Changes between 0.9.6g and 0.9.6h [xx XXX xxxx]
+ *) Change the default configuration reader to deal with last line not
+ being properly terminated.
+ [Richard Levitte]
+
*) Change X509_NAME_cmp() so it applies the special rules on handling
DN values that are of type PrintableString, as well as RDNs of type
emailAddress where the value has the type ia5String.
"debug-bodo", "gcc:-DL_ENDIAN -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -DPEDANTIC -DBIO_PAIR_DEBUG -g -m486 -pedantic -Wshadow -Wall::-D_REENTRANT::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
"debug-ulf", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -O2 -m486 -Wall -Werror -Wshadow -pipe::-D_REENTRANT::${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
"debug-steve", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -O2 -m486 -pedantic -Wall -Werror -Wshadow -pipe::-D_REENTRANT::${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
-"debug-levitte-linux-elf","gcc:-DUSE_ALLOCATING_PRINT -DRL_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DNO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -ggdb -g3 -m486 -pedantic -ansi -Wall -Wshadow -Wid-clash-31 -pipe::-D_REENTRANT:-ldl:::::::::::dlfcn",
+"debug-levitte-linux-elf","gcc:-DUSE_ALLOCATING_PRINT -DRL_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DNO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -ggdb -g3 -m486 -pedantic -ansi -Wall -Wshadow -Wid-clash-31 -pipe::-D_REENTRANT:-ldl:::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"dist", "cc:-O::(unknown):::::",
# Basic configs that should work on any (32 and less bit) box
"aix-cc", "cc:-O -DAIX -DB_ENDIAN -qmaxmem=16384::(unknown)::BN_LLONG RC4_CHAR:::",
"aix-gcc", "gcc:-O3 -DAIX -DB_ENDIAN::(unknown)::BN_LLONG RC4_CHAR:::",
"aix43-cc", "cc:-O -DAIX -DB_ENDIAN -qmaxmem=16384::(unknown)::BN_LLONG RC4_CHAR::::::::::dlfcn:",
-"aix43-gcc", "gcc:-O3 -DAIX -DB_ENDIAN::(unknown)::BN_LLONG RC4_CHAR::::::::::dlfcn:",
+"aix43-gcc", "gcc:-O1 -DAIX -DB_ENDIAN::(unknown)::BN_LLONG RC4_CHAR::::::::::dlfcn:",
#
# Cray T90 and similar (SDSC)
# Cygwin
"Cygwin-pre1.3", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -m486 -Wall::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::win32",
-"Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -m486 -Wall::::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::win32:cygwin-shared:::.dll",
+"Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -march=486 -Wall::::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::win32:cygwin-shared:::.dll",
# Ultrix from Bernhard Simon <simon@zid.tuwien.ac.at>
"ultrix-cc","cc:-std1 -O -Olimit 1000 -DL_ENDIAN::(unknown)::::::",
"rhapsody-ppc-cc","cc:-O3 -DB_ENDIAN::(unknown)::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::",
"darwin-ppc-cc","cc:-O3 -D_DARWIN -DB_ENDIAN -fno-common::-D_REENTRANT::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::::::::::darwin-shared:-fPIC::.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+##### A/UX
+"aux3-gcc","gcc:-O2 -DTERMIO::(unknown):-lbsd:RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::",
+
##### Sony NEWS-OS 4.x
"newsos4-gcc","gcc:-O -DB_ENDIAN -DNEWS4::(unknown):-lmld -liberty:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::",
##### VxWorks for various targets
"vxworks-ppc405","ccppc:-g -msoft-float -mlongcall -DVXWORKS -DCPU=PPC405 -I\$(WIND_BASE)/target/h:::-r:::::",
+##### Compaq Non-Stop Kernel (Tandem)
+"tandem-c89","c89:-Ww -D__TANDEM -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1 -D_TANDEM_SOURCE -DB_ENDIAN::(unknown)::THIRTY_TWO_BIT:::",
+
);
my @WinTargets=qw(VC-NT VC-WIN32 VC-WIN16 VC-W31-16 VC-W31-32 VC-MSDOS BC-32
my $target;
my $options;
my $symlink;
+my $make_depend=0;
my @argvcopy=@ARGV;
my $argvstring="";
EOF
close(OUT);
} else {
- (system "make -f Makefile.ssl PERL=\'$perl\' links") == 0 or exit $?
- if $symlink;
- ### (system 'make depend') == 0 or exit $? if $depflags ne "";
- # Run "make depend" manually if you want to be able to delete
- # the source code files of ciphers you left out.
+ my $make_command = "make -f Makefile.ssl PERL=\'$perl\'";
+ my $make_targets = "";
+ $make_targets .= " links" if $symlink;
+ $make_targets .= " depend" if $depflags ne "" && $make_depend;
+ $make_targets .= " gentests" if $symlink;
+ (system $make_command.$make_targets) == 0 or exit $?
+ if $make_targets ne "";
if ( $perl =~ m@^/@) {
&dofile("tools/c_rehash",$perl,'^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";');
&dofile("apps/der_chop",$perl,'^#!/', '#!%s');
&dofile("tools/c_rehash",'/usr/local/bin/perl','^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";');
&dofile("apps/der_chop",'/usr/local/bin/perl','^#!/', '#!%s');
&dofile("apps/CA.pl",'/usr/local/bin/perl','^#!/', '#!%s');
+ }
+ if ($depflags ne "" && !$make_depend) {
+ print <<EOF;
+
+Since you've disabled at least one algorithm, you need to do the following
+before building:
+
+ make depend
+EOF
}
}
* Where can I get a compiled version of OpenSSL?
* Why aren't tools like 'autoconf' and 'libtool' used?
* What is an 'engine' version?
+* How do I check the authenticity of the OpenSSL distribution?
[LEGAL] Legal questions
version 0.9.7 (not yet released) the changes were merged into the main
development line, so that the special release is no longer necessary.
+* How do I check the authenticity of the OpenSSL distribution?
+
+We provide MD5 digests and ASC signatures of each tarball.
+Use MD5 to check that a tarball from a mirror site is identical:
+
+ md5sum TARBALL | awk '{print $1;}' | cmp - TARBALL.md5
+
+You can check authenticity using pgp or gpg. You need the OpenSSL team
+member public key used to sign it (download it from a key server). Then
+just do:
+
+ pgp TARBALL.asc
+
[LEGAL] =======================================================================
* Do I need patent licenses to use OpenSSL?
// Send some bytes
-int MacSocket_send(const int inSocketNum,void *inBuff,int inBuffLength)
+int MacSocket_send(const int inSocketNum,const void *inBuff,int inBuffLength)
{
OSErr errCode = noErr;
int bytesSent = 0;
}
}
}
-*/
\ No newline at end of file
+*/
// Call this to send data on a socket
-int MacSocket_send(const int inSocketNum,void *inBuff,int inBuffLength);
+int MacSocket_send(const int inSocketNum,const void *inBuff,int inBuffLength);
// If zero bytes were read in a call to MacSocket_recv(), it may be that the remote end has done a half-close
fi; \
done;
+gentests:
+ @(cd test && echo "generating dummy tests (if needed)..." && \
+ $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' TESTS='${TESTS}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' TESTS='${TESTS}' OPENSSL_DEBUG_MEMORY=on generate );
+
dclean:
rm -f *.bak
@for i in $(DIRS) ;\
*** Cygwin
$cc = gcc
-$cflags = -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -m486 -Wall
+$cflags = -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -march=486 -Wall
$unistd =
$thread_cflag =
$lflags =
*** aix43-gcc
$cc = gcc
-$cflags = -O3 -DAIX -DB_ENDIAN
+$cflags = -O1 -DAIX -DB_ENDIAN
$unistd =
$thread_cflag = (unknown)
$lflags =
$shared_extension = .so
$ranlib =
+*** aux3-gcc
+$cc = gcc
+$cflags = -O2 -DTERMIO
+$unistd =
+$thread_cflag = (unknown)
+$lflags = -lbsd
+$bn_ops = RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
+$bn_obj =
+$des_obj =
+$bf_obj =
+$md5_obj =
+$sha1_obj =
+$cast_obj =
+$rc4_obj =
+$rmd160_obj =
+$rc5_obj =
+$dso_scheme =
+$shared_target=
+$shared_cflag =
+$shared_ldflag =
+$shared_extension =
+$ranlib =
+
*** bsdi-elf-gcc
$cc = gcc
$cflags = -DPERL5 -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall
$rmd160_obj =
$rc5_obj =
$dso_scheme = dlfcn
-$shared_target=
-$shared_cflag =
+$shared_target= linux-shared
+$shared_cflag = -fPIC
$shared_ldflag =
-$shared_extension =
+$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
$ranlib =
*** debug-linux-elf
$shared_extension =
$ranlib =
+*** tandem-c89
+$cc = c89
+$cflags = -Ww -D__TANDEM -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1 -D_TANDEM_SOURCE -DB_ENDIAN
+$unistd =
+$thread_cflag = (unknown)
+$lflags =
+$bn_ops = THIRTY_TWO_BIT
+$bn_obj =
+$des_obj =
+$bf_obj =
+$md5_obj =
+$sha1_obj =
+$cast_obj =
+$rc4_obj =
+$rmd160_obj =
+$rc5_obj =
+$dso_scheme =
+$shared_target=
+$shared_cflag =
+$shared_ldflag =
+$shared_extension =
+$ranlib =
+
*** ultrix-cc
$cc = cc
$cflags = -std1 -O -Olimit 1000 -DL_ENDIAN
*CRAY*)
echo "j90-cray-unicos"; exit 0;
;;
+
+ NONSTOP_KERNEL*)
+ echo "nsr-tandem-nsk"; exit 0;
+ ;;
esac
#
*-*-cygwin) OUT="Cygwin" ;;
t3e-cray-unicosmk) OUT="cray-t3e" ;;
j90-cray-unicos) OUT="cray-j90" ;;
+ nsr-tandem-nsk) OUT="tandem-c89" ;;
*) OUT=`echo $GUESSOS | awk -F- '{print $3}'`;;
esac
section_sk=(STACK_OF(CONF_VALUE) *)sv->value;
bufnum=0;
+ again=0;
for (;;)
{
- again=0;
if (!BUF_MEM_grow(buff,bufnum+BUFSIZE))
{
CONFerr(CONF_F_CONF_LOAD_BIO,ERR_R_BUF_LIB);
BIO_gets(in, p, BUFSIZE-1);
p[BUFSIZE-1]='\0';
ii=i=strlen(p);
- if (i == 0) break;
+ if (i == 0 && !again) break;
+ again=0;
while (i > 0)
{
if ((p[i-1] != '\r') && (p[i-1] != '\n'))
}
/* we removed some trailing stuff so there is a new
* line on the end. */
- if (i == ii)
+ if (ii && i == ii)
again=1; /* long line */
else
{
void OpenSSL_add_all_ciphers(void)
{
- static int done=0;
-
- if (done) return;
- done=1;
#ifndef NO_DES
EVP_add_cipher(EVP_des_cfb());
EVP_add_cipher(EVP_des_ede_cfb());
void OpenSSL_add_all_digests(void)
{
- static int done=0;
-
- if (done) return;
- done=1;
#ifndef NO_MD2
EVP_add_digest(EVP_md2());
#endif
* at random times on Windows 2000. Reported by Jeffrey Altman.
* Only use it on NT.
*/
+ /* Wolfgang Marczy <WMarczy@topcall.co.at> reports that
+ * the RegQueryValueEx call below can hang on NT4.0 (SP6).
+ * So we don't use this at all for now. */
+#if 0
if ( osverinfo.dwPlatformId == VER_PLATFORM_WIN32_NT &&
osverinfo.dwMajorVersion < 5)
{
{
/* For entropy count assume only least significant
* byte of each DWORD is random.
- */
+ */
RAND_add(&length, sizeof(length), 0);
RAND_add(buf, length, length / 4.0);
+
+ /* Close the Registry Key to allow Windows to cleanup/close
+ * the open handle
+ * Note: The 'HKEY_PERFORMANCE_DATA' key is implicitly opened
+ * when the RegQueryValueEx above is done. However, if
+ * it is not explicitly closed, it can cause disk
+ * partition manipulation problems.
+ */
+ RegCloseKey(HKEY_PERFORMANCE_DATA);
}
if (buf)
free(buf);
}
+#endif
if (advapi)
{
hlist.th32ProcessID,
hlist.th32HeapID))
{
- int entrycnt = 50;
+ int entrycnt = 80;
do
RAND_add(&hentry,
hentry.dwSize, 5);
#include <stdlib.h>
#include <string.h>
+#include "openssl/e_os.h"
+
#ifdef VMS
#include <unixio.h>
#endif
# include <sys/stat.h>
#endif
-#include "openssl/e_os.h"
#include <openssl/crypto.h>
#include <openssl/rand.h>
long B<SSL_set_tmp_rsa_callback>(SSL *ssl, RSA *(*cb)(SSL *ssl, int export, int keylength));
-The same as L<"SSL_CTX_set_tmp_rsa_callback">, except it operates on an SSL
+The same as B<SSL_CTX_set_tmp_rsa_callback>, except it operates on an SSL
session instead of a context.
=item void B<SSL_CTX_set_verify>(SSL_CTX *ctx, int mode, int (*cb);(void))
-\r
+@echo off\r
echo start testenc\r
-echo=off\r
+\r
path=..\ms;%path%\r
set ssleay=%1%\r
set input=..\ms\testenc.bat\r
-echo=off\r
+@echo off\r
set ssleay=%1%\r
set tmp1=pem.out\r
set cmp=fc.exe\r
-echo=on\r
+@echo off\r
\r
rem set ssleay=..\out\ssleay\r
set ssleay=%1\r
all: exe
-exe: $(EXE)
+exe: $(EXE) dummytest
files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@@$(TOP)/util/point.sh Makefile.ssl Makefile
+generate: $(SRC)
+$(SRC):
+ @$(TOP)/util/point.sh dummytest.c $@
+
errors:
install:
$(ENGINETEST): $(ENGINETEST).o $(DLIBCRYPTO)
$(CC) -o $(ENGINETEST) $(CFLAGS) $(ENGINETEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+dummytest: dummytest.o $(DLIBCRYPTO)
+ $(CC) -o dummytest $(CFLAGS) dummytest.o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
# DO NOT DELETE THIS LINE -- make depend depends on it.
bftest.o: ../include/openssl/blowfish.h
p = strrchr(argv[0], '/');
if (!p) p = strrchr(argv[0], '\\');
-#ifdef OPENSSL_SYS_VMS
+#ifdef VMS
if (!p) p = strrchr(argv[0], ']');
if (p) q = strrchr(p, '>');
if (q) p = q;
get_openssl_version
+make depend || exit 1
+
make || exit 1
base_install
EVP_des_ede_ofb 309 EXIST::FUNCTION:DES
EVP_des_ofb 310 EXIST::FUNCTION:DES
EVP_desx_cbc 311 EXIST::FUNCTION:DES
-EVP_dss 312 EXIST::FUNCTION:SHA,DSA
-EVP_dss1 313 EXIST::FUNCTION:SHA,DSA
+EVP_dss 312 EXIST::FUNCTION:DSA,SHA
+EVP_dss1 313 EXIST::FUNCTION:DSA,SHA
EVP_enc_null 314 EXIST::FUNCTION:
EVP_get_cipherbyname 315 EXIST::FUNCTION:
EVP_get_digestbyname 316 EXIST::FUNCTION:
str_dup 1240 NOEXIST::FUNCTION:
i2s_ASN1_ENUMERATED 1241 EXIST::FUNCTION:
i2s_ASN1_ENUMERATED_TABLE 1242 EXIST::FUNCTION:
-BIO_s_log 1243 EXIST:!WIN16,!WIN32,!macintosh:FUNCTION:
+BIO_s_log 1243 EXIST:!WIN32,!macintosh,!WIN16:FUNCTION:
BIO_f_reliable 1244 EXIST::FUNCTION:
PKCS7_dataFinal 1245 EXIST::FUNCTION:
PKCS7_dataDecode 1246 EXIST::FUNCTION:
projects / oweals / openssl.git / commitdiff