From 10fdd8d5fd409843d2082ec9e0734fdd2065333e Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Thu, 18 Dec 2003 19:26:40 +0000 Subject: [PATCH] I haven't merged from 0.9.7-stable in a loooong time. It shows :-). --- CHANGES | 3 + apps/apps.c | 4 +- apps/req.c | 2 +- apps/speed.c | 6 ++ crypto/Makefile.ssl | 4 +- crypto/asn1/a_strex.c | 2 +- crypto/bf/Makefile.ssl | 1 + crypto/bio/b_print.c | 6 +- crypto/bn/asm/bn-586.pl | 2 +- crypto/cast/Makefile.ssl | 1 + crypto/conf/conf_mod.c | 4 +- crypto/des/Makefile.ssl | 1 + crypto/engine/eng_fat.c | 6 +- crypto/engine/engine.h | 27 +++++---- crypto/engine/hw_cryptodev.c | 5 +- crypto/evp/evp_enc.c | 14 ++++- crypto/mem.c | 8 +-- crypto/rc4/Makefile.ssl | 1 + crypto/rc5/Makefile.ssl | 1 + crypto/ripemd/Makefile.ssl | 1 + crypto/sha/Makefile.ssl | 1 + crypto/x509/x509.h | 4 -- crypto/x509/x509type.c | 2 +- crypto/x509v3/v3_crld.c | 2 +- doc/crypto/BIO_f_ssl.pod | 6 +- doc/crypto/d2i_DSAPublicKey.pod | 5 +- doc/crypto/d2i_RSAPublicKey.pod | 5 +- doc/ssl/SSL_COMP_add_compression_method.pod | 4 +- os2/OS2-EMX.cmd | 36 +++++++++++ ssl/Makefile.ssl | 4 +- ssl/s3_clnt.c | 4 +- ssl/ssl.h | 4 +- ssl/ssl_cert.c | 12 ++-- ssl/ssl_ciph.c | 67 +++++++++++---------- util/mk1mf.pl | 2 + util/mkdef.pl | 38 ++++++++++-- util/pl/OS2-EMX.pl | 42 +++++++------ 37 files changed, 219 insertions(+), 118 deletions(-) diff --git a/CHANGES b/CHANGES index 0d8d08cd80..9504c46e7e 100644 --- a/CHANGES +++ b/CHANGES @@ -4,6 +4,9 @@ Changes between 0.9.7c and 0.9.7d [xx XXX XXXX] + *) Print out GeneralizedTime and UTCTime in ASN1_STRING_print_ex(). + [Peter Sylvester ] + *) Use the correct content when signing type "other". [Steve Henson] diff --git a/apps/apps.c b/apps/apps.c index e4db043003..2a7c7f25a2 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -475,7 +475,7 @@ static int ui_read(UI *ui, UI_STRING *uis) { const char *password = ((PW_CB_DATA *)UI_get0_user_data(ui))->password; - if (password[0] != '\0') + if (password && password[0] != '\0') { UI_set_result(ui, uis, password); return 1; @@ -499,7 +499,7 @@ static int ui_write(UI *ui, UI_STRING *uis) { const char *password = ((PW_CB_DATA *)UI_get0_user_data(ui))->password; - if (password[0] != '\0') + if (password && password[0] != '\0') return 1; } default: diff --git a/apps/req.c b/apps/req.c index 5f6ec3d339..a657eaa50b 100644 --- a/apps/req.c +++ b/apps/req.c @@ -824,7 +824,7 @@ loop: if ((x509ss=X509_new()) == NULL) goto end; /* Set version to V3 */ - if(!X509_set_version(x509ss, 2)) goto end; + if(extensions && !X509_set_version(x509ss, 2)) goto end; if (serial) { if (!X509_set_serialNumber(x509ss, serial)) goto end; diff --git a/apps/speed.c b/apps/speed.c index ec55b4188c..18ce5c3fb6 100644 --- a/apps/speed.c +++ b/apps/speed.c @@ -1006,6 +1006,9 @@ int MAIN(int argc, char **argv) c[D_CBC_RC5][0]=count; c[D_CBC_BF][0]=count; c[D_CBC_CAST][0]=count; + c[D_CBC_128_AES][0]=count; + c[D_CBC_192_AES][0]=count; + c[D_CBC_256_AES][0]=count; for (i=1; imem_fns.malloc_cb, \ - fns->mem_fns.realloc_cb, fns->mem_fns.free_cb)) \ - return 0; \ - CRYPTO_set_locking_callback(fns->lock_fns.lock_locking_cb); \ - CRYPTO_set_add_lock_callback(fns->lock_fns.lock_add_lock_cb); \ - CRYPTO_set_dynlock_create_callback(fns->lock_fns.dynlock_create_cb); \ - CRYPTO_set_dynlock_lock_callback(fns->lock_fns.dynlock_lock_cb); \ - CRYPTO_set_dynlock_destroy_callback(fns->lock_fns.dynlock_destroy_cb); \ - if(!CRYPTO_set_ex_data_implementation(fns->ex_data_fns)) \ - return 0; \ - if(!ERR_set_implementation(fns->err_fns)) return 0; \ + if (ERR_get_implementation() != fns->err_fns) \ + { \ + if(!CRYPTO_set_mem_functions(fns->mem_fns.malloc_cb, \ + fns->mem_fns.realloc_cb, fns->mem_fns.free_cb)) \ + return 0; \ + CRYPTO_set_locking_callback(fns->lock_fns.lock_locking_cb); \ + CRYPTO_set_add_lock_callback(fns->lock_fns.lock_add_lock_cb); \ + CRYPTO_set_dynlock_create_callback(fns->lock_fns.dynlock_create_cb); \ + CRYPTO_set_dynlock_lock_callback(fns->lock_fns.dynlock_lock_cb); \ + CRYPTO_set_dynlock_destroy_callback(fns->lock_fns.dynlock_destroy_cb); \ + if(!CRYPTO_set_ex_data_implementation(fns->ex_data_fns)) \ + return 0; \ + if(!ERR_set_implementation(fns->err_fns)) return 0; \ + } \ if(!fn(e,id)) return 0; \ return 1; } diff --git a/crypto/engine/hw_cryptodev.c b/crypto/engine/hw_cryptodev.c index b0ac5fb04a..be80890ece 100644 --- a/crypto/engine/hw_cryptodev.c +++ b/crypto/engine/hw_cryptodev.c @@ -1058,14 +1058,17 @@ ENGINE_load_cryptodev(void) if (engine == NULL) return; - if ((fd = get_dev_crypto()) < 0) + if ((fd = get_dev_crypto()) < 0) { + ENGINE_free(engine); return; + } /* * find out what asymmetric crypto algorithms we support */ if (ioctl(fd, CIOCASYMFEAT, &cryptodev_asymfeat) == -1) { close(fd); + ENGINE_free(engine); return; } close(fd); diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c index be0758a879..8ea5aa935d 100644 --- a/crypto/evp/evp_enc.c +++ b/crypto/evp/evp_enc.c @@ -148,7 +148,19 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp #endif ctx->cipher=cipher; - ctx->cipher_data=OPENSSL_malloc(ctx->cipher->ctx_size); + if (ctx->cipher->ctx_size) + { + ctx->cipher_data=OPENSSL_malloc(ctx->cipher->ctx_size); + if (!ctx->cipher_data) + { + EVPerr(EVP_F_EVP_CIPHERINIT, ERR_R_MALLOC_FAILURE); + return 0; + } + } + else + { + ctx->cipher_data = NULL; + } ctx->key_len = cipher->key_len; ctx->flags = 0; if(ctx->cipher->flags & EVP_CIPH_CTRL_INIT) diff --git a/crypto/mem.c b/crypto/mem.c index bb862db499..dd86733b77 100644 --- a/crypto/mem.c +++ b/crypto/mem.c @@ -252,7 +252,7 @@ void *CRYPTO_malloc_locked(int num, const char *file, int line) void *ret = NULL; extern unsigned char cleanse_ctr; - if (num < 0) return NULL; + if (num <= 0) return NULL; allow_customize = 0; if (malloc_debug_func != NULL) @@ -293,7 +293,7 @@ void *CRYPTO_malloc(int num, const char *file, int line) void *ret = NULL; extern unsigned char cleanse_ctr; - if (num < 0) return NULL; + if (num <= 0) return NULL; allow_customize = 0; if (malloc_debug_func != NULL) @@ -324,7 +324,7 @@ void *CRYPTO_realloc(void *str, int num, const char *file, int line) if (str == NULL) return CRYPTO_malloc(num, file, line); - if (num < 0) return NULL; + if (num <= 0) return NULL; if (realloc_debug_func != NULL) realloc_debug_func(str, NULL, num, file, line, 0); @@ -346,7 +346,7 @@ void *CRYPTO_realloc_clean(void *str, int old_len, int num, const char *file, if (str == NULL) return CRYPTO_malloc(num, file, line); - if (num < 0) return NULL; + if (num <= 0) return NULL; if (realloc_debug_func != NULL) realloc_debug_func(str, NULL, num, file, line, 0); diff --git a/crypto/rc4/Makefile.ssl b/crypto/rc4/Makefile.ssl index b210b42f8f..59c87f166a 100644 --- a/crypto/rc4/Makefile.ssl +++ b/crypto/rc4/Makefile.ssl @@ -25,6 +25,7 @@ RC4_ENC=rc4_enc.o #RC4_ENC=asm/rx86bdsi.o CFLAGS= $(INCLUDES) $(CFLAG) +ASFLAGS= $(INCLUDES) $(ASFLAG) GENERAL=Makefile TEST=rc4test.c diff --git a/crypto/rc5/Makefile.ssl b/crypto/rc5/Makefile.ssl index 3ad6655946..e7af80f0c0 100644 --- a/crypto/rc5/Makefile.ssl +++ b/crypto/rc5/Makefile.ssl @@ -22,6 +22,7 @@ RC5_ENC= rc5_enc.o #DES_ENC= r586-elf.o CFLAGS= $(INCLUDES) $(CFLAG) +ASFLAGS= $(INCLUDES) $(ASFLAG) GENERAL=Makefile TEST=rc5test.c diff --git a/crypto/ripemd/Makefile.ssl b/crypto/ripemd/Makefile.ssl index 703e99056a..b333edc522 100644 --- a/crypto/ripemd/Makefile.ssl +++ b/crypto/ripemd/Makefile.ssl @@ -20,6 +20,7 @@ AR= ar r RIP_ASM_OBJ= CFLAGS= $(INCLUDES) $(CFLAG) +ASFLAGS= $(INCLUDES) $(ASFLAG) GENERAL=Makefile TEST=rmdtest.c diff --git a/crypto/sha/Makefile.ssl b/crypto/sha/Makefile.ssl index 55dca66e40..dbd41e6065 100644 --- a/crypto/sha/Makefile.ssl +++ b/crypto/sha/Makefile.ssl @@ -20,6 +20,7 @@ AR= ar r SHA1_ASM_OBJ= CFLAGS= $(INCLUDES) $(CFLAG) +ASFLAGS= $(INCLUDES) $(ASFLAG) GENERAL=Makefile TEST=shatest.c sha1test.c diff --git a/crypto/x509/x509.h b/crypto/x509/x509.h index eaad5685a8..8d0c7e2e17 100644 --- a/crypto/x509/x509.h +++ b/crypto/x509/x509.h @@ -810,10 +810,6 @@ X509_REQ *X509_REQ_dup(X509_REQ *req); X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn); X509_NAME *X509_NAME_dup(X509_NAME *xn); X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne); -#ifndef OPENSSL_NO_RSA -RSA *RSAPublicKey_dup(RSA *rsa); -RSA *RSAPrivateKey_dup(RSA *rsa); -#endif #endif /* !SSLEAY_MACROS */ diff --git a/crypto/x509/x509type.c b/crypto/x509/x509type.c index f78c2a6b43..c25959a742 100644 --- a/crypto/x509/x509type.c +++ b/crypto/x509/x509type.c @@ -106,7 +106,7 @@ int X509_certificate_type(X509 *x, EVP_PKEY *pkey) break; } - if (EVP_PKEY_size(pk) <= 512/8) /* /8 because it's 512 bits we look + if (EVP_PKEY_size(pk) <= 1024/8)/* /8 because it's 1024 bits we look for, not bytes */ ret|=EVP_PKT_EXP; if(pkey==NULL) EVP_PKEY_free(pk); diff --git a/crypto/x509v3/v3_crld.c b/crypto/x509v3/v3_crld.c index 894a8b94d8..f90829c574 100644 --- a/crypto/x509v3/v3_crld.c +++ b/crypto/x509v3/v3_crld.c @@ -156,7 +156,7 @@ ASN1_SEQUENCE(DIST_POINT) = { IMPLEMENT_ASN1_FUNCTIONS(DIST_POINT) ASN1_ITEM_TEMPLATE(CRL_DIST_POINTS) = - ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, DIST_POINT, DIST_POINT) + ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, CRLDistributionPoints, DIST_POINT) ASN1_ITEM_TEMPLATE_END(CRL_DIST_POINTS) IMPLEMENT_ASN1_FUNCTIONS(CRL_DIST_POINTS) diff --git a/doc/crypto/BIO_f_ssl.pod b/doc/crypto/BIO_f_ssl.pod index a56ee2b92f..f0b731731f 100644 --- a/doc/crypto/BIO_f_ssl.pod +++ b/doc/crypto/BIO_f_ssl.pod @@ -287,8 +287,8 @@ a client and also echoes the request to standard output. return 0; } - BIO_puts(sbio, "HTTP/1.0 200 OK\r\nContent-type: text/html\r\n\r\n"); - BIO_puts(sbio, "
\r\nConnection Established\r\nRequest headers:\r\n");
+ BIO_puts(sbio, "HTTP/1.0 200 OK\r\nContent-type: text/plain\r\n\r\n");
+ BIO_puts(sbio, "\r\nConnection Established\r\nRequest headers:\r\n");
  BIO_puts(sbio, "--------------------------------------------------\r\n");
 
  for(;;) {
@@ -301,7 +301,7 @@ a client and also echoes the request to standard output.
  }
 
  BIO_puts(sbio, "--------------------------------------------------\r\n");
- BIO_puts(sbio, "
\r\n"); + BIO_puts(sbio, "\r\n"); /* Since there is a buffering BIO present we had better flush it */ BIO_flush(sbio); diff --git a/doc/crypto/d2i_DSAPublicKey.pod b/doc/crypto/d2i_DSAPublicKey.pod index 6ebd30427b..22c1b50f22 100644 --- a/doc/crypto/d2i_DSAPublicKey.pod +++ b/doc/crypto/d2i_DSAPublicKey.pod @@ -9,6 +9,7 @@ and parsing functions. =head1 SYNOPSIS #include + #include DSA * d2i_DSAPublicKey(DSA **a, const unsigned char **pp, long length); @@ -35,8 +36,8 @@ and parsing functions. d2i_DSAPublicKey() and i2d_DSAPublicKey() decode and encode the DSA public key components structure. -d2i_DSA_PUKEY() and i2d_DSA_PUKEY() decode and encode an DSA public key using a -SubjectPublicKeyInfo (certificate public key) structure. +d2i_DSA_PUBKEY() and i2d_DSA_PUBKEY() decode and encode an DSA public key using +a SubjectPublicKeyInfo (certificate public key) structure. d2i_DSAPrivateKey(), i2d_DSAPrivateKey() decode and encode the DSA private key components. diff --git a/doc/crypto/d2i_RSAPublicKey.pod b/doc/crypto/d2i_RSAPublicKey.pod index 7c71bcbf3d..279b29c873 100644 --- a/doc/crypto/d2i_RSAPublicKey.pod +++ b/doc/crypto/d2i_RSAPublicKey.pod @@ -9,6 +9,7 @@ d2i_Netscape_RSA - RSA public and private key encoding functions. =head1 SYNOPSIS #include + #include RSA * d2i_RSAPublicKey(RSA **a, unsigned char **pp, long length); @@ -31,8 +32,8 @@ d2i_Netscape_RSA - RSA public and private key encoding functions. d2i_RSAPublicKey() and i2d_RSAPublicKey() decode and encode a PKCS#1 RSAPublicKey structure. -d2i_RSA_PUKEY() and i2d_RSA_PUKEY() decode and encode an RSA public key using a -SubjectPublicKeyInfo (certificate public key) structure. +d2i_RSA_PUBKEY() and i2d_RSA_PUBKEY() decode and encode an RSA public key using +a SubjectPublicKeyInfo (certificate public key) structure. d2i_RSAPrivateKey(), i2d_RSAPrivateKey() decode and encode a PKCS#1 RSAPrivateKey structure. diff --git a/doc/ssl/SSL_COMP_add_compression_method.pod b/doc/ssl/SSL_COMP_add_compression_method.pod index 2a98739114..42fa66b197 100644 --- a/doc/ssl/SSL_COMP_add_compression_method.pod +++ b/doc/ssl/SSL_COMP_add_compression_method.pod @@ -53,11 +53,11 @@ SSL_COMP_add_compression_method() may return the following values: =over 4 -=item 1 +=item 0 The operation succeeded. -=item 0 +=item 1 The operation failed. Check the error queue to find out the reason. diff --git a/os2/OS2-EMX.cmd b/os2/OS2-EMX.cmd index acab99ac39..5924b50b6d 100644 --- a/os2/OS2-EMX.cmd +++ b/os2/OS2-EMX.cmd @@ -64,3 +64,39 @@ echo RC5\32 cd crypto\rc5\asm perl rc5-586.pl a.out > r5-os2.asm cd ..\..\.. + +cd os2 + +if exist noname\backward_ssl.def goto nomkdir +mkdir noname +:nomkdir + +perl backwardify.pl crypto.def >backward_crypto.def +perl backwardify.pl ssl.def >backward_ssl.def +perl backwardify.pl -noname crypto.def >noname\backward_crypto.def +perl backwardify.pl -noname ssl.def >noname\backward_ssl.def + +echo Creating backward compatibility forwarder dlls: +echo crypto.dll +gcc -Zomf -Zdll -Zcrtdll -o crypto.dll backward_crypto.def 2>&1 | grep -v L4085 +echo ssl.dll +gcc -Zomf -Zdll -Zcrtdll -o ssl.dll backward_ssl.def 2>&1 | grep -v L4085 + +echo Creating smaller backward compatibility forwarder dlls: +echo These DLLs are not good for runtime resolution of symbols. +echo noname\crypto.dll +gcc -Zomf -Zdll -Zcrtdll -o noname/crypto.dll noname/backward_crypto.def 2>&1 | grep -v L4085 +echo noname\ssl.dll +gcc -Zomf -Zdll -Zcrtdll -o noname/ssl.dll noname/backward_ssl.def 2>&1 | grep -v L4085 + +echo Compressing forwarders (it is ok if lxlite is not found): +lxlite *.dll noname/*.dll + +cd .. + +echo Now run: +echo For static build: +echo make -f OS2-EMX.mak +echo For dynamic build: +echo make -f OS2-EMX-DLL.mak +echo then rename crypto.dll to cryptssl.dll, ssl.dll to open_ssl.dll diff --git a/ssl/Makefile.ssl b/ssl/Makefile.ssl index 5e428bb57f..e7b2a2947f 100644 --- a/ssl/Makefile.ssl +++ b/ssl/Makefile.ssl @@ -55,14 +55,14 @@ ALL= $(GENERAL) $(SRC) $(HEADER) top: (cd ..; $(MAKE) DIRS=$(DIR) all) -all: lib shared +all: shared lib: $(LIBOBJ) $(AR) $(LIB) $(LIBOBJ) $(RANLIB) $(LIB) || echo Never mind. @touch lib -shared: +shared: lib if [ -n "$(SHARED_LIBS)" ]; then \ (cd ..; $(MAKE) $(SHARED_LIB)); \ fi diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index e4bb5e3f8b..1316dacfe2 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -1957,7 +1957,7 @@ static int ssl3_check_cert_and_algorithm(SSL *s) if (algs & SSL_kRSA) { if (rsa == NULL - || RSA_size(rsa) > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) + || RSA_size(rsa)*8 > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) { SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_EXPORT_TMP_RSA_KEY); goto f_err; @@ -1969,7 +1969,7 @@ static int ssl3_check_cert_and_algorithm(SSL *s) if (algs & (SSL_kEDH|SSL_kDHr|SSL_kDHd)) { if (dh == NULL - || DH_size(dh) > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) + || DH_size(dh)*8 > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) { SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_EXPORT_TMP_DH_KEY); goto f_err; diff --git a/ssl/ssl.h b/ssl/ssl.h index 4ae8458259..913bd40eea 100644 --- a/ssl/ssl.h +++ b/ssl/ssl.h @@ -1357,8 +1357,8 @@ const char *SSL_alert_type_string(int value); const char *SSL_alert_desc_string_long(int value); const char *SSL_alert_desc_string(int value); -void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *list); -void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *list); +void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *name_list); +void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list); STACK_OF(X509_NAME) *SSL_get_client_CA_list(SSL *s); STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(SSL_CTX *s); int SSL_add_client_CA(SSL *ssl,X509 *x); diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index 38a458f9b8..127b86a21e 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -514,12 +514,12 @@ int ssl_verify_cert_chain(SSL *s,STACK_OF(X509) *sk) return(i); } -static void set_client_CA_list(STACK_OF(X509_NAME) **ca_list,STACK_OF(X509_NAME) *list) +static void set_client_CA_list(STACK_OF(X509_NAME) **ca_list,STACK_OF(X509_NAME) *name_list) { if (*ca_list != NULL) sk_X509_NAME_pop_free(*ca_list,X509_NAME_free); - *ca_list=list; + *ca_list=name_list; } STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) *sk) @@ -541,14 +541,14 @@ STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) *sk) return(ret); } -void SSL_set_client_CA_list(SSL *s,STACK_OF(X509_NAME) *list) +void SSL_set_client_CA_list(SSL *s,STACK_OF(X509_NAME) *name_list) { - set_client_CA_list(&(s->client_CA),list); + set_client_CA_list(&(s->client_CA),name_list); } -void SSL_CTX_set_client_CA_list(SSL_CTX *ctx,STACK_OF(X509_NAME) *list) +void SSL_CTX_set_client_CA_list(SSL_CTX *ctx,STACK_OF(X509_NAME) *name_list) { - set_client_CA_list(&(ctx->client_CA),list); + set_client_CA_list(&(ctx->client_CA),name_list); } STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(SSL_CTX *ctx) diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index 585c70e4b3..8fc0d3e1b8 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -334,10 +334,10 @@ static unsigned long ssl_cipher_get_disabled(void) } static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method, - int num_of_ciphers, unsigned long mask, CIPHER_ORDER *list, + int num_of_ciphers, unsigned long mask, CIPHER_ORDER *co_list, CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p) { - int i, list_num; + int i, co_list_num; SSL_CIPHER *c; /* @@ -348,18 +348,18 @@ static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method, */ /* Get the initial list of ciphers */ - list_num = 0; /* actual count of ciphers */ + co_list_num = 0; /* actual count of ciphers */ for (i = 0; i < num_of_ciphers; i++) { c = ssl_method->get_cipher(i); /* drop those that use any of that is not available */ if ((c != NULL) && c->valid && !(c->algorithms & mask)) { - list[list_num].cipher = c; - list[list_num].next = NULL; - list[list_num].prev = NULL; - list[list_num].active = 0; - list_num++; + co_list[co_list_num].cipher = c; + co_list[co_list_num].next = NULL; + co_list[co_list_num].prev = NULL; + co_list[co_list_num].active = 0; + co_list_num++; #ifdef KSSL_DEBUG printf("\t%d: %s %lx %lx\n",i,c->name,c->id,c->algorithms); #endif /* KSSL_DEBUG */ @@ -372,18 +372,18 @@ static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method, /* * Prepare linked list from list entries */ - for (i = 1; i < list_num - 1; i++) + for (i = 1; i < co_list_num - 1; i++) { - list[i].prev = &(list[i-1]); - list[i].next = &(list[i+1]); + co_list[i].prev = &(co_list[i-1]); + co_list[i].next = &(co_list[i+1]); } - if (list_num > 0) + if (co_list_num > 0) { - (*head_p) = &(list[0]); + (*head_p) = &(co_list[0]); (*head_p)->prev = NULL; - (*head_p)->next = &(list[1]); - (*tail_p) = &(list[list_num - 1]); - (*tail_p)->prev = &(list[list_num - 2]); + (*head_p)->next = &(co_list[1]); + (*tail_p) = &(co_list[co_list_num - 1]); + (*tail_p)->prev = &(co_list[co_list_num - 2]); (*tail_p)->next = NULL; } } @@ -429,7 +429,7 @@ static void ssl_cipher_collect_aliases(SSL_CIPHER **ca_list, static void ssl_cipher_apply_rule(unsigned long algorithms, unsigned long mask, unsigned long algo_strength, unsigned long mask_strength, - int rule, int strength_bits, CIPHER_ORDER *list, + int rule, int strength_bits, CIPHER_ORDER *co_list, CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p) { CIPHER_ORDER *head, *tail, *curr, *curr2, *tail2; @@ -524,8 +524,9 @@ static void ssl_cipher_apply_rule(unsigned long algorithms, unsigned long mask, *tail_p = tail; } -static int ssl_cipher_strength_sort(CIPHER_ORDER *list, CIPHER_ORDER **head_p, - CIPHER_ORDER **tail_p) +static int ssl_cipher_strength_sort(CIPHER_ORDER *co_list, + CIPHER_ORDER **head_p, + CIPHER_ORDER **tail_p) { int max_strength_bits, i, *number_uses; CIPHER_ORDER *curr; @@ -570,14 +571,14 @@ static int ssl_cipher_strength_sort(CIPHER_ORDER *list, CIPHER_ORDER **head_p, for (i = max_strength_bits; i >= 0; i--) if (number_uses[i] > 0) ssl_cipher_apply_rule(0, 0, 0, 0, CIPHER_ORD, i, - list, head_p, tail_p); + co_list, head_p, tail_p); OPENSSL_free(number_uses); return(1); } static int ssl_cipher_process_rulestr(const char *rule_str, - CIPHER_ORDER *list, CIPHER_ORDER **head_p, + CIPHER_ORDER *co_list, CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p, SSL_CIPHER **ca_list) { unsigned long algorithms, mask, algo_strength, mask_strength; @@ -702,7 +703,7 @@ static int ssl_cipher_process_rulestr(const char *rule_str, ok = 0; if ((buflen == 8) && !strncmp(buf, "STRENGTH", 8)) - ok = ssl_cipher_strength_sort(list, + ok = ssl_cipher_strength_sort(co_list, head_p, tail_p); else SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR, @@ -722,7 +723,7 @@ static int ssl_cipher_process_rulestr(const char *rule_str, { ssl_cipher_apply_rule(algorithms, mask, algo_strength, mask_strength, rule, -1, - list, head_p, tail_p); + co_list, head_p, tail_p); } else { @@ -744,7 +745,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, unsigned long disabled_mask; STACK_OF(SSL_CIPHER) *cipherstack; const char *rule_p; - CIPHER_ORDER *list = NULL, *head = NULL, *tail = NULL, *curr; + CIPHER_ORDER *co_list = NULL, *head = NULL, *tail = NULL, *curr; SSL_CIPHER **ca_list = NULL; /* @@ -774,15 +775,15 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, #ifdef KSSL_DEBUG printf("ssl_create_cipher_list() for %d ciphers\n", num_of_ciphers); #endif /* KSSL_DEBUG */ - list = (CIPHER_ORDER *)OPENSSL_malloc(sizeof(CIPHER_ORDER) * num_of_ciphers); - if (list == NULL) + co_list = (CIPHER_ORDER *)OPENSSL_malloc(sizeof(CIPHER_ORDER) * num_of_ciphers); + if (co_list == NULL) { SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST,ERR_R_MALLOC_FAILURE); return(NULL); /* Failure */ } ssl_cipher_collect_ciphers(ssl_method, num_of_ciphers, disabled_mask, - list, &head, &tail); + co_list, &head, &tail); /* * We also need cipher aliases for selecting based on the rule_str. @@ -798,7 +799,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, (SSL_CIPHER **)OPENSSL_malloc(sizeof(SSL_CIPHER *) * num_of_alias_max); if (ca_list == NULL) { - OPENSSL_free(list); + OPENSSL_free(co_list); SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST,ERR_R_MALLOC_FAILURE); return(NULL); /* Failure */ } @@ -814,21 +815,21 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, if (strncmp(rule_str,"DEFAULT",7) == 0) { ok = ssl_cipher_process_rulestr(SSL_DEFAULT_CIPHER_LIST, - list, &head, &tail, ca_list); + co_list, &head, &tail, ca_list); rule_p += 7; if (*rule_p == ':') rule_p++; } if (ok && (strlen(rule_p) > 0)) - ok = ssl_cipher_process_rulestr(rule_p, list, &head, &tail, + ok = ssl_cipher_process_rulestr(rule_p, co_list, &head, &tail, ca_list); OPENSSL_free(ca_list); /* Not needed anymore */ if (!ok) { /* Rule processing failure */ - OPENSSL_free(list); + OPENSSL_free(co_list); return(NULL); } /* @@ -837,7 +838,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, */ if ((cipherstack = sk_SSL_CIPHER_new_null()) == NULL) { - OPENSSL_free(list); + OPENSSL_free(co_list); return(NULL); } @@ -855,7 +856,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, #endif } } - OPENSSL_free(list); /* Not needed any longer */ + OPENSSL_free(co_list); /* Not needed any longer */ /* * The following passage is a little bit odd. If pointer variables diff --git a/util/mk1mf.pl b/util/mk1mf.pl index 2b7c5650ee..44c07550c6 100755 --- a/util/mk1mf.pl +++ b/util/mk1mf.pl @@ -278,6 +278,8 @@ $defs= <<"EOF"; EOF +$defs .= $preamble if defined $preamble; + if ($platform eq "VC-CE") { $defs.= <<"EOF"; diff --git a/util/mkdef.pl b/util/mkdef.pl index cdd2164c4e..01a1bfda19 100755 --- a/util/mkdef.pl +++ b/util/mkdef.pl @@ -1116,27 +1116,55 @@ sub print_test_file } } +sub get_version { + local *MF; + my $v = '?'; + open MF, 'Makefile.ssl' or return $v; + while () { + $v = $1, last if /^VERSION=(.*?)\s*$/; + } + close MF; + return $v; +} + sub print_def_file { (*OUT,my $name,*nums,my @symbols)=@_; my $n = 1; my @e; my @r; my @v; my $prev=""; my $liboptions=""; + my $libname = $name; + my $http_vendor = 'www.openssl.org/'; + my $version = get_version(); + my $what = "OpenSSL: implementation of Secure Socket Layer"; + my $description = "$what $version, $name - http://$http_vendor"; if ($W32) - { $name.="32"; } + { $libname.="32"; } elsif ($W16) - { $name.="16"; } + { $libname.="16"; } elsif ($OS2) - { $liboptions = "INITINSTANCE\nDATA NONSHARED"; } + { # DLL names should not clash on the whole system. + # However, they should not have any particular relationship + # to the name of the static library. Chose descriptive names + # (must be at most 8 chars). + my %translate = (ssl => 'open_ssl', crypto => 'cryptssl'); + $libname = $translate{$name} || $name; + $liboptions = <