Changes between 0.9.4 and 0.9.5 [xx XXX 1999]
+ *) Add missing #ifndefs that caused missing symbols when building libssl
+ as a shared library without RSA. Use #ifndef NO_SSL2 instead of
+ NO_RSA in ssl/s2*.c.
+ [Kris Kennaway <kris@hub.freebsd.org>, modified by Ulf Möller]
+
*) Precautions against using the PRNG uninitialized: RAND_bytes() now
has a return value which indicates the quality of the random data
(1 = ok, 0 = not seeded). Also an error is recorded on the thread's
"debug-ben-strict", "gcc:-DBN_DEBUG -DREF_CHECK -DCRYPTO_MDEBUG -DCONST_STRICT -O2 -Wall -Wshadow -Werror -Wpointer-arith -Wcast-qual -Wwrite-strings -pipe::(unknown):::::",
"debug-rse","cc:-DTERMIOS -DL_ENDIAN -pipe -O -g -ggdb3 -Wall::(unknown)::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
"debug-bodo", "gcc:-DBIO_PAIR_DEBUG -DL_ENDIAN -DREF_CHECK -DCRYPTO_MDEBUG_ALL -g -m486 -pedantic -Wshadow -Wall::-D_REENTRANT::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
-"debug-ulf", "gcc:-DL_ENDIAN -DREF_CHECK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -O2 -m486 -Wall -pedantic -Wall -Wshadow -pipe::-D_REENTRANT::$x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
+"debug-ulf", "gcc:-DL_ENDIAN -DREF_CHECK -DCRYPTO_MDEBUG_ALL -g -O2 -m486 -Wall -Werror -Wshadow -pipe::-D_REENTRANT::$x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
"dist", "cc:-O::(unknown):::::",
# Basic configs that should work on any box
#include <openssl/err.h>
#include <openssl/ssl.h>
-#if defined(NO_RSA) && !defined(NO_SSL2)
-#define NO_SSL2
-#endif
-
#undef PROG
#define PROG ciphers_main
#undef FIONBIO
#endif
-#if defined(NO_RSA) && !defined(NO_SSL2)
-#define NO_SSL2
-#endif
-
#undef PROG
#define PROG s_client_main
#undef FIONBIO
#endif
-#if defined(NO_RSA) && !defined(NO_SSL2)
-#define NO_SSL2
-#endif
-
#ifndef NO_RSA
static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength);
#endif
#include <stdlib.h>
#include <string.h>
-#if defined(NO_RSA) && !defined(NO_SSL2)
-#define NO_SSL2
-#endif
-
#ifdef NO_STDIO
#define APPS_WIN16
#endif
static int ssl23_get_server_hello(SSL *s);
static SSL_METHOD *ssl23_get_client_method(int ver)
{
+#ifndef NO_SSL2
if (ver == SSL2_VERSION)
return(SSLv2_client_method());
+#endif
if (ver == SSL3_VERSION)
return(SSLv3_client_method());
else if (ver == TLS1_VERSION)
{
char buf[8];
unsigned char *p;
- int i,ch_len;
+ int i;
int n;
n=ssl23_read_bytes(s,7);
if ((p[0] & 0x80) && (p[2] == SSL2_MT_SERVER_HELLO) &&
(p[5] == 0x00) && (p[6] == 0x02))
{
+#ifdef NO_SSL2
+ SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
+ goto err;
+#else
/* we are talking sslv2 */
/* we need to clean up the SSLv3 setup and put in the
* sslv2 stuff. */
+ int ch_len;
if (s->options & SSL_OP_NO_SSLv2)
{
s->method=SSLv2_client_method();
s->handshake_func=s->method->ssl_connect;
+#endif
}
else if ((p[0] == SSL3_RT_HANDSHAKE) &&
(p[1] == SSL3_VERSION_MAJOR) &&
static int ssl23_num_ciphers(void)
{
- return(ssl3_num_ciphers()+ssl2_num_ciphers());
+ return(ssl3_num_ciphers()
+#ifndef NO_SSL2
+ + ssl2_num_ciphers()
+#endif
+ );
}
static SSL_CIPHER *ssl23_get_cipher(unsigned int u)
if (u < uu)
return(ssl3_get_cipher(u));
else
+#ifndef NO_SSL2
return(ssl2_get_cipher(u-uu));
+#else
+ return(NULL);
+#endif
}
/* This function needs to check if the ciphers required are actually
((unsigned long)p[1]<<8L)|(unsigned long)p[2];
c.id=id;
cp=ssl3_get_cipher_by_char(p);
+#ifndef NO_SSL2
if (cp == NULL)
cp=ssl2_get_cipher_by_char(p);
+#endif
return(cp);
}
int ssl23_get_client_hello(SSL *s);
static SSL_METHOD *ssl23_get_server_method(int ver)
{
+#ifndef NO_SSL2
if (ver == SSL2_VERSION)
return(SSLv2_server_method());
+#endif
if (ver == SSL3_VERSION)
return(SSLv3_server_method());
else if (ver == TLS1_VERSION)
if (type == 1)
{
+#ifdef NO_SSL2
+ SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNKNOWN_PROTOCOL);
+ goto err;
+#else
/* we are talking sslv2 */
/* we need to clean up the SSLv3/TLSv1 setup and put in the
* sslv2 stuff. */
s->method=SSLv2_server_method();
s->handshake_func=s->method->ssl_accept;
+#endif
}
if ((type == 2) || (type == 3))
* [including the GNU Public Licence.]
*/
-#ifndef NO_RSA
+#include "ssl_locl.h"
+#ifndef NO_SSL2
#include <stdio.h>
#include <openssl/rand.h>
#include <openssl/buffer.h>
#include <openssl/objects.h>
-#include "ssl_locl.h"
#include <openssl/evp.h>
static SSL_METHOD *ssl2_get_client_method(int ver);
EVP_PKEY_free(pkey);
return(i);
}
-#else /* !NO_RSA */
+#else /* !NO_SSL2 */
# if PEDANTIC
static void *dummy=&dummy;
* [including the GNU Public Licence.]
*/
-#include <stdio.h>
#include "ssl_locl.h"
+#ifndef NO_SSL2
+#include <stdio.h>
int ssl2_enc_init(SSL *s, int client)
{
EVP_DigestFinal(&c,md,NULL);
/* some would say I should zero the md context */
}
+#else /* !NO_SSL2 */
+
+# if PEDANTIC
+static void *dummy=&dummy;
+# endif
+#endif
* [including the GNU Public Licence.]
*/
-#ifndef NO_RSA
+#include "ssl_locl.h"
+#ifndef NO_SSL2
#include <stdio.h>
#include <openssl/rsa.h>
#include <openssl/objects.h>
#include <openssl/md5.h>
-#include "ssl_locl.h"
static long ssl2_default_timeout(void );
const char *ssl2_version_str="SSLv2" OPENSSL_VERSION_PTEXT;
s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
return(1);
}
-#else /* !NO_RSA */
+#else /* !NO_SSL2 */
# if PEDANTIC
static void *dummy=&dummy;
* [including the GNU Public Licence.]
*/
-#ifndef NO_RSA
+#include "ssl_locl.h"
+#ifndef NO_SSL2
#include <stdio.h>
#include <openssl/objects.h>
-#include "ssl_locl.h"
static SSL_METHOD *ssl2_get_method(int ver);
static SSL_METHOD *ssl2_get_method(int ver)
}
return(&SSLv2_data);
}
-#else /* !NO_RSA */
+#else /* !NO_SSL2 */
# if PEDANTIC
static void *dummy=&dummy;
* [including the GNU Public Licence.]
*/
+#include "ssl_locl.h"
+#ifndef NO_SSL2
#include <stdio.h>
#include <errno.h>
#define USE_SOCKETS
-#include "ssl_locl.h"
static int read_n(SSL *s,unsigned int n,unsigned int max,unsigned int extend);
static int do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len);
}
return(ret);
}
+#else /* !NO_SSL2 */
+
+# if PEDANTIC
+static void *dummy=&dummy;
+# endif
+
+#endif
* [including the GNU Public Licence.]
*/
-#ifndef NO_RSA
+#include "ssl_locl.h"
+#ifndef NO_SSL2
#include <stdio.h>
#include <openssl/bio.h>
#include <openssl/rand.h>
#include <openssl/objects.h>
-#include "ssl_locl.h"
#include <openssl/evp.h>
static SSL_METHOD *ssl2_get_server_method(int ver);
SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT,ERR_R_RSA_LIB);
return(i);
}
-#else /* !NO_RSA */
+#else /* !NO_SSL2 */
# if PEDANTIC
static void *dummy=&dummy;
#include <openssl/pem.h>
#include <openssl/x509.h>
+#if defined(NO_RSA) && !defined(NO_SSL2)
+#define NO_SSL2
+#endif
+
#define SSL_FILETYPE_ASN1 X509_FILETYPE_ASN1
#define SSL_FILETYPE_PEM X509_FILETYPE_PEM
#include "../crypto/bio/bss_file.c"
#endif
-#if defined(NO_RSA) && !defined(NO_SSL2)
-#define NO_SSL2
-#endif
-
#ifdef VMS
# define TEST_SERVER_CERT "SYS$DISK:[-.APPS]SERVER.PEM"
# define TEST_CLIENT_CERT "SYS$DISK:[-.APPS]CLIENT.PEM"
projects / oweals / openssl.git / commitdiff