @$(TOP)/util/point.sh Makefile.ssl Makefile
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
- @$(TOP)/util/point.sh Makefile.ssl Makefile
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
char *p;
struct tm *ts;
struct tm data;
+ size_t len = 20;
if (s == NULL)
s=M_ASN1_GENERALIZEDTIME_new();
return(NULL);
p=(char *)s->data;
- if ((p == NULL) || (s->length < 16))
+ if ((p == NULL) || (s->length < len))
{
- p=OPENSSL_malloc(20);
+ p=OPENSSL_malloc(len);
if (p == NULL) return(NULL);
if (s->data != NULL)
OPENSSL_free(s->data);
s->data=(unsigned char *)p;
}
- sprintf(p,"%04d%02d%02d%02d%02d%02dZ",ts->tm_year + 1900,
- ts->tm_mon+1,ts->tm_mday,ts->tm_hour,ts->tm_min,ts->tm_sec);
+ BIO_snprintf(p,len,"%04d%02d%02d%02d%02d%02dZ",ts->tm_year + 1900,
+ ts->tm_mon+1,ts->tm_mday,ts->tm_hour,ts->tm_min,ts->tm_sec);
s->length=strlen(p);
s->type=V_ASN1_GENERALIZEDTIME;
#ifdef CHARSET_EBCDIC_not
if((minsize > 0) && (nchar < minsize)) {
ASN1err(ASN1_F_ASN1_MBSTRING_COPY, ASN1_R_STRING_TOO_SHORT);
- sprintf(strbuf, "%ld", minsize);
+ BIO_snprintf(strbuf, sizeof strbuf, "%ld", minsize);
ERR_add_error_data(2, "minsize=", strbuf);
return -1;
}
if((maxsize > 0) && (nchar > maxsize)) {
ASN1err(ASN1_F_ASN1_MBSTRING_COPY, ASN1_R_STRING_TOO_LONG);
- sprintf(strbuf, "%ld", maxsize);
+ BIO_snprintf(strbuf, sizeof strbuf, "%ld", maxsize);
ERR_add_error_data(2, "maxsize=", strbuf);
return -1;
}
{
ASN1_GENERALIZEDTIME *ret;
char *str;
+ int newlen;
if (!ASN1_TIME_check(t)) return NULL;
/* grow the string */
if (!ASN1_STRING_set(ret, NULL, t->length + 2))
return NULL;
+ /* ASN1_STRING_set() allocated 'len + 1' bytes. */
+ newlen = t->length + 2 + 1;
str = (char *)ret->data;
/* Work out the century and prepend */
- if (t->data[0] >= '5') strcpy(str, "19");
- else strcpy(str, "20");
+ if (t->data[0] >= '5') BUF_strlcpy(str, "19", newlen);
+ else BUF_strlcpy(str, "20", newlen);
- BUF_strlcat(str, (char *)t->data, t->length+3); /* Include space for a '\0' */
+ BUF_strlcat(str, (char *)t->data, newlen);
return ret;
}
char *p;
struct tm *ts;
struct tm data;
+ size_t len = 20;
if (s == NULL)
s=M_ASN1_UTCTIME_new();
return(NULL);
p=(char *)s->data;
- if ((p == NULL) || (s->length < 14))
+ if ((p == NULL) || (s->length < len))
{
- p=OPENSSL_malloc(20);
+ p=OPENSSL_malloc(len);
if (p == NULL) return(NULL);
if (s->data != NULL)
OPENSSL_free(s->data);
s->data=(unsigned char *)p;
}
- sprintf(p,"%02d%02d%02d%02d%02d%02dZ",ts->tm_year%100,
- ts->tm_mon+1,ts->tm_mday,ts->tm_hour,ts->tm_min,ts->tm_sec);
+ BIO_snprintf(p,len,"%02d%02d%02d%02d%02d%02dZ",ts->tm_year%100,
+ ts->tm_mon+1,ts->tm_mday,ts->tm_hour,ts->tm_min,ts->tm_sec);
s->length=strlen(p);
s->type=V_ASN1_UTCTIME;
#ifdef CHARSET_EBCDIC_not
{
char buf1[DECIMAL_SIZE(address)+1],buf2[DECIMAL_SIZE(offset)+1];
- sprintf(buf1,"%lu",(unsigned long)address);
- sprintf(buf2,"%d",offset);
+ BIO_snprintf(buf1,sizeof buf1,"%lu",(unsigned long)address);
+ BIO_snprintf(buf2,sizeof buf2,"%d",offset);
ERR_add_error_data(4,"address=",buf1," offset=",buf2);
}
p=str;
if ((xclass & V_ASN1_PRIVATE) == V_ASN1_PRIVATE)
- sprintf(str,"priv [ %d ] ",tag);
+ BIO_snprintf(str,sizeof str,"priv [ %d ] ",tag);
else if ((xclass & V_ASN1_CONTEXT_SPECIFIC) == V_ASN1_CONTEXT_SPECIFIC)
- sprintf(str,"cont [ %d ]",tag);
+ BIO_snprintf(str,sizeof str,"cont [ %d ]",tag);
else if ((xclass & V_ASN1_APPLICATION) == V_ASN1_APPLICATION)
- sprintf(str,"appl [ %d ]",tag);
+ BIO_snprintf(str,sizeof str,"appl [ %d ]",tag);
else p = ASN1_tag2str(tag);
if (p2 != NULL)
}
if (x->d == NULL)
- sprintf(str,"Modulus (%d bit):",BN_num_bits(x->n));
+ BIO_snprintf(str,sizeof str,"Modulus (%d bit):",BN_num_bits(x->n));
else
- strcpy(str,"modulus:");
+ BUF_strlcpy(str,"modulus:",sizeof str);
if (!print(bp,str,x->n,m,off)) goto err;
s=(x->d == NULL)?"Exponent:":"publicExponent:";
if (!print(bp,s,x->e,m,off)) goto err;
long ltmp;
unsigned long utmp;
int clen, pad, i;
- ltmp = *(long *)pval;
+ /* this exists to bypass broken gcc optimization */
+ char *cp = (char *)pval;
+
+ /* use memcpy, because we may not be long aligned */
+ memcpy(<mp, cp, sizeof(long));
+
if(ltmp == it->size) return -1;
/* Convert the long to positive: we subtract one if negative so
* we can cleanly handle the padding if only the MSB of the leading
int neg, i;
long ltmp;
unsigned long utmp = 0;
+ char *cp = (char *)pval;
if(len > sizeof(long)) {
ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
return 0;
ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
return 0;
}
- *(long *)pval = ltmp;
+ memcpy(cp, <mp, sizeof(long));
return 1;
}
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
- @$(TOP)/util/point.sh Makefile.ssl Makefile
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
- @$(TOP)/util/point.sh Makefile.ssl Makefile
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
for(i=0;i<rows;i++)
{
buf[0]='\0'; /* start with empty string */
- strcpy(buf,str);
- sprintf(tmp,"%04x - ",i*dump_width);
- strcat(buf,tmp);
+ BUF_strlcpy(buf,str,sizeof buf);
+ BIO_snprintf(tmp,sizeof tmp,"%04x - ",i*dump_width);
+ BUF_strlcat(buf,tmp,sizeof buf);
for(j=0;j<dump_width;j++)
{
if (((i*dump_width)+j)>=len)
{
- strcat(buf," ");
+ BUF_strlcat(buf," ",sizeof buf);
}
else
{
ch=((unsigned char)*(s+i*dump_width+j)) & 0xff;
- sprintf(tmp,"%02x%c",ch,j==7?'-':' ');
- strcat(buf,tmp);
+ BIO_snprintf(tmp,sizeof tmp,"%02x%c",ch,
+ j==7?'-':' ');
+ BUF_strlcat(buf,tmp,sizeof buf);
}
}
- strcat(buf," ");
+ BUF_strlcat(buf," ",sizeof buf);
for(j=0;j<dump_width;j++)
{
if (((i*dump_width)+j)>=len)
break;
ch=((unsigned char)*(s+i*dump_width+j)) & 0xff;
#ifndef CHARSET_EBCDIC
- sprintf(tmp,"%c",((ch>=' ')&&(ch<='~'))?ch:'.');
+ BIO_snprintf(tmp,sizeof tmp,"%c",
+ ((ch>=' ')&&(ch<='~'))?ch:'.');
#else
- sprintf(tmp,"%c",((ch>=os_toascii[' '])&&(ch<=os_toascii['~']))
- ? os_toebcdic[ch]
- : '.');
+ BIO_snprintf(tmp,sizeof tmp,"%c",
+ ((ch>=os_toascii[' '])&&(ch<=os_toascii['~']))
+ ? os_toebcdic[ch]
+ : '.');
#endif
- strcat(buf,tmp);
+ BUF_strlcat(buf,tmp,sizeof buf);
}
- strcat(buf,"\n");
+ BUF_strlcat(buf,"\n",sizeof buf);
/* if this is the last call then update the ddt_dump thing so that
* we will move the selection point in the debug window
*/
#ifdef TRUNCATE
if (trunc > 0)
{
- sprintf(buf,"%s%04x - <SPACES/NULS>\n",str,len+trunc);
+ BIO_snprintf(buf,sizeof buf,"%s%04x - <SPACES/NULS>\n",str,
+ len+trunc);
ret+=BIO_write(bio,(char *)buf,strlen(buf));
}
#endif
}
static LDOUBLE
-pow10(int exp)
+pow10(int in_exp)
{
LDOUBLE result = 1;
- while (exp) {
+ while (in_exp) {
result *= 10;
- exp--;
+ in_exp--;
}
return result;
}
}
*addr=p;
}
- sprintf(*addr,"%d.%d.%d.%d:%d",
- (unsigned char)(l>>24L)&0xff,
- (unsigned char)(l>>16L)&0xff,
- (unsigned char)(l>> 8L)&0xff,
- (unsigned char)(l )&0xff,
- port);
+ BIO_snprintf(*addr,24,"%d.%d.%d.%d:%d",
+ (unsigned char)(l>>24L)&0xff,
+ (unsigned char)(l>>16L)&0xff,
+ (unsigned char)(l>> 8L)&0xff,
+ (unsigned char)(l )&0xff,
+ port);
end:
return(ret);
}
MS_STATIC char buf[256];
char *p;
long r=1;
+ size_t p_maxlen;
if (BIO_CB_RETURN & cmd)
r=ret;
- sprintf(buf,"BIO[%08lX]:",(unsigned long)bio);
+ BIO_snprintf(buf,sizeof buf,"BIO[%08lX]:",(unsigned long)bio);
p= &(buf[14]);
+ p_maxlen = sizeof buf - 14;
switch (cmd)
{
case BIO_CB_FREE:
- sprintf(p,"Free - %s\n",bio->method->name);
+ BIO_snprintf(p,p_maxlen,"Free - %s\n",bio->method->name);
break;
case BIO_CB_READ:
if (bio->method->type & BIO_TYPE_DESCRIPTOR)
- sprintf(p,"read(%d,%d) - %s fd=%d\n",bio->num,argi,bio->method->name,bio->num);
+ BIO_snprintf(p,p_maxlen,"read(%d,%d) - %s fd=%d\n",
+ bio->num,argi,bio->method->name,bio->num);
else
- sprintf(p,"read(%d,%d) - %s\n",bio->num,argi,bio->method->name);
+ BIO_snprintf(p,p_maxlen,"read(%d,%d) - %s\n",
+ bio->num,argi,bio->method->name);
break;
case BIO_CB_WRITE:
if (bio->method->type & BIO_TYPE_DESCRIPTOR)
- sprintf(p,"write(%d,%d) - %s fd=%d\n",bio->num,argi,bio->method->name,bio->num);
+ BIO_snprintf(p,p_maxlen,"write(%d,%d) - %s fd=%d\n",
+ bio->num,argi,bio->method->name,bio->num);
else
- sprintf(p,"write(%d,%d) - %s\n",bio->num,argi,bio->method->name);
+ BIO_snprintf(p,p_maxlen,"write(%d,%d) - %s\n",
+ bio->num,argi,bio->method->name);
break;
case BIO_CB_PUTS:
- sprintf(p,"puts() - %s\n",bio->method->name);
+ BIO_snprintf(p,p_maxlen,"puts() - %s\n",bio->method->name);
break;
case BIO_CB_GETS:
- sprintf(p,"gets(%d) - %s\n",argi,bio->method->name);
+ BIO_snprintf(p,p_maxlen,"gets(%d) - %s\n",argi,bio->method->name);
break;
case BIO_CB_CTRL:
- sprintf(p,"ctrl(%d) - %s\n",argi,bio->method->name);
+ BIO_snprintf(p,p_maxlen,"ctrl(%d) - %s\n",argi,bio->method->name);
break;
case BIO_CB_RETURN|BIO_CB_READ:
- sprintf(p,"read return %ld\n",ret);
+ BIO_snprintf(p,p_maxlen,"read return %ld\n",ret);
break;
case BIO_CB_RETURN|BIO_CB_WRITE:
- sprintf(p,"write return %ld\n",ret);
+ BIO_snprintf(p,p_maxlen,"write return %ld\n",ret);
break;
case BIO_CB_RETURN|BIO_CB_GETS:
- sprintf(p,"gets return %ld\n",ret);
+ BIO_snprintf(p,p_maxlen,"gets return %ld\n",ret);
break;
case BIO_CB_RETURN|BIO_CB_PUTS:
- sprintf(p,"puts return %ld\n",ret);
+ BIO_snprintf(p,p_maxlen,"puts return %ld\n",ret);
break;
case BIO_CB_RETURN|BIO_CB_CTRL:
- sprintf(p,"ctrl return %ld\n",ret);
+ BIO_snprintf(p,p_maxlen,"ctrl return %ld\n",ret);
break;
default:
- sprintf(p,"bio callback - unknown type (%d)\n",cmd);
+ BIO_snprintf(p,p_maxlen,"bio callback - unknown type (%d)\n",cmd);
break;
}
char buf[16];
unsigned char *p = ptr;
- sprintf(buf,"%d.%d.%d.%d",
- p[0],p[1],p[2],p[3]);
+ BIO_snprintf(buf,sizeof buf,"%d.%d.%d.%d",
+ p[0],p[1],p[2],p[3]);
if (data->param_hostname != NULL)
OPENSSL_free(data->param_hostname);
data->param_hostname=BUF_strdup(buf);
{
char buf[DECIMAL_SIZE(int)+1];
- sprintf(buf,"%d",*(int *)ptr);
+ BIO_snprintf(buf,sizeof buf,"%d",*(int *)ptr);
if (data->param_port != NULL)
OPENSSL_free(data->param_port);
data->param_port=BUF_strdup(buf);
if (num & BIO_FP_APPEND)
{
if (num & BIO_FP_READ)
- strcpy(p,"a+");
- else strcpy(p,"a");
+ BUF_strlcpy(p,"a+",sizeof p);
+ else BUF_strlcpy(p,"a",sizeof p);
}
else if ((num & BIO_FP_READ) && (num & BIO_FP_WRITE))
- strcpy(p,"r+");
+ BUF_strlcpy(p,"r+",sizeof p);
else if (num & BIO_FP_WRITE)
- strcpy(p,"w");
+ BUF_strlcpy(p,"w",sizeof p);
else if (num & BIO_FP_READ)
- strcpy(p,"r");
+ BUF_strlcpy(p,"r",sizeof p);
else
{
BIOerr(BIO_F_FILE_CTRL,BIO_R_BAD_FOPEN_MODE);
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
- @$(TOP)/util/point.sh Makefile.ssl Makefile
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
{
init++;
#ifdef BN_LLONG
- sprintf(data,"bn(%d,%d)",(int)sizeof(BN_ULLONG)*8,
- (int)sizeof(BN_ULONG)*8);
+ BIO_snprintf(data,sizeof data,"bn(%d,%d)",
+ (int)sizeof(BN_ULLONG)*8,(int)sizeof(BN_ULONG)*8);
#else
- sprintf(data,"bn(%d,%d)",(int)sizeof(BN_ULONG)*8,
- (int)sizeof(BN_ULONG)*8);
+ BIO_snprintf(data,sizeof data,"bn(%d,%d)",
+ (int)sizeof(BN_ULONG)*8,(int)sizeof(BN_ULONG)*8);
#endif
}
return(data);
}
if ((t=BN_dup(a)) == NULL) goto err;
+#define BUF_REMAIN (num+3 - (size_t)(p - buf))
p=buf;
lp=bn_data;
if (t->neg) *(p++)='-';
/* We now have a series of blocks, BN_DEC_NUM chars
* in length, where the last one needs truncation.
* The blocks need to be reversed in order. */
- sprintf(p,BN_DEC_FMT1,*lp);
+ BIO_snprintf(p,BUF_REMAIN,BN_DEC_FMT1,*lp);
while (*p) p++;
while (lp != bn_data)
{
lp--;
- sprintf(p,BN_DEC_FMT2,*lp);
+ BIO_snprintf(p,BUF_REMAIN,BN_DEC_FMT2,*lp);
while (*p) p++;
}
}
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
- @$(TOP)/util/point.sh Makefile.ssl Makefile
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
- @$(TOP)/util/point.sh Makefile.ssl Makefile
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
- @$(TOP)/util/point.sh Makefile.ssl Makefile
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
- @$(TOP)/util/point.sh Makefile.ssl Makefile
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
CONFerr(CONF_F_CONF_LOAD_BIO,ERR_R_MALLOC_FAILURE);
goto err;
}
- strcpy(section,"default");
+ BUF_strlcpy(section,"default",10);
if (_CONF_new_data(conf) == 0)
{
ERR_R_MALLOC_FAILURE);
goto err;
}
- strcpy(v->name,pname);
+ BUF_strlcpy(v->name,pname,strlen(pname)+1);
if (!str_copy(conf,psection,&(v->value),start)) goto err;
if (strcmp(psection,section) != 0)
if (buff != NULL) BUF_MEM_free(buff);
if (section != NULL) OPENSSL_free(section);
if (line != NULL) *line=eline;
- sprintf(btmp,"%ld",eline);
+ BIO_snprintf(btmp,sizeof btmp,"%ld",eline);
ERR_add_error_data(2,"line ",btmp);
if ((h != conf->data) && (conf->data != NULL))
{
{
char rcode[DECIMAL_SIZE(ret)+1];
CONFerr(CONF_F_CONF_MODULES_LOAD, CONF_R_MODULE_INITIALIZATION_ERROR);
- sprintf(rcode, "%-8d", ret);
+ BIO_snprintf(rcode, sizeof rcode, "%-8d", ret);
ERR_add_error_data(6, "module=", name, ", value=", value, ", retcode=", rcode);
}
}
if (!file)
return NULL;
- strcpy(file,X509_get_default_cert_area());
+ BUF_strlcpy(file,X509_get_default_cert_area(),len + 1);
#ifndef OPENSSL_SYS_VMS
- strcat(file,"/");
+ BUF_strlcat(file,"/",len + 1);
#endif
- strcat(file,OPENSSL_CONF);
+ BUF_strlcat(file,OPENSSL_CONF,len + 1);
return file;
}
#include "cryptlib.h"
#include <openssl/crypto.h>
+#ifndef NO_WINDOWS_BRAINDEATH
#include "buildinf.h"
+#endif
const char *SSLeay_version(int t)
{
#ifdef DATE
static char buf[sizeof(DATE)+11];
- sprintf(buf,"built on: %s",DATE);
+ BIO_snprintf(buf,sizeof buf,"built on: %s",DATE);
return(buf);
#else
return("built on: date not available");
#ifdef CFLAGS
static char buf[sizeof(CFLAGS)+11];
- sprintf(buf,"compiler: %s",CFLAGS);
+ BIO_snprintf(buf,sizeof buf,"compiler: %s",CFLAGS);
return(buf);
#else
return("compiler: information not available");
#ifdef PLATFORM
static char buf[sizeof(PLATFORM)+11];
- sprintf(buf,"platform: %s", PLATFORM);
+ BIO_snprintf(buf,sizeof buf,"platform: %s", PLATFORM);
return(buf);
#else
return("platform: information not available");
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
- @$(TOP)/util/point.sh Makefile.ssl Makefile
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
#include "des_ver.h"
#include "spr.h"
#include <openssl/opensslv.h>
+#include <openssl/bio.h>
OPENSSL_GLOBAL const char *libdes_version="libdes" OPENSSL_VERSION_PTEXT;
OPENSSL_GLOBAL const char *DES_version="DES" OPENSSL_VERSION_PTEXT;
size="int";
else
size="long";
- sprintf(buf,"des(%s,%s,%s,%s)",ptr,risc,unroll,size);
+ BIO_snprintf(buf,sizeof buf,"des(%s,%s,%s,%s)",ptr,risc,unroll,
+ size);
init=0;
}
return(buf);
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
- @$(TOP)/util/point.sh Makefile.ssl Makefile
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
- @$(TOP)/util/point.sh Makefile.ssl Makefile
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
- @$(TOP)/util/point.sh Makefile.ssl Makefile
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
DSOerr(DSO_F_DSO_SET_FILENAME,ERR_R_MALLOC_FAILURE);
return(0);
}
- strcpy(copied, filename);
+ BUF_strlcpy(copied, filename, strlen(filename) + 1);
if(dso->filename)
OPENSSL_free(dso->filename);
dso->filename = copied;
ERR_R_MALLOC_FAILURE);
return(NULL);
}
- strcpy(result, filename);
+ BUF_strlcpy(result, filename, strlen(filename) + 1);
}
return(result);
}
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
- @$(TOP)/util/point.sh Makefile.ssl Makefile
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
- @$(TOP)/util/point.sh Makefile.ssl Makefile
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
case ENGINE_CTRL_GET_NAME_LEN_FROM_CMD:
return strlen(e->cmd_defns[idx].cmd_name);
case ENGINE_CTRL_GET_NAME_FROM_CMD:
- return sprintf(s, "%s", e->cmd_defns[idx].cmd_name);
+ return BIO_snprintf(s,strlen(e->cmd_defns[idx].cmd_name) + 1,
+ "%s", e->cmd_defns[idx].cmd_name);
case ENGINE_CTRL_GET_DESC_LEN_FROM_CMD:
if(e->cmd_defns[idx].cmd_desc)
return strlen(e->cmd_defns[idx].cmd_desc);
return strlen(int_no_description);
case ENGINE_CTRL_GET_DESC_FROM_CMD:
if(e->cmd_defns[idx].cmd_desc)
- return sprintf(s, "%s", e->cmd_defns[idx].cmd_desc);
- return sprintf(s, "%s", int_no_description);
+ return BIO_snprintf(s,
+ strlen(e->cmd_defns[idx].cmd_desc) + 1,
+ "%s", e->cmd_defns[idx].cmd_desc);
+ return BIO_snprintf(s, strlen(int_no_description) + 1,"%s",
+ int_no_description);
case ENGINE_CTRL_GET_CMD_FLAGS:
return e->cmd_defns[idx].cmd_flags;
}
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
- * 3. Neither the name of the author nor the names of contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND ANY
* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
goto err;
}
- printf("bar\n");
memset(&kop, 0, sizeof kop);
kop.crk_op = CRK_DSA_SIGN;
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
- @$(TOP)/util/point.sh Makefile.ssl Makefile
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
else
str=p;
}
- strcat(str,a);
+ BUF_strlcat(str,a,s+1);
}
}
ERR_set_error_data(str,ERR_TXT_MALLOCED|ERR_TXT_STRING);
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
- @$(TOP)/util/point.sh Makefile.ssl Makefile
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
cp $(TESTDATA) ../../test
*) digest is initialized with random seed instead of
standardized one.
- *) same seed is written to ouput
+ *) same seed is written to output
*) well-known text is then hashed and the output
of the digest is also written to output.
if (i == -1) {
char obj_tmp[80];
EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_UNKNOWN_PBE_ALGORITHM);
- if (!pbe_obj) strcpy (obj_tmp, "NULL");
+ if (!pbe_obj) BUF_strlcpy (obj_tmp, "NULL", sizeof obj_tmp);
else i2t_ASN1_OBJECT(obj_tmp, sizeof obj_tmp, pbe_obj);
ERR_add_error_data(2, "TYPE=", obj_tmp);
return 0;
#endif
default:
EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
- if (!a->algorithm) strcpy (obj_tmp, "NULL");
+ if (!a->algorithm) BUF_strlcpy (obj_tmp, "NULL", sizeof obj_tmp);
else i2t_ASN1_OBJECT(obj_tmp, 80, a->algorithm);
ERR_add_error_data(2, "TYPE=", obj_tmp);
EVP_PKEY_free (pkey);
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
- @$(TOP)/util/point.sh Makefile.ssl Makefile
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
- @$(TOP)/util/point.sh Makefile.ssl Makefile
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
- @$(TOP)/util/point.sh Makefile.ssl Makefile ;
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile ;
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
- @$(TOP)/util/point.sh Makefile.ssl Makefile
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
- @$(TOP)/util/point.sh Makefile.ssl Makefile
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
- @$(TOP)/util/point.sh Makefile.ssl Makefile
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
- @$(TOP)/util/point.sh Makefile.ssl Makefile
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
- @$(TOP)/util/point.sh Makefile.ssl Makefile
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
struct tm *lcl = NULL;
unsigned long ti;
+#define BUF_REMAIN (sizeof buf - (size_t)(bufp - buf))
+
if(m->addr == (char *)l->bio)
return;
{
lcl = localtime(&m->time);
- sprintf(bufp, "[%02d:%02d:%02d] ",
+ BIO_snprintf(bufp, BUF_REMAIN, "[%02d:%02d:%02d] ",
lcl->tm_hour,lcl->tm_min,lcl->tm_sec);
bufp += strlen(bufp);
}
- sprintf(bufp, "%5lu file=%s, line=%d, ",
+ BIO_snprintf(bufp, BUF_REMAIN, "%5lu file=%s, line=%d, ",
m->order,m->file,m->line);
bufp += strlen(bufp);
if (options & V_CRYPTO_MDEBUG_THREAD)
{
- sprintf(bufp, "thread=%lu, ", m->thread);
+ BIO_snprintf(bufp, BUF_REMAIN, "thread=%lu, ", m->thread);
bufp += strlen(bufp);
}
- sprintf(bufp, "number=%d, address=%08lX\n",
+ BIO_snprintf(bufp, BUF_REMAIN, "number=%d, address=%08lX\n",
m->num,(unsigned long)m->addr);
bufp += strlen(bufp);
ami_cnt++;
memset(buf,'>',ami_cnt);
- sprintf(buf + ami_cnt,
+ BIO_snprintf(buf + ami_cnt, sizeof buf - ami_cnt,
" thread=%lu, file=%s, line=%d, info=\"",
amip->thread, amip->file, amip->line);
buf_len=strlen(buf);
}
else
{
- strcpy(buf + buf_len, amip->info);
+ BUF_strlcpy(buf + buf_len, amip->info,
+ sizeof buf - buf_len);
buf_len = strlen(buf);
}
- sprintf(buf + buf_len, "\"\n");
+ BIO_snprintf(buf + buf_len, sizeof buf - buf_len, "\"\n");
BIO_puts(l->bio,buf);
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
- @$(TOP)/util/point.sh Makefile.ssl Makefile
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
if (i > 2) i=2;
l-=(long)(i*40);
- sprintf(tbuf,"%d.%lu",i,l);
+ BIO_snprintf(tbuf,sizeof tbuf,"%d.%lu",i,l);
i=strlen(tbuf);
BUF_strlcpy(buf,tbuf,buf_len);
buf_len-=i;
for (; idx<len; idx++) {
l|=p[idx]&0x7f;
if (!(p[idx] & 0x80)) {
- sprintf(tbuf,".%lu",l);
+ BIO_snprintf(tbuf,sizeof tbuf,".%lu",l);
i=strlen(tbuf);
if (buf_len > 0)
BUF_strlcpy(buf,tbuf,buf_len);
#!/usr/local/bin/perl
+# fixes bug in floating point emulation on sparc64 when
+# this script produces off-by-one output on sparc64
+use integer;
+
sub obj_cmp
{
local(@a,@b,$_,$r);
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
- @$(TOP)/util/point.sh Makefile.ssl Makefile ;
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile ;
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links: $(EXHEADER)
- @$(TOP)/util/point.sh Makefile.ssl Makefile
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
else
str="BAD-TYPE";
- strcat(buf,"Proc-Type: 4,");
- strcat(buf,str);
- strcat(buf,"\n");
+ BUF_strlcat(buf,"Proc-Type: 4,",PEM_BUFSIZE);
+ BUF_strlcat(buf,str,PEM_BUFSIZE);
+ BUF_strlcat(buf,"\n",PEM_BUFSIZE);
}
void PEM_dek_info(char *buf, const char *type, int len, char *str)
long i;
int j;
- strcat(buf,"DEK-Info: ");
- strcat(buf,type);
- strcat(buf,",");
+ BUF_strlcat(buf,"DEK-Info: ",PEM_BUFSIZE);
+ BUF_strlcat(buf,type,PEM_BUFSIZE);
+ BUF_strlcat(buf,",",PEM_BUFSIZE);
j=strlen(buf);
+ if (j + (len * 2) + 1 > PEM_BUFSIZE)
+ return;
for (i=0; i<len; i++)
{
buf[j+i*2] =map[(str[i]>>4)&0x0f];
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
- @$(TOP)/util/point.sh Makefile.ssl Makefile
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
- @$(TOP)/util/point.sh Makefile.ssl Makefile
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
- @$(TOP)/util/point.sh Makefile.ssl Makefile
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
#include <openssl/e_os2.h>
#include <openssl/rand.h>
+#include <openssl/buffer.h>
/*
* Query the EGD <URL: http://www.lothar.com/tech/crypto/>.
addr.sun_family = AF_UNIX;
if (strlen(path) >= sizeof(addr.sun_path))
return (-1);
- strcpy(addr.sun_path,path);
+ BUF_strlcpy(addr.sun_path,path,sizeof addr.sun_path);
len = offsetof(struct sockaddr_un, sun_path) + strlen(path);
fd = socket(AF_UNIX, SOCK_STREAM, 0);
if (fd == -1) return (-1);
#include <unistd.h>
#include <time.h>
+#ifdef __OpenBSD__
+int RAND_poll(void)
+{
+ u_int32_t rnd = 0, i;
+ unsigned char buf[ENTROPY_NEEDED];
+
+ for (i = 0; i < sizeof(buf); i++) {
+ if (i % 4 == 0)
+ rnd = arc4random();
+ buf[i] = rnd;
+ rnd >>= 8;
+ }
+ RAND_add(buf, sizeof(buf), ENTROPY_NEEDED);
+ memset(buf, 0, sizeof(buf));
+
+ return 1;
+}
+#else
int RAND_poll(void)
{
unsigned long l;
#endif
}
+#endif
#endif
#if defined(OPENSSL_SYS_VXWORKS)
* Created 960901 by Gertjan van Oosten, gertjan@West.NL, West Consulting B.V.
*
* Code adapted from
- * <URL:http://www.microsoft.com/kb/developr/win_dk/q97193.htm>;
+ * <URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];97193>;
* the original copyright message is:
*
* (C) Copyright Microsoft Corp. 1993. All rights reserved.
* [including the GNU Public Licence.]
*/
+/* We need to define this to get macros like S_IFBLK and S_IFCHR */
+#define _XOPEN_SOURCE 1
+
#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
#include "e_os.h"
#include <openssl/crypto.h>
#include <openssl/rand.h>
+#include <openssl/buffer.h>
#ifdef OPENSSL_SYS_VMS
#include <unixio.h>
in=fopen(file,"rb");
if (in == NULL) goto err;
+ if (sb.st_mode & (S_IFBLK | S_IFCHR)) {
+ /* this file is a device. we don't want read an infinite number
+ * of bytes from a random device, nor do we want to use buffered
+ * I/O because we will waste system entropy.
+ */
+ bytes = (bytes == -1) ? 2048 : bytes; /* ok, is 2048 enough? */
+ setvbuf(in, NULL, _IONBF, 0); /* don't do buffered reads */
+ }
for (;;)
{
if (bytes > 0)
int i,ret=0,rand_err=0;
FILE *out = NULL;
int n;
+ struct stat sb;
+ i=stat(file,&sb);
+ if (i != -1) {
+ if (sb.st_mode & (S_IFBLK | S_IFCHR)) {
+ /* this file is a device. we don't write back to it.
+ * we "succeed" on the assumption this is some sort
+ * of random device. Otherwise attempting to write to
+ * and chmod the device causes problems.
+ */
+ return(1);
+ }
+ }
+
#if defined(O_CREAT) && !defined(OPENSSL_SYS_WIN32)
/* For some reason Win32 can't write to files created this way */
const char *RAND_file_name(char *buf, size_t size)
{
char *s=NULL;
- char *ret=NULL;
+ int ok = 0;
+#ifdef __OpenBSD__
+ struct stat sb;
+#endif
if (OPENSSL_issetugid() == 0)
s=getenv("RANDFILE");
- if (s != NULL)
+ if (s != NULL && *s && strlen(s) + 1 < size)
{
- if(strlen(s) >= size)
+ if (BUF_strlcpy(buf,s,size) >= size)
return NULL;
- strcpy(buf,s);
- ret=buf;
}
else
{
s = DEFAULT_HOME;
}
#endif
- if (s != NULL && (strlen(s)+strlen(RFILE)+2 < size))
+ if (s && *s && strlen(s)+strlen(RFILE)+2 < size)
{
- strcpy(buf,s);
+ BUF_strlcpy(buf,s,size);
#ifndef OPENSSL_SYS_VMS
- strcat(buf,"/");
+ BUF_strlcat(buf,"/",size);
#endif
- strcat(buf,RFILE);
- ret=buf;
+ BUF_strlcat(buf,RFILE,size);
+ ok = 1;
}
else
buf[0] = '\0'; /* no file name */
}
- return(ret);
+
+#ifdef __OpenBSD__
+ /* given that all random loads just fail if the file can't be
+ * seen on a stat, we stat the file we're returning, if it
+ * fails, use /dev/arandom instead. this allows the user to
+ * use their own source for good random data, but defaults
+ * to something hopefully decent if that isn't available.
+ */
+
+ if (!ok)
+ if (BUF_strlcpy(buf,"/dev/arandom",size) >= size) {
+ return(NULL);
+ }
+ if (stat(buf,&sb) == -1)
+ if (BUF_strlcpy(buf,"/dev/arandom",size) >= size) {
+ return(NULL);
+ }
+
+#endif
+ return(buf);
}
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
- @$(TOP)/util/point.sh Makefile.ssl Makefile
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
- @$(TOP)/util/point.sh Makefile.ssl Makefile
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
- @$(TOP)/util/point.sh Makefile.ssl Makefile
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
- @$(TOP)/util/point.sh Makefile.ssl Makefile
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
- @$(TOP)/util/point.sh Makefile.ssl Makefile
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
- @$(TOP)/util/point.sh Makefile.ssl Makefile
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
- @$(TOP)/util/point.sh Makefile.ssl Makefile
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
goto end;
}
- if (cipher == NULL) cipher=getenv("SSL_CIPHER");
+ if (cipher == NULL && OPENSSL_issetugid() == 0)
+ cipher=getenv("SSL_CIPHER");
SSL_load_error_strings();
OpenSSL_add_ssl_algorithms();
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
- @$(TOP)/util/point.sh Makefile.ssl Makefile
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
- @$(TOP)/util/point.sh Makefile.ssl Makefile
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
len += sizeof(prompt3) - 1;
prompt = (char *)OPENSSL_malloc(len + 1);
- strcpy(prompt, prompt1);
- strcat(prompt, object_desc);
+ BUF_strlcpy(prompt, prompt1, len + 1);
+ BUF_strlcat(prompt, object_desc, len + 1);
if (object_name)
{
- strcat(prompt, prompt2);
- strcat(prompt, object_name);
+ BUF_strlcat(prompt, prompt2, len + 1);
+ BUF_strlcat(prompt, object_name, len + 1);
}
- strcat(prompt, prompt3);
+ BUF_strlcat(prompt, prompt3, len + 1);
}
return prompt;
}
return -1;
}
- strcpy(uis->result_buf, result);
+ BUF_strlcpy(uis->result_buf, result,
+ uis->_.string_data.result_maxsize + 1);
break;
case UIT_BOOLEAN:
{
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
- @$(TOP)/util/point.sh Makefile.ssl Makefile
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
k=0;
for (;;)
{
- sprintf(b->data,"%s/%08lx.%s%d",ctx->dirs[i],h,
- postfix,k);
+ char c = '/';
+#ifdef OPENSSL_SYS_VMS
+ char c = ctx->dirs[i][strlen(ctx->dirs[i])-1];
+ if (c != ':' && c != '>' && c != ']')
+ {
+ /* If no separator is present, we assume the
+ directory specifier is a logical name, and
+ add a colon. We really should use better
+ VMS routines for merging things like this,
+ but this will do for now...
+ -- Richard Levitte */
+ c = ':';
+ }
+ else
+ {
+ c = '\0';
+ }
+#endif
+ if (c == '\0')
+ {
+ /* This is special. When c == '\0', no
+ directory separator should be added. */
+ BIO_snprintf(b->data,b->max,
+ "%s%08lx.%s%d",ctx->dirs[i],h,
+ postfix,k);
+ }
+ else
+ {
+ BIO_snprintf(b->data,b->max,
+ "%s%c%08lx.%s%d",ctx->dirs[i],c,h,
+ postfix,k);
+ }
k++;
if (stat(b->data,&st) < 0)
break;
return("unhandled critical extension");
default:
- sprintf(buf,"error number %ld",n);
+ BIO_snprintf(buf,sizeof buf,"error number %ld",n);
return(buf);
}
}
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
- @$(TOP)/util/point.sh Makefile.ssl Makefile
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
X509V3_add_value("IP Address","<invalid>", &ret);
break;
}
- sprintf(oline, "%d.%d.%d.%d", p[0], p[1], p[2], p[3]);
+ BIO_snprintf(oline, sizeof oline,
+ "%d.%d.%d.%d", p[0], p[1], p[2], p[3]);
X509V3_add_value("IP Address",oline, &ret);
break;
STACK_OF(CONF_VALUE) *ret)
{
ACCESS_DESCRIPTION *desc;
- int i;
+ int i,nlen;
char objtmp[80], *ntmp;
CONF_VALUE *vtmp;
for(i = 0; i < sk_ACCESS_DESCRIPTION_num(ainfo); i++) {
if(!ret) break;
vtmp = sk_CONF_VALUE_value(ret, i);
i2t_ASN1_OBJECT(objtmp, sizeof objtmp, desc->method);
- ntmp = OPENSSL_malloc(strlen(objtmp) + strlen(vtmp->name) + 5);
+ nlen = strlen(objtmp) + strlen(vtmp->name) + 5;
+ ntmp = OPENSSL_malloc(nlen);
if(!ntmp) {
X509V3err(X509V3_F_I2V_AUTHORITY_INFO_ACCESS,
ERR_R_MALLOC_FAILURE);
return NULL;
}
- strcpy(ntmp, objtmp);
- strcat(ntmp, " - ");
- strcat(ntmp, vtmp->name);
+ BUF_strlcpy(ntmp, objtmp, nlen);
+ BUF_strlcat(ntmp, " - ", nlen);
+ BUF_strlcat(ntmp, vtmp->name, nlen);
OPENSSL_free(vtmp->name);
vtmp->name = ntmp;
L<pkcs12(1)|pkcs12(1)>, L<pkcs7(1)|pkcs7(1)>, L<pkcs8(1)|pkcs8(1)>,
L<rand(1)|rand(1)>, L<req(1)|req(1)>, L<rsa(1)|rsa(1)>,
L<rsautl(1)|rsautl(1)>, L<s_client(1)|s_client(1)>,
-L<s_server(1)|s_server(1)>, L<smime(1)|smime(1)>, L<spkac(1)|spkac(1)>,
+L<s_server(1)|s_server(1)>, L<s_time(1)|s_time(1)>,
+L<smime(1)|smime(1)>, L<spkac(1)|spkac(1)>,
L<verify(1)|verify(1)>, L<version(1)|version(1)>, L<x509(1)|x509(1)>,
L<crypto(3)|crypto(3)>, L<ssl(3)|ssl(3)>
=head1 SYNOPSIS
B<openssl> B<s_client>
-[B<-connect> host:port>]
+[B<-connect host:port>]
[B<-verify depth>]
[B<-cert filename>]
[B<-key filename>]
If the handshake fails then there are several possible causes, if it is
nothing obvious like no client certificate then the B<-bugs>, B<-ssl2>,
-B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1> can be tried
+B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1> options can be tried
in case it is a buggy server. In particular you should play with these
options B<before> submitting a bug report to an OpenSSL mailing list.
requests a certificate. By using B<s_client> the CA list can be viewed
and checked. However some servers only request client authentication
after a specific URL is requested. To obtain the list in this case it
-is necessary to use the B<-prexit> command and send an HTTP request
+is necessary to use the B<-prexit> option and send an HTTP request
for an appropriate page.
If a certificate is specified on the command line using the B<-cert>
=head1 NOTES
-A typical application will will call OpenSSL_add_all_algorithms() initially and
+A typical application will call OpenSSL_add_all_algorithms() initially and
EVP_cleanup() before exiting.
An application does not need to add algorithms to use them explicitly, for example
RSA_print(), RSA_print_fp(), DSA_print(), DSA_print_fp(), DH_print(),
DH_print_fp() are available in all versions of SSLeay and OpenSSL.
-DSAparams_print() and DSAparams_print_pf() were added in SSLeay 0.8.
+DSAparams_print() and DSAparams_print_fp() were added in SSLeay 0.8.
=cut
Read a certificate in PEM format from a BIO:
X509 *x;
- x = PEM_read_bio(bp, NULL, 0, NULL);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
if (x == NULL)
{
/* Error */
The PEM read routines in some versions of OpenSSL will not correctly reuse
an existing structure. Therefore the following:
- PEM_read_bio(bp, &x, 0, NULL);
+ PEM_read_bio_X509(bp, &x, 0, NULL);
where B<x> already contains a valid certificate, may not work, whereas:
X509_free(x);
- x = PEM_read_bio(bp, NULL, 0, NULL);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
is guaranteed to work.
void SSL_CTX_set_default_verify
/* This callback, if set, totaly overrides the normal SSLeay verification
- * functions and should return 1 on sucesss and 0 on failure */
+ * functions and should return 1 on success and 0 on failure */
void SSL_CTX_set_cert_verify_callback
/* The following are the same as the equivilent SSL_xxx functions.
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
- @$(TOP)/util/point.sh Makefile.ssl Makefile
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../apps $(APPS)
#include <openssl/buffer.h>
#include <openssl/objects.h>
#include <openssl/evp.h>
-#include "cryptlib.h"
static SSL_METHOD *ssl2_get_client_method(int ver);
static int get_server_finished(SSL *s);
#include "ssl_locl.h"
#ifndef OPENSSL_NO_SSL2
#include <stdio.h>
-#include "cryptlib.h"
int ssl2_enc_init(SSL *s, int client)
{
#include <openssl/objects.h>
#include <openssl/evp.h>
#include <openssl/md5.h>
-#include "cryptlib.h"
static long ssl2_default_timeout(void );
const char *ssl2_version_str="SSLv2" OPENSSL_VERSION_PTEXT;
SSL_ALL_STRENGTHS,
},
/* IDEA_128_CBC_WITH_MD5 */
+#ifndef OPENSSL_NO_IDEA
{
1,
SSL2_TXT_IDEA_128_CBC_WITH_MD5,
SSL_ALL_CIPHERS,
SSL_ALL_STRENGTHS,
},
+#endif
/* DES_64_CBC_WITH_MD5 */
{
1,
#ifndef OPENSSL_NO_SSL2
#include <stdio.h>
#include <errno.h>
-#include "cryptlib.h"
#define USE_SOCKETS
static int read_n(SSL *s,unsigned int n,unsigned int max,unsigned int extend);
#include <openssl/rand.h>
#include <openssl/objects.h>
#include <openssl/evp.h>
-#include "cryptlib.h"
static SSL_METHOD *ssl2_get_server_method(int ver);
static int get_client_master_key(SSL *s);
#include <openssl/objects.h>
#include <openssl/evp.h>
#include <openssl/md5.h>
-#include "cryptlib.h"
#include "../fips/fips_locl.h"
static SSL_METHOD *ssl3_get_client_method(int ver);
COMP_METHOD *comp;
const EVP_MD *m;
EVP_MD_CTX md;
- int exp,n,i,j,k,cl;
+ int is_exp,n,i,j,k,cl;
int reuse_dd = 0;
- exp=SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
+ is_exp=SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
c=s->s3->tmp.new_sym_enc;
m=s->s3->tmp.new_hash;
if (s->s3->tmp.new_compression == NULL)
p=s->s3->tmp.key_block;
i=EVP_MD_size(m);
cl=EVP_CIPHER_key_length(c);
- j=exp ? (cl < SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher) ?
- cl : SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher)) : cl;
- /* Was j=(exp)?5:EVP_CIPHER_key_length(c); */
+ j=is_exp ? (cl < SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher) ?
+ cl : SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher)) : cl;
+ /* Was j=(is_exp)?5:EVP_CIPHER_key_length(c); */
k=EVP_CIPHER_iv_length(c);
if ( (which == SSL3_CHANGE_CIPHER_CLIENT_WRITE) ||
(which == SSL3_CHANGE_CIPHER_SERVER_READ))
EVP_MD_CTX_init(&md);
memcpy(mac_secret,ms,i);
- if (exp)
+ if (is_exp)
{
/* In here I set both the read and write key/iv to the
* same value since only the correct one will be used :-).
SSL_ALL_STRENGTHS,
},
/* Cipher 07 */
+#ifndef OPENSSL_NO_IDEA
{
1,
SSL3_TXT_RSA_IDEA_128_SHA,
SSL_ALL_CIPHERS,
SSL_ALL_STRENGTHS,
},
+#endif
/* Cipher 08 */
{
1,
#include <openssl/objects.h>
#include <openssl/evp.h>
#include <openssl/x509.h>
+#ifndef OPENSSL_NO_KRB5
#include <openssl/krb5_asn.h>
+#endif
#include <openssl/md5.h>
-#include "cryptlib.h"
#include "../fips/fips_locl.h"
static SSL_METHOD *ssl3_get_server_method(int ver);
#include <openssl/asn1_mac.h>
#include <openssl/objects.h>
#include <openssl/x509.h>
-#include "cryptlib.h"
typedef struct ssl_session_asn1_st
{
{0,SSL_TXT_3DES,0,SSL_3DES, 0,0,0,0,SSL_ENC_MASK,0},
{0,SSL_TXT_RC4, 0,SSL_RC4, 0,0,0,0,SSL_ENC_MASK,0},
{0,SSL_TXT_RC2, 0,SSL_RC2, 0,0,0,0,SSL_ENC_MASK,0},
+#ifndef OPENSSL_NO_IDEA
{0,SSL_TXT_IDEA,0,SSL_IDEA, 0,0,0,0,SSL_ENC_MASK,0},
+#endif
{0,SSL_TXT_eNULL,0,SSL_eNULL,0,0,0,0,SSL_ENC_MASK,0},
{0,SSL_TXT_eFZA,0,SSL_eFZA, 0,0,0,0,SSL_ENC_MASK,0},
{0,SSL_TXT_AES, 0,SSL_AES, 0,0,0,0,SSL_ENC_MASK,0},
EVP_get_cipherbyname(SN_rc4);
ssl_cipher_methods[SSL_ENC_RC2_IDX]=
EVP_get_cipherbyname(SN_rc2_cbc);
+#ifndef OPENSSL_NO_IDEA
ssl_cipher_methods[SSL_ENC_IDEA_IDX]=
EVP_get_cipherbyname(SN_idea_cbc);
+#else
+ ssl_cipher_methods[SSL_ENC_IDEA_IDX]= NULL;
+#endif
ssl_cipher_methods[SSL_ENC_AES128_IDX]=
EVP_get_cipherbyname(SN_aes_128_cbc);
ssl_cipher_methods[SSL_ENC_AES256_IDX]=
char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len)
{
int is_export,pkl,kl;
- char *ver,*exp;
+ char *ver,*exp_str;
char *kx,*au,*enc,*mac;
unsigned long alg,alg2,alg_s;
#ifdef KSSL_DEBUG
is_export=SSL_C_IS_EXPORT(cipher);
pkl=SSL_C_EXPORT_PKEYLENGTH(cipher);
kl=SSL_C_EXPORT_KEYLENGTH(cipher);
- exp=is_export?" export":"";
+ exp_str=is_export?" export":"";
if (alg & SSL_SSLV2)
ver="SSLv2";
return("Buffer too small");
#ifdef KSSL_DEBUG
- BIO_snprintf(buf,len,format,cipher->name,ver,kx,au,enc,mac,exp,alg);
+ BIO_snprintf(buf,len,format,cipher->name,ver,kx,au,enc,mac,exp_str,alg);
#else
- BIO_snprintf(buf,len,format,cipher->name,ver,kx,au,enc,mac,exp);
+ BIO_snprintf(buf,len,format,cipher->name,ver,kx,au,enc,mac,exp_str);
#endif /* KSSL_DEBUG */
return(buf);
}
#include <openssl/objects.h>
#include <openssl/lhash.h>
#include <openssl/x509v3.h>
-#include "cryptlib.h"
#include "../fips/fips_locl.h"
const char *SSL_version_str=OPENSSL_VERSION_TEXT;
#include <openssl/lhash.h>
#include <openssl/rand.h>
#include "ssl_locl.h"
-#include "cryptlib.h"
static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s);
static void SSL_SESSION_list_add(SSL_CTX *ctx,SSL_SESSION *s);
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
- @@$(TOP)/util/point.sh Makefile.ssl Makefile
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile
generate: $(SRC)
$(SRC):
- @$(TOP)/util/point.sh dummytest.c $@
+ @sh $(TOP)/util/point.sh dummytest.c $@
errors:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
- @$(TOP)/util/point.sh Makefile.ssl Makefile
+ @sh $(TOP)/util/point.sh Makefile.ssl Makefile
lint:
projects / oweals / openssl.git / commitdiff