From 5209202f3bb5652808b7315a749ff6943e8c1ef9 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Tue, 10 Oct 2000 08:40:05 +0000 Subject: [PATCH] Merge from main trunk, all conflicts resolved. --- CHANGES | 25 +++++ Configure | 8 +- Makefile.org | 7 +- README | 2 +- STATUS | 3 +- apps/apps.c | 57 ++++++++-- apps/apps.h | 1 + apps/req.c | 20 +++- apps/x509.c | 10 +- crypto/Makefile.ssl | 3 +- crypto/asn1/Makefile.ssl | 3 +- crypto/asn1/a_strex.c | 12 ++ crypto/asn1/a_strnid.c | 2 +- crypto/asn1/t_x509.c | 213 +++++++++++++++++++++++------------- crypto/bf/Makefile.ssl | 3 +- crypto/bio/Makefile.ssl | 3 +- crypto/bio/b_sock.c | 6 +- crypto/bn/Makefile.ssl | 3 +- crypto/bn/asm/pa-risc2.s | 2 +- crypto/bn/asm/pa-risc2W.s | 2 +- crypto/buffer/Makefile.ssl | 3 +- crypto/cast/Makefile.ssl | 3 +- crypto/comp/Makefile.ssl | 3 +- crypto/conf/Makefile.ssl | 3 +- crypto/des/Makefile.ssl | 3 +- crypto/dh/Makefile.ssl | 3 +- crypto/dsa/Makefile.ssl | 3 +- crypto/dso/Makefile.ssl | 3 +- crypto/dso/dso.h | 53 ++++----- crypto/dso/dso_dl.c | 28 +---- crypto/dso/dso_dlfcn.c | 28 +---- crypto/dso/dso_err.c | 5 - crypto/dso/dso_lib.c | 16 +++ crypto/dso/dso_vms.c | 28 +---- crypto/dso/dso_win32.c | 28 +---- crypto/err/Makefile.ssl | 3 +- crypto/evp/Makefile.ssl | 3 +- crypto/evp/evp.h | 36 +++++- crypto/hmac/Makefile.ssl | 3 +- crypto/idea/Makefile.ssl | 3 +- crypto/lhash/Makefile.ssl | 3 +- crypto/md2/Makefile.ssl | 3 +- crypto/md4/Makefile.ssl | 3 +- crypto/md5/Makefile.ssl | 3 +- crypto/mdc2/Makefile.ssl | 3 +- crypto/objects/Makefile.ssl | 3 +- crypto/opensslv.h | 4 +- crypto/pem/Makefile.ssl | 3 +- crypto/pkcs12/Makefile.ssl | 3 +- crypto/pkcs7/Makefile.ssl | 3 +- crypto/rand/Makefile.ssl | 3 +- crypto/rc2/Makefile.ssl | 3 +- crypto/rc4/Makefile.ssl | 3 +- crypto/rc5/Makefile.ssl | 3 +- crypto/ripemd/Makefile.ssl | 3 +- crypto/rsa/Makefile.ssl | 3 +- crypto/sha/Makefile.ssl | 3 +- crypto/stack/Makefile.ssl | 3 +- crypto/txt_db/Makefile.ssl | 3 +- crypto/x509/Makefile.ssl | 3 +- crypto/x509/x509.h | 17 +++ crypto/x509v3/Makefile.ssl | 3 +- crypto/x509v3/v3_prn.c | 36 +++++- crypto/x509v3/x509v3.h | 14 ++- doc/crypto/des.pod | 2 +- doc/crypto/evp.pod | 2 +- doc/ssl/SSL_pending.pod | 13 +++ doc/ssl/ssl.pod | 10 +- e_os.h | 15 +-- ms/test.bat | 2 +- openssl.spec | 4 +- rsaref/Makefile.ssl | 3 +- ssl/Makefile.ssl | 3 +- ssl/ssl.h | 2 +- ssl/ssl_lib.c | 3 + util/libeay.num | 6 +- util/mkdef.pl | 26 ++++- 77 files changed, 549 insertions(+), 316 deletions(-) diff --git a/CHANGES b/CHANGES index 87853c3b29..929431cb02 100644 --- a/CHANGES +++ b/CHANGES @@ -2,6 +2,31 @@ OpenSSL CHANGES _______________ + Changes between 0.9.6 and 0.9.7 [xx XXX 2000] + + *) Fix for bug in DirectoryString mask setting. Add support for + X509_NAME_print_ex() in 'req' and X509_print_ex() function + to allow certificate printing to more controllable, additional + 'certopt' option to 'x509' to allow new printing options to be + set. + [Steve Henson] + + *) Clean old EAY MD5 hack from e_os.h. + [Richard Levitte] + + *) Fix SSL_CTX_set_read_ahead macro to actually use its argument. + + Copy SSL_CTX's read_ahead flag to SSL object directly in SSL_new + and not in SSL_clear because the latter is also used by the + accept/connect functions; previously, the settings made by + SSL_set_read_ahead would be lost during the handshake. + [Bodo Moeller; problems reported by Anders Gertz ] + + *) Correct util/mkdef.pl to be selective about disabled algorithms. + Previously, it would create entries for disableed algorithms no + matter what. + [Richard Levitte] + Changes between 0.9.5a and 0.9.6 [24 Sep 2000] *) In ssl23_get_client_hello, generate an error message when faced diff --git a/Configure b/Configure index f6aefa204a..0c15cd11b9 100755 --- a/Configure +++ b/Configure @@ -289,8 +289,8 @@ my %table=( # # # -"linux-alpha-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:asm/alpha.o::", -"linux-alpha+bwx-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:asm/alpha.o::", +"linux-alpha-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT:-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:asm/alpha.o:dlfcn:linux-shared:-fPIC", +"linux-alpha+bwx-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT:-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:asm/alpha.o:dlfcn:linux-shared:-fPIC", "linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:asm/alpha.o::", "linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:asm/alpha.o::", @@ -740,6 +740,10 @@ if ($shared_cflag ne "") $shared_mark2 = ".shlib."; } } +else + { + $no_shared = 1; + } #my ($bn1)=split(/\s+/,$bn_obj); #$bn1 = "" unless defined $bn1; diff --git a/Makefile.org b/Makefile.org index d1fd33e56c..7e83bad864 100644 --- a/Makefile.org +++ b/Makefile.org @@ -462,7 +462,8 @@ install: all install_docs if [ -f "$$i" ]; then \ ( echo installing $$i; \ cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib; \ - $(RANLIB) $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i; \ + (echo $$i | grep '\\.a$$' > /dev/null 2>&1) \ + && $(RANLIB) $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i; \ chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i ); \ fi \ done @@ -473,19 +474,19 @@ install_docs: $(INSTALL_PREFIX)$(MANDIR)/man3 \ $(INSTALL_PREFIX)$(MANDIR)/man5 \ $(INSTALL_PREFIX)$(MANDIR)/man7 - @echo installing man 1 and man 5 @for i in doc/apps/*.pod; do \ fn=`basename $$i .pod`; \ sec=`[ "$$fn" = "config" ] && echo 5 || echo 1`; \ + echo "installing man$$sec/`basename $$i .pod`.$$sec"; \ (cd `dirname $$i`; \ $(PERL) ../../util/pod2man.pl --section=$$sec --center=OpenSSL \ --release=$(VERSION) `basename $$i`) \ > $(INSTALL_PREFIX)$(MANDIR)/man$$sec/`basename $$i .pod`.$$sec; \ done - @echo installing man 3 and man 7 @for i in doc/crypto/*.pod doc/ssl/*.pod; do \ fn=`basename $$i .pod`; \ sec=`[ "$$fn" = "des_modes" ] && echo 7 || echo 3`; \ + echo "installing man$$sec/`basename $$i .pod`.$$sec"; \ (cd `dirname $$i`; \ $(PERL) ../../util/pod2man.pl --section=$$sec --center=OpenSSL \ --release=$(VERSION) `basename $$i`) \ diff --git a/README b/README index 2435de10ca..f372c88e89 100644 --- a/README +++ b/README @@ -1,5 +1,5 @@ - OpenSSL 0.9.6 [engine] 24 Sep 2000 + OpenSSL 0.9.7-dev [engine] 24 Sep 2000 Copyright (c) 1998-2000 The OpenSSL Project Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson diff --git a/STATUS b/STATUS index 3212503723..2d9eae9fbb 100644 --- a/STATUS +++ b/STATUS @@ -1,9 +1,10 @@ OpenSSL STATUS Last modified at - ______________ $Date: 2000/09/24 16:04:33 $ + ______________ $Date: 2000/10/10 08:39:58 $ DEVELOPMENT STATE + o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 diff --git a/apps/apps.c b/apps/apps.c index 167c319ebe..0190d71ee2 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -74,6 +74,14 @@ # include "bss_file.c" #endif +typedef struct { + char *name; + unsigned long flag; + unsigned long mask; +} NAME_EX_TBL; + +static int set_table_opts(unsigned long *flags, const char *arg, const NAME_EX_TBL *in_tbl); + int app_init(long mesgwin); #ifdef undef /* never finished - probably never will be :-) */ int args_from_file(char *file, int *argc, char **argv[]) @@ -696,16 +704,43 @@ end: return(othercerts); } -typedef struct { - char *name; - unsigned long flag; - unsigned long mask; -} NAME_EX_TBL; + +#define X509V3_EXT_UNKNOWN_MASK (0xfL << 16) +/* Return error for unknown extensions */ +#define X509V3_EXT_DEFAULT 0 +/* Print error for unknown extensions */ +#define X509V3_EXT_ERROR_UNKNOWN (1L << 16) +/* ASN1 parse unknown extensions */ +#define X509V3_EXT_PARSE_UNKNOWN (2L << 16) +/* BIO_dump unknown extensions */ +#define X509V3_EXT_DUMP_UNKNOWN (3L << 16) + +int set_cert_ex(unsigned long *flags, const char *arg) +{ + static const NAME_EX_TBL cert_tbl[] = { + { "compatible", X509_FLAG_COMPAT, 0xffffffffl}, + { "no_header", X509_FLAG_NO_HEADER, 0}, + { "no_version", X509_FLAG_NO_VERSION, 0}, + { "no_serial", X509_FLAG_NO_SERIAL, 0}, + { "no_signame", X509_FLAG_NO_SIGNAME, 0}, + { "no_validity", X509_FLAG_NO_VALIDITY, 0}, + { "no_subject", X509_FLAG_NO_SUBJECT, 0}, + { "no_pubkey", X509_FLAG_NO_PUBKEY, 0}, + { "no_extensions", X509_FLAG_NO_EXTENSIONS, 0}, + { "no_sigdump", X509_FLAG_NO_SIGDUMP, 0}, + { "no_aux", X509_FLAG_NO_AUX, 0}, + { "ext_default", X509V3_EXT_DEFAULT, X509V3_EXT_UNKNOWN_MASK}, + { "ext_error", X509V3_EXT_ERROR_UNKNOWN, X509V3_EXT_UNKNOWN_MASK}, + { "ext_parse", X509V3_EXT_PARSE_UNKNOWN, X509V3_EXT_UNKNOWN_MASK}, + { "ext_dump", X509V3_EXT_DUMP_UNKNOWN, X509V3_EXT_UNKNOWN_MASK}, + { NULL, 0, 0} + }; + return set_table_opts(flags, arg, cert_tbl); +} int set_name_ex(unsigned long *flags, const char *arg) { - char c; - const NAME_EX_TBL *ptbl, ex_tbl[] = { + static const NAME_EX_TBL ex_tbl[] = { { "esc_2253", ASN1_STRFLGS_ESC_2253, 0}, { "esc_ctrl", ASN1_STRFLGS_ESC_CTRL, 0}, { "esc_msb", ASN1_STRFLGS_ESC_MSB, 0}, @@ -733,7 +768,13 @@ int set_name_ex(unsigned long *flags, const char *arg) { "multiline", XN_FLAG_MULTILINE, 0xffffffffL}, { NULL, 0, 0} }; + return set_table_opts(flags, arg, ex_tbl); +} +static int set_table_opts(unsigned long *flags, const char *arg, const NAME_EX_TBL *in_tbl) +{ + char c; + const NAME_EX_TBL *ptbl; c = arg[0]; if(c == '-') { @@ -744,7 +785,7 @@ int set_name_ex(unsigned long *flags, const char *arg) arg++; } else c = 1; - for(ptbl = ex_tbl; ptbl->name; ptbl++) { + for(ptbl = in_tbl; ptbl->name; ptbl++) { if(!strcmp(arg, ptbl->name)) { *flags &= ~ptbl->mask; if(c) *flags |= ptbl->flag; diff --git a/apps/apps.h b/apps/apps.h index 74d479e91d..7684905201 100644 --- a/apps/apps.h +++ b/apps/apps.h @@ -147,6 +147,7 @@ int chopup_args(ARGS *arg,char *buf, int *argc, char **argv[]); int dump_cert_text(BIO *out, X509 *x); void print_name(BIO *out, char *title, X509_NAME *nm, unsigned long lflags); #endif +int set_cert_ex(unsigned long *flags, const char *arg); int set_name_ex(unsigned long *flags, const char *arg); int app_passwd(BIO *err, char *arg1, char *arg2, char **pass1, char **pass2); int add_oid_section(BIO *err, LHASH *conf); diff --git a/apps/req.c b/apps/req.c index 0751d92201..7f9abed2f1 100644 --- a/apps/req.c +++ b/apps/req.c @@ -145,6 +145,7 @@ int MAIN(int argc, char **argv) #ifndef NO_DSA DSA *dsa_params=NULL; #endif + unsigned long nmflag = 0; int ex=1,x509=0,days=30; X509 *x509ss=NULL; X509_REQ *req=NULL; @@ -152,7 +153,7 @@ int MAIN(int argc, char **argv) int i,badops=0,newreq=0,newkey= -1,pkey_type=0; BIO *in=NULL,*out=NULL; int informat,outformat,verify=0,noout=0,text=0,keyform=FORMAT_PEM; - int nodes=0,kludge=0,newhdr=0; + int nodes=0,kludge=0,newhdr=0,subject=0; char *infile,*outfile,*prog,*keyfile=NULL,*template=NULL,*keyout=NULL; char *engine=NULL; char *extensions = NULL; @@ -330,6 +331,13 @@ int MAIN(int argc, char **argv) nodes=1; else if (strcmp(*argv,"-noout") == 0) noout=1; + else if (strcmp(*argv,"-nameopt") == 0) + { + if (--argc < 1) goto bad; + if (!set_name_ex(&nmflag, *(++argv))) goto bad; + } + else if (strcmp(*argv,"-subject") == 0) + subject=1; else if (strcmp(*argv,"-text") == 0) text=1; else if (strcmp(*argv,"-x509") == 0) @@ -843,7 +851,7 @@ loop: BIO_printf(bio_err,"verify OK\n"); } - if (noout && !text && !modulus) + if (noout && !text && !modulus && !subject) { ex=0; goto end; @@ -880,6 +888,14 @@ loop: X509_REQ_print(out,req); } + if(subject) + { + if(x509) + print_name(out, "subject=", X509_get_subject_name(x509ss), nmflag); + else + print_name(out, "subject=", X509_REQ_get_subject_name(req), nmflag); + } + if (modulus) { EVP_PKEY *pubkey; diff --git a/apps/x509.c b/apps/x509.c index 0c0d42a0ac..8712339717 100644 --- a/apps/x509.c +++ b/apps/x509.c @@ -131,6 +131,7 @@ static char *x509_usage[]={ " -clrext - delete extensions before signing and input certificate\n", " -nameopt arg - various certificate name options\n", " -engine e - use engine e, possibly a hardware device.\n", +" -certopt arg - various certificate text options\n", NULL }; @@ -177,7 +178,7 @@ int MAIN(int argc, char **argv) char *extsect = NULL, *extfile = NULL, *passin = NULL, *passargin = NULL; int need_rand = 0; int checkend=0,checkoffset=0; - unsigned long nmflag = 0; + unsigned long nmflag = 0, certflag = 0; char *engine=NULL; reqfile=0; @@ -330,6 +331,11 @@ int MAIN(int argc, char **argv) alias= *(++argv); trustout = 1; } + else if (strcmp(*argv,"-certopt") == 0) + { + if (--argc < 1) goto bad; + if (!set_cert_ex(&certflag, *(++argv))) goto bad; + } else if (strcmp(*argv,"-nameopt") == 0) { if (--argc < 1) goto bad; @@ -801,7 +807,7 @@ bad: } else if (text == i) { - X509_print(out,x); + X509_print_ex(out,x,nmflag, certflag); } else if (startdate == i) { diff --git a/crypto/Makefile.ssl b/crypto/Makefile.ssl index 37c5d9f916..17589b5387 100644 --- a/crypto/Makefile.ssl +++ b/crypto/Makefile.ssl @@ -90,7 +90,8 @@ links: lib: $(LIBOBJ) $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) + @echo You may get an error following this line. Please ignore. + - $(RANLIB) $(LIB) @touch lib libs: diff --git a/crypto/asn1/Makefile.ssl b/crypto/asn1/Makefile.ssl index eae97f321d..269af44593 100644 --- a/crypto/asn1/Makefile.ssl +++ b/crypto/asn1/Makefile.ssl @@ -75,7 +75,8 @@ all: lib lib: $(LIBOBJ) $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) + @echo You may get an error following this line. Please ignore. + - $(RANLIB) $(LIB) @touch lib files: diff --git a/crypto/asn1/a_strex.c b/crypto/asn1/a_strex.c index 569b811998..5335538ae0 100644 --- a/crypto/asn1/a_strex.c +++ b/crypto/asn1/a_strex.c @@ -491,12 +491,24 @@ static int do_name_ex(char_io *io_ch, void *arg, X509_NAME *n, int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent, unsigned long flags) { + if(flags == XN_FLAG_COMPAT) + return X509_NAME_print(out, nm, indent); return do_name_ex(send_bio_chars, out, nm, indent, flags); } int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, unsigned long flags) { + if(flags == XN_FLAG_COMPAT) + { + BIO *btmp; + int ret; + btmp = BIO_new_fp(fp, BIO_NOCLOSE); + if(!btmp) return -1; + ret = X509_NAME_print(btmp, nm, indent); + BIO_free(btmp); + return ret; + } return do_name_ex(send_fp_chars, fp, nm, indent, flags); } diff --git a/crypto/asn1/a_strnid.c b/crypto/asn1/a_strnid.c index 6b10cff994..732e68fe46 100644 --- a/crypto/asn1/a_strnid.c +++ b/crypto/asn1/a_strnid.c @@ -133,7 +133,7 @@ ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out, const unsigned char *in, if(tbl) { mask = tbl->mask; if(!(tbl->flags & STABLE_NO_MASK)) mask &= global_mask; - ret = ASN1_mbstring_ncopy(out, in, inlen, inform, tbl->mask, + ret = ASN1_mbstring_ncopy(out, in, inlen, inform, mask, tbl->minsize, tbl->maxsize); } else ret = ASN1_mbstring_copy(out, in, inlen, inform, DIRSTRING_TYPE & global_mask); if(ret <= 0) return NULL; diff --git a/crypto/asn1/t_x509.c b/crypto/asn1/t_x509.c index 314bdfb1c7..f2979bf5a7 100644 --- a/crypto/asn1/t_x509.c +++ b/crypto/asn1/t_x509.c @@ -72,6 +72,11 @@ #ifndef NO_FP_API int X509_print_fp(FILE *fp, X509 *x) + { + return X509_print_ex_fp(fp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT); + } + +int X509_print_ex_fp(FILE *fp, X509 *x, unsigned long nmflag, unsigned long cflag) { BIO *b; int ret; @@ -82,17 +87,23 @@ int X509_print_fp(FILE *fp, X509 *x) return(0); } BIO_set_fp(b,fp,BIO_NOCLOSE); - ret=X509_print(b, x); + ret=X509_print_ex(b, x, nmflag, cflag); BIO_free(b); return(ret); } #endif int X509_print(BIO *bp, X509 *x) +{ + return X509_print_ex(bp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT); +} + +int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag) { long l; int ret=0,i,j,n; - char *m=NULL,*s; + char *m=NULL,*s, mlch = ' '; + int nmindent = 0; X509_CINF *ci; ASN1_INTEGER *bs; EVP_PKEY *pkey=NULL; @@ -100,89 +111,127 @@ int X509_print(BIO *bp, X509 *x) X509_EXTENSION *ex; ASN1_STRING *str=NULL; + if((nmflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) { + mlch = '\n'; + nmindent = 16; + } + + if(nmflags == X509_FLAG_COMPAT) + nmindent = 16; + ci=x->cert_info; - if (BIO_write(bp,"Certificate:\n",13) <= 0) goto err; - if (BIO_write(bp," Data:\n",10) <= 0) goto err; - l=X509_get_version(x); - if (BIO_printf(bp,"%8sVersion: %lu (0x%lx)\n","",l+1,l) <= 0) goto err; - if (BIO_write(bp," Serial Number:",22) <= 0) goto err; - - bs=X509_get_serialNumber(x); - if (bs->length <= 4) + if(!(cflag & X509_FLAG_NO_HEADER)) { - l=ASN1_INTEGER_get(bs); - if (l < 0) - { - l= -l; - neg="-"; - } - else - neg=""; - if (BIO_printf(bp," %s%lu (%s0x%lx)\n",neg,l,neg,l) <= 0) - goto err; + if (BIO_write(bp,"Certificate:\n",13) <= 0) goto err; + if (BIO_write(bp," Data:\n",10) <= 0) goto err; } - else + if(!(cflag & X509_FLAG_NO_VERSION)) { - neg=(bs->type == V_ASN1_NEG_INTEGER)?" (Negative)":""; - if (BIO_printf(bp,"\n%12s%s","",neg) <= 0) goto err; + l=X509_get_version(x); + if (BIO_printf(bp,"%8sVersion: %lu (0x%lx)\n","",l+1,l) <= 0) goto err; + } + if(!(cflag & X509_FLAG_NO_SERIAL)) + { + + if (BIO_write(bp," Serial Number:",22) <= 0) goto err; - for (i=0; ilength; i++) + bs=X509_get_serialNumber(x); + if (bs->length <= 4) { - if (BIO_printf(bp,"%02x%c",bs->data[i], - ((i+1 == bs->length)?'\n':':')) <= 0) + l=ASN1_INTEGER_get(bs); + if (l < 0) + { + l= -l; + neg="-"; + } + else + neg=""; + if (BIO_printf(bp," %s%lu (%s0x%lx)\n",neg,l,neg,l) <= 0) goto err; } + else + { + neg=(bs->type == V_ASN1_NEG_INTEGER)?" (Negative)":""; + if (BIO_printf(bp,"\n%12s%s","",neg) <= 0) goto err; + + for (i=0; ilength; i++) + { + if (BIO_printf(bp,"%02x%c",bs->data[i], + ((i+1 == bs->length)?'\n':':')) <= 0) + goto err; + } + } + } - i=OBJ_obj2nid(ci->signature->algorithm); - if (BIO_printf(bp,"%8sSignature Algorithm: %s\n","", - (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0) - goto err; - - if (BIO_write(bp," Issuer: ",16) <= 0) goto err; - if (!X509_NAME_print(bp,X509_get_issuer_name(x),16)) goto err; - if (BIO_write(bp,"\n Validity\n",18) <= 0) goto err; - if (BIO_write(bp," Not Before: ",24) <= 0) goto err; - if (!ASN1_TIME_print(bp,X509_get_notBefore(x))) goto err; - if (BIO_write(bp,"\n Not After : ",25) <= 0) goto err; - if (!ASN1_TIME_print(bp,X509_get_notAfter(x))) goto err; - if (BIO_write(bp,"\n Subject: ",18) <= 0) goto err; - if (!X509_NAME_print(bp,X509_get_subject_name(x),16)) goto err; - if (BIO_write(bp,"\n Subject Public Key Info:\n",34) <= 0) - goto err; - i=OBJ_obj2nid(ci->key->algor->algorithm); - if (BIO_printf(bp,"%12sPublic Key Algorithm: %s\n","", - (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0) goto err; - - pkey=X509_get_pubkey(x); - if (pkey == NULL) + if(!(cflag & X509_FLAG_NO_SIGNAME)) { - BIO_printf(bp,"%12sUnable to load Public Key\n",""); - ERR_print_errors(bp); + i=OBJ_obj2nid(ci->signature->algorithm); + if (BIO_printf(bp,"%8sSignature Algorithm: %s\n","", + (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0) + goto err; } - else -#ifndef NO_RSA - if (pkey->type == EVP_PKEY_RSA) + + if(!(cflag & X509_FLAG_NO_ISSUER)) { - BIO_printf(bp,"%12sRSA Public Key: (%d bit)\n","", - BN_num_bits(pkey->pkey.rsa->n)); - RSA_print(bp,pkey->pkey.rsa,16); + if (BIO_printf(bp," Issuer:%c",mlch) <= 0) goto err; + if (!X509_NAME_print_ex(bp,X509_get_issuer_name(x),nmindent, nmflags)) goto err; } - else -#endif -#ifndef NO_DSA - if (pkey->type == EVP_PKEY_DSA) + if(!(cflag & X509_FLAG_NO_VALIDITY)) { - BIO_printf(bp,"%12sDSA Public Key:\n",""); - DSA_print(bp,pkey->pkey.dsa,16); + if (BIO_write(bp,"\n Validity\n",18) <= 0) goto err; + if (BIO_write(bp," Not Before: ",24) <= 0) goto err; + if (!ASN1_TIME_print(bp,X509_get_notBefore(x))) goto err; + if (BIO_write(bp,"\n Not After : ",25) <= 0) goto err; + if (!ASN1_TIME_print(bp,X509_get_notAfter(x))) goto err; + if (BIO_write(bp,"\n",1) <= 0) goto err; } - else + if(!(cflag & X509_FLAG_NO_SUBJECT)) + { + if (BIO_printf(bp," Subject:%c",mlch) <= 0) goto err; + if (!X509_NAME_print_ex(bp,X509_get_subject_name(x),nmindent, nmflags)) goto err; + } + if(!(cflag & X509_FLAG_NO_PUBKEY)) + { + if (BIO_write(bp,"\n Subject Public Key Info:\n",34) <= 0) + goto err; + i=OBJ_obj2nid(ci->key->algor->algorithm); + if (BIO_printf(bp,"%12sPublic Key Algorithm: %s\n","", + (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0) goto err; + + pkey=X509_get_pubkey(x); + if (pkey == NULL) + { + BIO_printf(bp,"%12sUnable to load Public Key\n",""); + ERR_print_errors(bp); + } + else +#ifndef NO_RSA + if (pkey->type == EVP_PKEY_RSA) + { + BIO_printf(bp,"%12sRSA Public Key: (%d bit)\n","", + BN_num_bits(pkey->pkey.rsa->n)); + RSA_print(bp,pkey->pkey.rsa,16); + } + else +#endif +#ifndef NO_DSA + if (pkey->type == EVP_PKEY_DSA) + { + BIO_printf(bp,"%12sDSA Public Key:\n",""); + DSA_print(bp,pkey->pkey.dsa,16); + } + else #endif - BIO_printf(bp,"%12sUnknown Public Key:\n",""); + BIO_printf(bp,"%12sUnknown Public Key:\n",""); - EVP_PKEY_free(pkey); + EVP_PKEY_free(pkey); + } - n=X509_get_ext_count(x); + if (cflag & X509_FLAG_NO_EXTENSIONS) + n = 0; + else + n=X509_get_ext_count(x); if (n > 0) { BIO_printf(bp,"%8sX509v3 extensions:\n",""); @@ -196,7 +245,7 @@ int X509_print(BIO *bp, X509 *x) j=X509_EXTENSION_get_critical(ex); if (BIO_printf(bp,": %s\n",j?"critical":"","") <= 0) goto err; - if(!X509V3_EXT_print(bp, ex, 0, 16)) + if(!X509V3_EXT_print(bp, ex, cflag, 16)) { BIO_printf(bp, "%16s", ""); M_ASN1_OCTET_STRING_print(bp,ex->value); @@ -205,21 +254,27 @@ int X509_print(BIO *bp, X509 *x) } } - i=OBJ_obj2nid(x->sig_alg->algorithm); - if (BIO_printf(bp,"%4sSignature Algorithm: %s","", - (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0) goto err; + if(!(cflag & X509_FLAG_NO_SIGDUMP)) + { + i=OBJ_obj2nid(x->sig_alg->algorithm); + if (BIO_printf(bp,"%4sSignature Algorithm: %s","", + (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0) goto err; - n=x->signature->length; - s=(char *)x->signature->data; - for (i=0; isignature->length; + s=(char *)x->signature->data; + for (i=0; iaux, 0)) goto err; } - if (BIO_write(bp,"\n",1) != 1) goto err; - if (!X509_CERT_AUX_print(bp, x->aux, 0)) goto err; ret=1; err: if (str != NULL) ASN1_STRING_free(str); diff --git a/crypto/bf/Makefile.ssl b/crypto/bf/Makefile.ssl index adc9eec3c6..2d61ec50f4 100644 --- a/crypto/bf/Makefile.ssl +++ b/crypto/bf/Makefile.ssl @@ -44,7 +44,8 @@ all: lib lib: $(LIBOBJ) $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) + @echo You may get an error following this line. Please ignore. + - $(RANLIB) $(LIB) @touch lib # elf diff --git a/crypto/bio/Makefile.ssl b/crypto/bio/Makefile.ssl index af5998b102..00caa9f7eb 100644 --- a/crypto/bio/Makefile.ssl +++ b/crypto/bio/Makefile.ssl @@ -49,7 +49,8 @@ all: lib lib: $(LIBOBJ) $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) + @echo You may get an error following this line. Please ignore. + - $(RANLIB) $(LIB) @touch lib files: diff --git a/crypto/bio/b_sock.c b/crypto/bio/b_sock.c index 64310058b4..e971a07de0 100644 --- a/crypto/bio/b_sock.c +++ b/crypto/bio/b_sock.c @@ -113,8 +113,8 @@ int BIO_get_host_ip(const char *str, unsigned char *ip) /* At this point, we have something that is most probably correct in some way, so let's init the socket. */ - if (!BIO_sock_init()) - return(0); /* don't generate another error code here */ + if (BIO_sock_init() != 1) + return 0; /* don't generate another error code here */ /* If the string actually contained an IP address, we need not do anything more */ @@ -527,7 +527,7 @@ int BIO_get_accept_socket(char *host, int bind_mode) unsigned long l; int err_num; - if (!BIO_sock_init()) return(INVALID_SOCKET); + if (BIO_sock_init() != 1) return(INVALID_SOCKET); if ((str=BUF_strdup(host)) == NULL) return(INVALID_SOCKET); diff --git a/crypto/bn/Makefile.ssl b/crypto/bn/Makefile.ssl index 85be16a5b6..ad36267e26 100644 --- a/crypto/bn/Makefile.ssl +++ b/crypto/bn/Makefile.ssl @@ -68,7 +68,8 @@ bnbug: bnbug.c ../../libcrypto.a top lib: $(LIBOBJ) $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) + @echo You may get an error following this line. Please ignore. + - $(RANLIB) $(LIB) @touch lib # elf diff --git a/crypto/bn/asm/pa-risc2.s b/crypto/bn/asm/pa-risc2.s index 7239aa2c76..af9730d062 100644 --- a/crypto/bn/asm/pa-risc2.s +++ b/crypto/bn/asm/pa-risc2.s @@ -1611,7 +1611,7 @@ bn_mul_comba4 .IMPORT $global$,DATA .SPACE $TEXT$ .SUBSPA $CODE$ - .SUBSPA $LIT$,QUAD=0,ALIGN=8,ACCESS=0x2c,SORT=16 + .SUBSPA $LIT$,ACCESS=0x2c C$7 .ALIGN 8 .STRINGZ "Division would overflow (%d)\n" diff --git a/crypto/bn/asm/pa-risc2W.s b/crypto/bn/asm/pa-risc2W.s index 54b6606252..a99545754d 100644 --- a/crypto/bn/asm/pa-risc2W.s +++ b/crypto/bn/asm/pa-risc2W.s @@ -1598,7 +1598,7 @@ bn_mul_comba4 .IMPORT $global$,DATA .SPACE $TEXT$ .SUBSPA $CODE$ - .SUBSPA $LIT$,QUAD=0,ALIGN=8,ACCESS=0x2c,SORT=16 + .SUBSPA $LIT$,ACCESS=0x2c C$4 .ALIGN 8 .STRINGZ "Division would overflow (%d)\n" diff --git a/crypto/buffer/Makefile.ssl b/crypto/buffer/Makefile.ssl index 4e11038c8b..c088ec6b3c 100644 --- a/crypto/buffer/Makefile.ssl +++ b/crypto/buffer/Makefile.ssl @@ -39,7 +39,8 @@ all: lib lib: $(LIBOBJ) $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) + @echo You may get an error following this line. Please ignore. + - $(RANLIB) $(LIB) @touch lib files: diff --git a/crypto/cast/Makefile.ssl b/crypto/cast/Makefile.ssl index afba084e8b..0aa1cbc55a 100644 --- a/crypto/cast/Makefile.ssl +++ b/crypto/cast/Makefile.ssl @@ -47,7 +47,8 @@ all: lib lib: $(LIBOBJ) $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) + @echo You may get an error following this line. Please ignore. + - $(RANLIB) $(LIB) @touch lib # elf diff --git a/crypto/comp/Makefile.ssl b/crypto/comp/Makefile.ssl index 3064df2447..ba705c2a1c 100644 --- a/crypto/comp/Makefile.ssl +++ b/crypto/comp/Makefile.ssl @@ -42,7 +42,8 @@ all: lib lib: $(LIBOBJ) $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) + @echo You may get an error following this line. Please ignore. + - $(RANLIB) $(LIB) @touch lib files: diff --git a/crypto/conf/Makefile.ssl b/crypto/conf/Makefile.ssl index ea82d46727..a96212252a 100644 --- a/crypto/conf/Makefile.ssl +++ b/crypto/conf/Makefile.ssl @@ -40,7 +40,8 @@ all: lib lib: $(LIBOBJ) $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) + @echo You may get an error following this line. Please ignore. + - $(RANLIB) $(LIB) @touch lib files: diff --git a/crypto/des/Makefile.ssl b/crypto/des/Makefile.ssl index b3cfe3dab6..28e58f4207 100644 --- a/crypto/des/Makefile.ssl +++ b/crypto/des/Makefile.ssl @@ -57,7 +57,8 @@ all: lib lib: $(LIBOBJ) $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) + @echo You may get an error following this line. Please ignore. + - $(RANLIB) $(LIB) @touch lib des: des.o cbc3_enc.o lib diff --git a/crypto/dh/Makefile.ssl b/crypto/dh/Makefile.ssl index 4616ca2b20..ec0e1ec5a3 100644 --- a/crypto/dh/Makefile.ssl +++ b/crypto/dh/Makefile.ssl @@ -39,7 +39,8 @@ all: lib lib: $(LIBOBJ) $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) + @echo You may get an error following this line. Please ignore. + - $(RANLIB) $(LIB) @touch lib files: diff --git a/crypto/dsa/Makefile.ssl b/crypto/dsa/Makefile.ssl index 24758c64cd..70899e8278 100644 --- a/crypto/dsa/Makefile.ssl +++ b/crypto/dsa/Makefile.ssl @@ -41,7 +41,8 @@ all: lib lib: $(LIBOBJ) $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) + @echo You may get an error following this line. Please ignore. + - $(RANLIB) $(LIB) @touch lib files: diff --git a/crypto/dso/Makefile.ssl b/crypto/dso/Makefile.ssl index effc46d2dc..33630e0bbb 100644 --- a/crypto/dso/Makefile.ssl +++ b/crypto/dso/Makefile.ssl @@ -41,7 +41,8 @@ all: lib lib: $(LIBOBJ) $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) + @echo You may get an error following this line. Please ignore. + - $(RANLIB) $(LIB) @touch lib files: diff --git a/crypto/dso/dso.h b/crypto/dso/dso.h index bed7c464a6..2770e3b763 100644 --- a/crypto/dso/dso.h +++ b/crypto/dso/dso.h @@ -206,40 +206,35 @@ void ERR_load_DSO_strings(void); /* Function codes. */ #define DSO_F_DLFCN_BIND_FUNC 100 #define DSO_F_DLFCN_BIND_VAR 101 -#define DSO_F_DLFCN_CTRL 102 -#define DSO_F_DLFCN_LOAD 103 -#define DSO_F_DLFCN_UNLOAD 104 -#define DSO_F_DL_BIND_FUNC 105 -#define DSO_F_DL_BIND_VAR 106 -#define DSO_F_DL_CTRL 107 -#define DSO_F_DL_LOAD 108 -#define DSO_F_DL_UNLOAD 109 -#define DSO_F_DSO_BIND_FUNC 110 -#define DSO_F_DSO_BIND_VAR 111 -#define DSO_F_DSO_CTRL 112 -#define DSO_F_DSO_FREE 113 -#define DSO_F_DSO_LOAD 114 -#define DSO_F_DSO_NEW_METHOD 115 -#define DSO_F_DSO_UP 116 -#define DSO_F_VMS_BIND_VAR 122 -#define DSO_F_VMS_CTRL 123 -#define DSO_F_VMS_LOAD 124 -#define DSO_F_VMS_UNLOAD 125 -#define DSO_F_WIN32_BIND_FUNC 117 -#define DSO_F_WIN32_BIND_VAR 118 -#define DSO_F_WIN32_CTRL 119 +#define DSO_F_DLFCN_LOAD 102 +#define DSO_F_DLFCN_UNLOAD 103 +#define DSO_F_DL_BIND_FUNC 104 +#define DSO_F_DL_BIND_VAR 105 +#define DSO_F_DL_LOAD 106 +#define DSO_F_DL_UNLOAD 107 +#define DSO_F_DSO_BIND_FUNC 108 +#define DSO_F_DSO_BIND_VAR 109 +#define DSO_F_DSO_CTRL 110 +#define DSO_F_DSO_FREE 111 +#define DSO_F_DSO_LOAD 112 +#define DSO_F_DSO_NEW_METHOD 113 +#define DSO_F_DSO_UP 114 +#define DSO_F_VMS_BIND_VAR 115 +#define DSO_F_VMS_LOAD 116 +#define DSO_F_VMS_UNLOAD 117 +#define DSO_F_WIN32_BIND_FUNC 118 +#define DSO_F_WIN32_BIND_VAR 119 #define DSO_F_WIN32_LOAD 120 #define DSO_F_WIN32_UNLOAD 121 /* Reason codes. */ #define DSO_R_CTRL_FAILED 100 -#define DSO_R_FILENAME_TOO_BIG 109 -#define DSO_R_FINISH_FAILED 101 -#define DSO_R_LOAD_FAILED 102 -#define DSO_R_NULL_HANDLE 103 -#define DSO_R_STACK_ERROR 104 -#define DSO_R_SYM_FAILURE 105 -#define DSO_R_UNKNOWN_COMMAND 106 +#define DSO_R_FILENAME_TOO_BIG 101 +#define DSO_R_FINISH_FAILED 102 +#define DSO_R_LOAD_FAILED 103 +#define DSO_R_NULL_HANDLE 104 +#define DSO_R_STACK_ERROR 105 +#define DSO_R_SYM_FAILURE 106 #define DSO_R_UNLOAD_FAILED 107 #define DSO_R_UNSUPPORTED 108 diff --git a/crypto/dso/dso_dl.c b/crypto/dso/dso_dl.c index 69810fc3bb..7a6770ef6d 100644 --- a/crypto/dso/dso_dl.c +++ b/crypto/dso/dso_dl.c @@ -81,8 +81,8 @@ static int dl_unbind_var(DSO *dso, char *symname, void *symptr); static int dl_unbind_func(DSO *dso, char *symname, DSO_FUNC_TYPE symptr); static int dl_init(DSO *dso); static int dl_finish(DSO *dso); -#endif static int dl_ctrl(DSO *dso, int cmd, long larg, void *parg); +#endif static DSO_METHOD dso_meth_dl = { "OpenSSL 'dl' shared library method", @@ -95,7 +95,7 @@ static DSO_METHOD dso_meth_dl = { NULL, /* unbind_var */ NULL, /* unbind_func */ #endif - dl_ctrl, + NULL, /* ctrl */ NULL, /* init */ NULL /* finish */ }; @@ -224,28 +224,4 @@ static DSO_FUNC_TYPE dl_bind_func(DSO *dso, const char *symname) return((DSO_FUNC_TYPE)sym); } -static int dl_ctrl(DSO *dso, int cmd, long larg, void *parg) - { - if(dso == NULL) - { - DSOerr(DSO_F_DL_CTRL,ERR_R_PASSED_NULL_PARAMETER); - return(-1); - } - switch(cmd) - { - case DSO_CTRL_GET_FLAGS: - return dso->flags; - case DSO_CTRL_SET_FLAGS: - dso->flags = (int)larg; - return(0); - case DSO_CTRL_OR_FLAGS: - dso->flags |= (int)larg; - return(0); - default: - break; - } - DSOerr(DSO_F_DL_CTRL,DSO_R_UNKNOWN_COMMAND); - return(-1); - } - #endif /* DSO_DL */ diff --git a/crypto/dso/dso_dlfcn.c b/crypto/dso/dso_dlfcn.c index e709c721cc..07bbf37456 100644 --- a/crypto/dso/dso_dlfcn.c +++ b/crypto/dso/dso_dlfcn.c @@ -82,8 +82,8 @@ static DSO_FUNC_TYPE dlfcn_bind_func(DSO *dso, const char *symname); static int dlfcn_unbind(DSO *dso, char *symname, void *symptr); static int dlfcn_init(DSO *dso); static int dlfcn_finish(DSO *dso); -#endif static long dlfcn_ctrl(DSO *dso, int cmd, long larg, void *parg); +#endif static DSO_METHOD dso_meth_dlfcn = { "OpenSSL 'dlfcn' shared library method", @@ -96,7 +96,7 @@ static DSO_METHOD dso_meth_dlfcn = { NULL, /* unbind_var */ NULL, /* unbind_func */ #endif - dlfcn_ctrl, + NULL, /* ctrl */ NULL, /* init */ NULL /* finish */ }; @@ -249,28 +249,4 @@ static DSO_FUNC_TYPE dlfcn_bind_func(DSO *dso, const char *symname) return(sym); } -static long dlfcn_ctrl(DSO *dso, int cmd, long larg, void *parg) - { - if(dso == NULL) - { - DSOerr(DSO_F_DLFCN_CTRL,ERR_R_PASSED_NULL_PARAMETER); - return(-1); - } - switch(cmd) - { - case DSO_CTRL_GET_FLAGS: - return dso->flags; - case DSO_CTRL_SET_FLAGS: - dso->flags = (int)larg; - return(0); - case DSO_CTRL_OR_FLAGS: - dso->flags |= (int)larg; - return(0); - default: - break; - } - DSOerr(DSO_F_DLFCN_CTRL,DSO_R_UNKNOWN_COMMAND); - return(-1); - } - #endif /* DSO_DLFCN */ diff --git a/crypto/dso/dso_err.c b/crypto/dso/dso_err.c index a3d7321c9b..a9b758d1c9 100644 --- a/crypto/dso/dso_err.c +++ b/crypto/dso/dso_err.c @@ -68,12 +68,10 @@ static ERR_STRING_DATA DSO_str_functs[]= { {ERR_PACK(0,DSO_F_DLFCN_BIND_FUNC,0), "DLFCN_BIND_FUNC"}, {ERR_PACK(0,DSO_F_DLFCN_BIND_VAR,0), "DLFCN_BIND_VAR"}, -{ERR_PACK(0,DSO_F_DLFCN_CTRL,0), "DLFCN_CTRL"}, {ERR_PACK(0,DSO_F_DLFCN_LOAD,0), "DLFCN_LOAD"}, {ERR_PACK(0,DSO_F_DLFCN_UNLOAD,0), "DLFCN_UNLOAD"}, {ERR_PACK(0,DSO_F_DL_BIND_FUNC,0), "DL_BIND_FUNC"}, {ERR_PACK(0,DSO_F_DL_BIND_VAR,0), "DL_BIND_VAR"}, -{ERR_PACK(0,DSO_F_DL_CTRL,0), "DL_CTRL"}, {ERR_PACK(0,DSO_F_DL_LOAD,0), "DL_LOAD"}, {ERR_PACK(0,DSO_F_DL_UNLOAD,0), "DL_UNLOAD"}, {ERR_PACK(0,DSO_F_DSO_BIND_FUNC,0), "DSO_bind_func"}, @@ -84,12 +82,10 @@ static ERR_STRING_DATA DSO_str_functs[]= {ERR_PACK(0,DSO_F_DSO_NEW_METHOD,0), "DSO_new_method"}, {ERR_PACK(0,DSO_F_DSO_UP,0), "DSO_up"}, {ERR_PACK(0,DSO_F_VMS_BIND_VAR,0), "VMS_BIND_VAR"}, -{ERR_PACK(0,DSO_F_VMS_CTRL,0), "VMS_CTRL"}, {ERR_PACK(0,DSO_F_VMS_LOAD,0), "VMS_LOAD"}, {ERR_PACK(0,DSO_F_VMS_UNLOAD,0), "VMS_UNLOAD"}, {ERR_PACK(0,DSO_F_WIN32_BIND_FUNC,0), "WIN32_BIND_FUNC"}, {ERR_PACK(0,DSO_F_WIN32_BIND_VAR,0), "WIN32_BIND_VAR"}, -{ERR_PACK(0,DSO_F_WIN32_CTRL,0), "WIN32_CTRL"}, {ERR_PACK(0,DSO_F_WIN32_LOAD,0), "WIN32_LOAD"}, {ERR_PACK(0,DSO_F_WIN32_UNLOAD,0), "WIN32_UNLOAD"}, {0,NULL} @@ -104,7 +100,6 @@ static ERR_STRING_DATA DSO_str_reasons[]= {DSO_R_NULL_HANDLE ,"a null shared library handle was used"}, {DSO_R_STACK_ERROR ,"the meth_data stack is corrupt"}, {DSO_R_SYM_FAILURE ,"could not bind to the requested symbol name"}, -{DSO_R_UNKNOWN_COMMAND ,"unknown control command"}, {DSO_R_UNLOAD_FAILED ,"could not unload the shared library"}, {DSO_R_UNSUPPORTED ,"functionality not supported"}, {0,NULL} diff --git a/crypto/dso/dso_lib.c b/crypto/dso/dso_lib.c index acd166697e..fc3d76034a 100644 --- a/crypto/dso/dso_lib.c +++ b/crypto/dso/dso_lib.c @@ -297,6 +297,22 @@ long DSO_ctrl(DSO *dso, int cmd, long larg, void *parg) DSOerr(DSO_F_DSO_CTRL,ERR_R_PASSED_NULL_PARAMETER); return(-1); } + /* We should intercept certain generic commands and only pass control + * to the method-specific ctrl() function if it's something we don't + * handle. */ + switch(cmd) + { + case DSO_CTRL_GET_FLAGS: + return dso->flags; + case DSO_CTRL_SET_FLAGS: + dso->flags = (int)larg; + return(0); + case DSO_CTRL_OR_FLAGS: + dso->flags |= (int)larg; + return(0); + default: + break; + } if((dso->meth == NULL) || (dso->meth->dso_ctrl == NULL)) { DSOerr(DSO_F_DSO_CTRL,DSO_R_UNSUPPORTED); diff --git a/crypto/dso/dso_vms.c b/crypto/dso/dso_vms.c index 8ff7090129..948f7a12bd 100644 --- a/crypto/dso/dso_vms.c +++ b/crypto/dso/dso_vms.c @@ -87,8 +87,8 @@ static int vms_unbind_var(DSO *dso, char *symname, void *symptr); static int vms_unbind_func(DSO *dso, char *symname, DSO_FUNC_TYPE symptr); static int vms_init(DSO *dso); static int vms_finish(DSO *dso); -#endif static long vms_ctrl(DSO *dso, int cmd, long larg, void *parg); +#endif static DSO_METHOD dso_meth_vms = { "OpenSSL 'VMS' shared library method", @@ -101,7 +101,7 @@ static DSO_METHOD dso_meth_vms = { NULL, /* unbind_var */ NULL, /* unbind_func */ #endif - vms_ctrl, + NULL, /* ctrl */ NULL, /* init */ NULL /* finish */ }; @@ -344,28 +344,4 @@ static DSO_FUNC_TYPE vms_bind_func(DSO *dso, const char *symname) return sym; } -static long vms_ctrl(DSO *dso, int cmd, long larg, void *parg) - { - if(dso == NULL) - { - DSOerr(DSO_F_VMS_CTRL,ERR_R_PASSED_NULL_PARAMETER); - return(-1); - } - switch(cmd) - { - case DSO_CTRL_GET_FLAGS: - return dso->flags; - case DSO_CTRL_SET_FLAGS: - dso->flags = (int)larg; - return(0); - case DSO_CTRL_OR_FLAGS: - dso->flags |= (int)larg; - return(0); - default: - break; - } - DSOerr(DSO_F_VMS_CTRL,DSO_R_UNKNOWN_COMMAND); - return(-1); - } - #endif /* VMS */ diff --git a/crypto/dso/dso_win32.c b/crypto/dso/dso_win32.c index 7f1d904806..412693dda6 100644 --- a/crypto/dso/dso_win32.c +++ b/crypto/dso/dso_win32.c @@ -80,8 +80,8 @@ static int win32_unbind_var(DSO *dso, char *symname, void *symptr); static int win32_unbind_func(DSO *dso, char *symname, DSO_FUNC_TYPE symptr); static int win32_init(DSO *dso); static int win32_finish(DSO *dso); -#endif static long win32_ctrl(DSO *dso, int cmd, long larg, void *parg); +#endif static DSO_METHOD dso_meth_win32 = { "OpenSSL 'win32' shared library method", @@ -94,7 +94,7 @@ static DSO_METHOD dso_meth_win32 = { NULL, /* unbind_var */ NULL, /* unbind_func */ #endif - win32_ctrl, + NULL, /* ctrl */ NULL, /* init */ NULL /* finish */ }; @@ -246,28 +246,4 @@ static DSO_FUNC_TYPE win32_bind_func(DSO *dso, const char *symname) return((DSO_FUNC_TYPE)sym); } -static long win32_ctrl(DSO *dso, int cmd, long larg, void *parg) - { - if(dso == NULL) - { - DSOerr(DSO_F_WIN32_CTRL,ERR_R_PASSED_NULL_PARAMETER); - return(-1); - } - switch(cmd) - { - case DSO_CTRL_GET_FLAGS: - return dso->flags; - case DSO_CTRL_SET_FLAGS: - dso->flags = (int)larg; - return(0); - case DSO_CTRL_OR_FLAGS: - dso->flags |= (int)larg; - return(0); - default: - break; - } - DSOerr(DSO_F_WIN32_CTRL,DSO_R_UNKNOWN_COMMAND); - return(-1); - } - #endif /* WIN32 */ diff --git a/crypto/err/Makefile.ssl b/crypto/err/Makefile.ssl index c4cfaef3f0..0e6d307e3b 100644 --- a/crypto/err/Makefile.ssl +++ b/crypto/err/Makefile.ssl @@ -39,7 +39,8 @@ all: lib lib: $(LIBOBJ) $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) + @echo You may get an error following this line. Please ignore. + - $(RANLIB) $(LIB) @touch lib files: diff --git a/crypto/evp/Makefile.ssl b/crypto/evp/Makefile.ssl index 747051e4f1..fb9945db16 100644 --- a/crypto/evp/Makefile.ssl +++ b/crypto/evp/Makefile.ssl @@ -58,7 +58,8 @@ all: lib lib: $(LIBOBJ) $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) + @echo You may get an error following this line. Please ignore. + - $(RANLIB) $(LIB) @touch lib files: diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h index f5b938d2f8..cdf5f3cf89 100644 --- a/crypto/evp/evp.h +++ b/crypto/evp/evp.h @@ -463,12 +463,20 @@ typedef int (EVP_PBE_KEYGEN)(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, ASN1_TYPE *param, EVP_CIPHER *cipher, EVP_MD *md, int en_de); +#ifndef NO_RSA #define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\ (char *)(rsa)) +#endif + +#ifndef NO_DSA #define EVP_PKEY_assign_DSA(pkey,dsa) EVP_PKEY_assign((pkey),EVP_PKEY_DSA,\ (char *)(dsa)) +#endif + +#ifndef NO_DH #define EVP_PKEY_assign_DH(pkey,dh) EVP_PKEY_assign((pkey),EVP_PKEY_DH,\ (char *)(dh)) +#endif /* Add some extra combinations */ #define EVP_get_digestbynid(a) EVP_get_digestbyname(OBJ_nid2sn(a)) @@ -612,17 +620,29 @@ void BIO_set_cipher(BIO *b,const EVP_CIPHER *c,unsigned char *k, #endif EVP_MD *EVP_md_null(void); +#ifndef NO_MD2 EVP_MD *EVP_md2(void); +#endif +#ifndef NO_MD4 EVP_MD *EVP_md4(void); +#endif +#ifndef NO_MD5 EVP_MD *EVP_md5(void); +#endif +#ifndef NO_SHA EVP_MD *EVP_sha(void); EVP_MD *EVP_sha1(void); EVP_MD *EVP_dss(void); EVP_MD *EVP_dss1(void); +#endif +#ifndef NO_MDC2 EVP_MD *EVP_mdc2(void); +#endif +#ifndef NO_RIPEMD EVP_MD *EVP_ripemd160(void); - +#endif EVP_CIPHER *EVP_enc_null(void); /* does nothing :-) */ +#ifndef NO_DES EVP_CIPHER *EVP_des_ecb(void); EVP_CIPHER *EVP_des_ede(void); EVP_CIPHER *EVP_des_ede3(void); @@ -636,31 +656,43 @@ EVP_CIPHER *EVP_des_cbc(void); EVP_CIPHER *EVP_des_ede_cbc(void); EVP_CIPHER *EVP_des_ede3_cbc(void); EVP_CIPHER *EVP_desx_cbc(void); +#endif +#ifndef NO_RC4 EVP_CIPHER *EVP_rc4(void); EVP_CIPHER *EVP_rc4_40(void); +#endif +#ifndef NO_IDEA EVP_CIPHER *EVP_idea_ecb(void); EVP_CIPHER *EVP_idea_cfb(void); EVP_CIPHER *EVP_idea_ofb(void); EVP_CIPHER *EVP_idea_cbc(void); +#endif +#ifndef NO_RC2 EVP_CIPHER *EVP_rc2_ecb(void); EVP_CIPHER *EVP_rc2_cbc(void); EVP_CIPHER *EVP_rc2_40_cbc(void); EVP_CIPHER *EVP_rc2_64_cbc(void); EVP_CIPHER *EVP_rc2_cfb(void); EVP_CIPHER *EVP_rc2_ofb(void); +#endif +#ifndef NO_BF EVP_CIPHER *EVP_bf_ecb(void); EVP_CIPHER *EVP_bf_cbc(void); EVP_CIPHER *EVP_bf_cfb(void); EVP_CIPHER *EVP_bf_ofb(void); +#endif +#ifndef NO_CAST EVP_CIPHER *EVP_cast5_ecb(void); EVP_CIPHER *EVP_cast5_cbc(void); EVP_CIPHER *EVP_cast5_cfb(void); EVP_CIPHER *EVP_cast5_ofb(void); +#endif +#ifndef NO_RC5 EVP_CIPHER *EVP_rc5_32_12_16_cbc(void); EVP_CIPHER *EVP_rc5_32_12_16_ecb(void); EVP_CIPHER *EVP_rc5_32_12_16_cfb(void); EVP_CIPHER *EVP_rc5_32_12_16_ofb(void); - +#endif void OpenSSL_add_all_algorithms(void); void OpenSSL_add_all_ciphers(void); void OpenSSL_add_all_digests(void); diff --git a/crypto/hmac/Makefile.ssl b/crypto/hmac/Makefile.ssl index 430eab4c9a..ed3c8c64d1 100644 --- a/crypto/hmac/Makefile.ssl +++ b/crypto/hmac/Makefile.ssl @@ -39,7 +39,8 @@ all: lib lib: $(LIBOBJ) $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) + @echo You may get an error following this line. Please ignore. + - $(RANLIB) $(LIB) @touch lib files: diff --git a/crypto/idea/Makefile.ssl b/crypto/idea/Makefile.ssl index 3bd3e53ef4..d29bcd6874 100644 --- a/crypto/idea/Makefile.ssl +++ b/crypto/idea/Makefile.ssl @@ -39,7 +39,8 @@ all: lib lib: $(LIBOBJ) $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) + @echo You may get an error following this line. Please ignore. + - $(RANLIB) $(LIB) @touch lib files: diff --git a/crypto/lhash/Makefile.ssl b/crypto/lhash/Makefile.ssl index d7a51db3ee..60bb6b12e4 100644 --- a/crypto/lhash/Makefile.ssl +++ b/crypto/lhash/Makefile.ssl @@ -39,7 +39,8 @@ all: lib lib: $(LIBOBJ) $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) + @echo You may get an error following this line. Please ignore. + - $(RANLIB) $(LIB) @touch lib files: diff --git a/crypto/md2/Makefile.ssl b/crypto/md2/Makefile.ssl index c25ab74a38..8b382c35ff 100644 --- a/crypto/md2/Makefile.ssl +++ b/crypto/md2/Makefile.ssl @@ -39,7 +39,8 @@ all: lib lib: $(LIBOBJ) $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) + @echo You may get an error following this line. Please ignore. + - $(RANLIB) $(LIB) @touch lib files: diff --git a/crypto/md4/Makefile.ssl b/crypto/md4/Makefile.ssl index 5341bf5b46..bc38badb0a 100644 --- a/crypto/md4/Makefile.ssl +++ b/crypto/md4/Makefile.ssl @@ -40,7 +40,8 @@ all: lib lib: $(LIBOBJ) $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) + @echo You may get an error following this line. Please ignore. + - $(RANLIB) $(LIB) @touch lib files: diff --git a/crypto/md5/Makefile.ssl b/crypto/md5/Makefile.ssl index 92ffc0b502..e5ec4a21ae 100644 --- a/crypto/md5/Makefile.ssl +++ b/crypto/md5/Makefile.ssl @@ -50,7 +50,8 @@ all: lib lib: $(LIBOBJ) $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) + @echo You may get an error following this line. Please ignore. + - $(RANLIB) $(LIB) @touch lib # elf diff --git a/crypto/mdc2/Makefile.ssl b/crypto/mdc2/Makefile.ssl index a50de0f42a..4b1b3e3696 100644 --- a/crypto/mdc2/Makefile.ssl +++ b/crypto/mdc2/Makefile.ssl @@ -39,7 +39,8 @@ all: lib lib: $(LIBOBJ) $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) + @echo You may get an error following this line. Please ignore. + - $(RANLIB) $(LIB) @touch lib files: diff --git a/crypto/objects/Makefile.ssl b/crypto/objects/Makefile.ssl index 47fdc34eec..1b43d8027b 100644 --- a/crypto/objects/Makefile.ssl +++ b/crypto/objects/Makefile.ssl @@ -39,7 +39,8 @@ all: obj_dat.h lib lib: $(LIBOBJ) $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) + @echo You may get an error following this line. Please ignore. + - $(RANLIB) $(LIB) @touch lib files: diff --git a/crypto/opensslv.h b/crypto/opensslv.h index 6b5aedeea6..c23a7b191f 100644 --- a/crypto/opensslv.h +++ b/crypto/opensslv.h @@ -25,8 +25,8 @@ * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for * major minor fix final patch/beta) */ -#define OPENSSL_VERSION_NUMBER 0x0090600fL -#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.6 [engine] 24 Sep 2000" +#define OPENSSL_VERSION_NUMBER 0x00907000L +#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.7-dev [engine] 24 Sep 2000" #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT diff --git a/crypto/pem/Makefile.ssl b/crypto/pem/Makefile.ssl index ed89109218..111dbc1ae4 100644 --- a/crypto/pem/Makefile.ssl +++ b/crypto/pem/Makefile.ssl @@ -40,7 +40,8 @@ all: lib lib: $(LIBOBJ) $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) + @echo You may get an error following this line. Please ignore. + - $(RANLIB) $(LIB) @touch lib files: diff --git a/crypto/pkcs12/Makefile.ssl b/crypto/pkcs12/Makefile.ssl index 8f42d3044d..c92dd27639 100644 --- a/crypto/pkcs12/Makefile.ssl +++ b/crypto/pkcs12/Makefile.ssl @@ -45,7 +45,8 @@ all: lib lib: $(LIBOBJ) $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) + @echo You may get an error following this line. Please ignore. + - $(RANLIB) $(LIB) @touch lib files: diff --git a/crypto/pkcs7/Makefile.ssl b/crypto/pkcs7/Makefile.ssl index 1757fc39ac..5e8a6808d3 100644 --- a/crypto/pkcs7/Makefile.ssl +++ b/crypto/pkcs7/Makefile.ssl @@ -58,7 +58,8 @@ verify: verify.o example.o lib lib: $(LIBOBJ) $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) + @echo You may get an error following this line. Please ignore. + - $(RANLIB) $(LIB) @touch lib files: diff --git a/crypto/rand/Makefile.ssl b/crypto/rand/Makefile.ssl index cffd57154e..ee2d7874ff 100644 --- a/crypto/rand/Makefile.ssl +++ b/crypto/rand/Makefile.ssl @@ -39,7 +39,8 @@ all: lib lib: $(LIBOBJ) $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) + @echo You may get an error following this line. Please ignore. + - $(RANLIB) $(LIB) @touch lib files: diff --git a/crypto/rc2/Makefile.ssl b/crypto/rc2/Makefile.ssl index 542397d69a..6966e01b6f 100644 --- a/crypto/rc2/Makefile.ssl +++ b/crypto/rc2/Makefile.ssl @@ -39,7 +39,8 @@ all: lib lib: $(LIBOBJ) $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) + @echo You may get an error following this line. Please ignore. + - $(RANLIB) $(LIB) @touch lib files: diff --git a/crypto/rc4/Makefile.ssl b/crypto/rc4/Makefile.ssl index 53eac2064a..8ffff0a74e 100644 --- a/crypto/rc4/Makefile.ssl +++ b/crypto/rc4/Makefile.ssl @@ -47,7 +47,8 @@ all: lib lib: $(LIBOBJ) $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) + @echo You may get an error following this line. Please ignore. + - $(RANLIB) $(LIB) @touch lib # elf diff --git a/crypto/rc5/Makefile.ssl b/crypto/rc5/Makefile.ssl index 3d16856029..cf5d176859 100644 --- a/crypto/rc5/Makefile.ssl +++ b/crypto/rc5/Makefile.ssl @@ -44,7 +44,8 @@ all: lib lib: $(LIBOBJ) $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) + @echo You may get an error following this line. Please ignore. + - $(RANLIB) $(LIB) @touch lib # elf diff --git a/crypto/ripemd/Makefile.ssl b/crypto/ripemd/Makefile.ssl index 4bd78dd6fd..0b1cd73941 100644 --- a/crypto/ripemd/Makefile.ssl +++ b/crypto/ripemd/Makefile.ssl @@ -42,7 +42,8 @@ all: lib lib: $(LIBOBJ) $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) + @echo You may get an error following this line. Please ignore. + - $(RANLIB) $(LIB) @touch lib # elf diff --git a/crypto/rsa/Makefile.ssl b/crypto/rsa/Makefile.ssl index 71454a724f..faae0b21d9 100644 --- a/crypto/rsa/Makefile.ssl +++ b/crypto/rsa/Makefile.ssl @@ -41,7 +41,8 @@ all: lib lib: $(LIBOBJ) $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) + @echo You may get an error following this line. Please ignore. + - $(RANLIB) $(LIB) @touch lib files: diff --git a/crypto/sha/Makefile.ssl b/crypto/sha/Makefile.ssl index 0e6e7b8940..75d3e0bf4f 100644 --- a/crypto/sha/Makefile.ssl +++ b/crypto/sha/Makefile.ssl @@ -42,7 +42,8 @@ all: lib lib: $(LIBOBJ) $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) + @echo You may get an error following this line. Please ignore. + - $(RANLIB) $(LIB) @touch lib # elf diff --git a/crypto/stack/Makefile.ssl b/crypto/stack/Makefile.ssl index 69d0a1cf68..2027d3946c 100644 --- a/crypto/stack/Makefile.ssl +++ b/crypto/stack/Makefile.ssl @@ -39,7 +39,8 @@ all: lib lib: $(LIBOBJ) $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) + @echo You may get an error following this line. Please ignore. + - $(RANLIB) $(LIB) @touch lib files: diff --git a/crypto/txt_db/Makefile.ssl b/crypto/txt_db/Makefile.ssl index 0e900ce748..567202abb7 100644 --- a/crypto/txt_db/Makefile.ssl +++ b/crypto/txt_db/Makefile.ssl @@ -39,7 +39,8 @@ all: lib lib: $(LIBOBJ) $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) + @echo You may get an error following this line. Please ignore. + - $(RANLIB) $(LIB) @touch lib files: diff --git a/crypto/x509/Makefile.ssl b/crypto/x509/Makefile.ssl index f8e59666c9..55356c680b 100644 --- a/crypto/x509/Makefile.ssl +++ b/crypto/x509/Makefile.ssl @@ -49,7 +49,8 @@ all: lib lib: $(LIBOBJ) $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) + @echo You may get an error following this line. Please ignore. + - $(RANLIB) $(LIB) @touch lib files: diff --git a/crypto/x509/x509.h b/crypto/x509/x509.h index 813c8adffd..6b053359b7 100644 --- a/crypto/x509/x509.h +++ b/crypto/x509/x509.h @@ -320,6 +320,21 @@ DECLARE_STACK_OF(X509_TRUST) #define X509_TRUST_REJECTED 2 #define X509_TRUST_UNTRUSTED 3 +/* Flags for X509_print_ex() */ + +#define X509_FLAG_COMPAT 0 +#define X509_FLAG_NO_HEADER 1L +#define X509_FLAG_NO_VERSION (1L << 1) +#define X509_FLAG_NO_SERIAL (1L << 2) +#define X509_FLAG_NO_SIGNAME (1L << 3) +#define X509_FLAG_NO_ISSUER (1L << 4) +#define X509_FLAG_NO_VALIDITY (1L << 5) +#define X509_FLAG_NO_SUBJECT (1L << 6) +#define X509_FLAG_NO_PUBKEY (1L << 7) +#define X509_FLAG_NO_EXTENSIONS (1L << 8) +#define X509_FLAG_NO_SIGDUMP (1L << 9) +#define X509_FLAG_NO_AUX (1L << 10) + /* Flags specific to X509_NAME_print_ex() */ /* The field separator information */ @@ -1034,6 +1049,7 @@ unsigned long X509_NAME_hash(X509_NAME *x); int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b); #ifndef NO_FP_API +int X509_print_ex_fp(FILE *bp,X509 *x, unsigned long nmflag, unsigned long cflag); int X509_print_fp(FILE *bp,X509 *x); int X509_CRL_print_fp(FILE *bp,X509_CRL *x); int X509_REQ_print_fp(FILE *bp,X509_REQ *req); @@ -1043,6 +1059,7 @@ int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, unsigned long fla #ifndef NO_BIO int X509_NAME_print(BIO *bp, X509_NAME *name, int obase); int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent, unsigned long flags); +int X509_print_ex(BIO *bp,X509 *x, unsigned long nmflag, unsigned long cflag); int X509_print(BIO *bp,X509 *x); int X509_CERT_AUX_print(BIO *bp,X509_CERT_AUX *x, int indent); int X509_CRL_print(BIO *bp,X509_CRL *x); diff --git a/crypto/x509v3/Makefile.ssl b/crypto/x509v3/Makefile.ssl index 483df46fd4..8ed3665049 100644 --- a/crypto/x509v3/Makefile.ssl +++ b/crypto/x509v3/Makefile.ssl @@ -43,7 +43,8 @@ all: lib lib: $(LIBOBJ) $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) + @echo You may get an error following this line. Please ignore. + - $(RANLIB) $(LIB) @touch lib files: diff --git a/crypto/x509v3/v3_prn.c b/crypto/x509v3/v3_prn.c index dbc4fb1f16..5416f662d3 100644 --- a/crypto/x509v3/v3_prn.c +++ b/crypto/x509v3/v3_prn.c @@ -64,6 +64,8 @@ /* Extension printing routines */ +static int unknown_ext_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, int indent, int supported); + /* Print out a name+value stack */ void X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent, int ml) @@ -96,16 +98,18 @@ void X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent, int ml) /* Main routine: print out a general extension */ -int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, int flag, int indent) +int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, int indent) { char *ext_str = NULL, *value = NULL; unsigned char *p; X509V3_EXT_METHOD *method; STACK_OF(CONF_VALUE) *nval = NULL; int ok = 1; - if(!(method = X509V3_EXT_get(ext))) return 0; + if(!(method = X509V3_EXT_get(ext))) + return unknown_ext_print(out, ext, flag, indent, 0); p = ext->value->data; - if(!(ext_str = method->d2i(NULL, &p, ext->value->length))) return 0; + if(!(ext_str = method->d2i(NULL, &p, ext->value->length))) + return unknown_ext_print(out, ext, flag, indent, 1); if(method->i2s) { if(!(value = method->i2s(method, ext_str))) { ok = 0; @@ -138,6 +142,32 @@ int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, int flag, int indent) return ok; } +static int unknown_ext_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, int indent, int supported) +{ + switch(flag & X509V3_EXT_UNKNOWN_MASK) { + + case X509V3_EXT_DEFAULT: + return 0; + + case X509V3_EXT_ERROR_UNKNOWN: + if(supported) + BIO_printf(out, "%*s", indent, ""); + else + BIO_printf(out, "%*s", indent, ""); + return 1; + + case X509V3_EXT_PARSE_UNKNOWN: + return ASN1_parse_dump(out, + ext->value->data, ext->value->length, indent, -1); + case X509V3_EXT_DUMP_UNKNOWN: + return BIO_dump_indent(out, (char *)ext->value->data, ext->value->length, indent); + + default: + return 1; + } +} + + #ifndef NO_FP_API int X509V3_EXT_print_fp(FILE *fp, X509_EXTENSION *ext, int flag, int indent) { diff --git a/crypto/x509v3/x509v3.h b/crypto/x509v3/x509v3.h index 0453b12d63..4c3edc3daf 100644 --- a/crypto/x509v3/x509v3.h +++ b/crypto/x509v3/x509v3.h @@ -352,6 +352,18 @@ typedef struct x509_purpose_st { #define X509_PURPOSE_MIN 1 #define X509_PURPOSE_MAX 7 +/* Flags for X509V3_EXT_print() */ + +#define X509V3_EXT_UNKNOWN_MASK (0xfL << 16) +/* Return error for unknown extensions */ +#define X509V3_EXT_DEFAULT 0 +/* Print error for unknown extensions */ +#define X509V3_EXT_ERROR_UNKNOWN (1L << 16) +/* ASN1 parse unknown extensions */ +#define X509V3_EXT_PARSE_UNKNOWN (2L << 16) +/* BIO_dump unknown extensions */ +#define X509V3_EXT_DUMP_UNKNOWN (3L << 16) + DECLARE_STACK_OF(X509_PURPOSE) void ERR_load_X509V3_strings(void); @@ -528,7 +540,7 @@ int name_cmp(const char *name, const char *cmp); void X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent, int ml); -int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, int flag, int indent); +int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, int indent); int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent); int X509_check_purpose(X509 *x, int id, int ca); diff --git a/doc/crypto/des.pod b/doc/crypto/des.pod index ab3e26e9ec..99080391b1 100644 --- a/doc/crypto/des.pod +++ b/doc/crypto/des.pod @@ -345,7 +345,7 @@ the MIT Kerberos library. =head1 SEE ALSO -crypt(3), L, L, L +crypt(3), L, L, L =head1 HISTORY diff --git a/doc/crypto/evp.pod b/doc/crypto/evp.pod index f089dd49a2..edf47dbde6 100644 --- a/doc/crypto/evp.pod +++ b/doc/crypto/evp.pod @@ -10,7 +10,7 @@ evp - high-level cryptographic functions =head1 DESCRIPTION -The EVP library provided a high-level interface to cryptographic +The EVP library provides a high-level interface to cryptographic functions. BI<...> and BI<...> provide public key encryption diff --git a/doc/ssl/SSL_pending.pod b/doc/ssl/SSL_pending.pod index 744e1855e1..6c03b14caf 100644 --- a/doc/ssl/SSL_pending.pod +++ b/doc/ssl/SSL_pending.pod @@ -25,6 +25,19 @@ L. The number of bytes pending is returned. +=head1 BUGS + +SSL_pending() takes into account only bytes from the TLS/SSL record +that is currently being processed (if any). If the B object's +I flag is set, additional protocol bytes may have been +read containing more TLS/SSL records; these are ignored by +SSL_pending(). + +SSL_pending() does not check if the record type of pending data is +application data. + +=head1 SEE ALSO + L, L =cut diff --git a/doc/ssl/ssl.pod b/doc/ssl/ssl.pod index 8ffe5904d5..a4a3959dc0 100644 --- a/doc/ssl/ssl.pod +++ b/doc/ssl/ssl.pod @@ -625,15 +625,21 @@ connection defined in the B structure. L, L, L, L, -L, L, +L, +L +L, +L L, L, +L, L, L, L, L, L, L, -L, L, +L, +L, +L, L, L, L, L, L, diff --git a/e_os.h b/e_os.h index 0c0784f9a9..f44f39300c 100644 --- a/e_os.h +++ b/e_os.h @@ -355,12 +355,14 @@ extern HINSTANCE _hInstance; # if defined(VMS) && !defined(__DECC) # include # include +# include # else # include # ifdef FILIO_H # include /* Added for FIONBIO under unixware */ # endif # include +# include # endif # if defined(NeXT) || defined(_NEXT_SOURCE) @@ -448,19 +450,6 @@ extern char *sys_errlist[]; extern int sys_nerr; #define IRIX_CC_BUG /* CDS++ up to V2.0Bsomething suffered from the same bug.*/ #endif -#ifdef NO_MD2 -#define MD2_Init MD2Init -#define MD2_Update MD2Update -#define MD2_Final MD2Final -#define MD2_DIGEST_LENGTH 16 -#endif -#ifdef NO_MD5 -#define MD5_Init MD5Init -#define MD5_Update MD5Update -#define MD5_Final MD5Final -#define MD5_DIGEST_LENGTH 16 -#endif - #ifdef __cplusplus } #endif diff --git a/ms/test.bat b/ms/test.bat index ef37beaa22..8f69194283 100755 --- a/ms/test.bat +++ b/ms/test.bat @@ -1,4 +1,4 @@ -@echo=off +@echo off set test=..\ms set opath=%PATH% diff --git a/openssl.spec b/openssl.spec index 1c8f4e9d81..33a47116d6 100644 --- a/openssl.spec +++ b/openssl.spec @@ -96,8 +96,8 @@ perl util/perlpath.pl /usr/bin/perl #!#./Configure %{CONFIG_FLAGS} --openssldir=%{openssldir} linux-ppc shared %endif %ifarch alpha -./Configure %{CONFIG_FLAGS} --openssldir=%{openssldir} linux-alpha -#!#./Configure %{CONFIG_FLAGS} --openssldir=%{openssldir} linux-alpha shared +./Configure %{CONFIG_FLAGS} --openssldir=%{openssldir} linux-alpha-gcc +#!#./Configure %{CONFIG_FLAGS} --openssldir=%{openssldir} linux-alpha-gcc shared %endif LD_LIBRARY_PATH=`pwd` make LD_LIBRARY_PATH=`pwd` make rehash diff --git a/rsaref/Makefile.ssl b/rsaref/Makefile.ssl index 69d41a9a6d..8f27c48a5a 100644 --- a/rsaref/Makefile.ssl +++ b/rsaref/Makefile.ssl @@ -39,7 +39,8 @@ all: lib lib: $(LIBOBJ) $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) + @echo You may get an error following this line. Please ignore. + - $(RANLIB) $(LIB) @touch lib files: diff --git a/ssl/Makefile.ssl b/ssl/Makefile.ssl index 04dd3e8663..61b9cee090 100644 --- a/ssl/Makefile.ssl +++ b/ssl/Makefile.ssl @@ -55,7 +55,8 @@ all: lib lib: $(LIBOBJ) $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) + @echo You may get an error following this line. Please ignore. + - $(RANLIB) $(LIB) @touch lib files: diff --git a/ssl/ssl.h b/ssl/ssl.h index fdbdc70ba7..87e609ed37 100644 --- a/ssl/ssl.h +++ b/ssl/ssl.h @@ -1178,7 +1178,7 @@ int SSL_get_ex_data_X509_STORE_CTX_idx(void ); #define SSL_CTX_get_read_ahead(ctx) \ SSL_CTX_ctrl(ctx,SSL_CTRL_GET_READ_AHEAD,0,NULL) #define SSL_CTX_set_read_ahead(ctx,m) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_SET_READ_AHEAD,0,NULL) + SSL_CTX_ctrl(ctx,SSL_CTRL_SET_READ_AHEAD,m,NULL) /* NB: the keylength is only applicable when is_export is true */ #ifndef NO_RSA diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 635b25062e..fec98dd8f4 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -119,7 +119,9 @@ int SSL_clear(SSL *s) s->client_version=s->version; s->rwstate=SSL_NOTHING; s->rstate=SSL_ST_READ_HEADER; +#if 0 s->read_ahead=s->ctx->read_ahead; +#endif if (s->init_buf != NULL) { @@ -229,6 +231,7 @@ SSL *SSL_new(SSL_CTX *ctx) s->server=(ctx->method->ssl_accept == ssl_undefined_function)?0:1; s->options=ctx->options; s->mode=ctx->mode; + s->read_ahead=ctx->read_ahead; /* used to happen in SSL_clear */ SSL_clear(s); CRYPTO_new_ex_data(ssl_meth,s,&s->ex_data); diff --git a/util/libeay.num b/util/libeay.num index e8eebbf50c..e278b11fc3 100755 --- a/util/libeay.num +++ b/util/libeay.num @@ -301,8 +301,8 @@ EVP_des_ede_cfb 308 EXIST::FUNCTION:DES EVP_des_ede_ofb 309 EXIST::FUNCTION:DES EVP_des_ofb 310 EXIST::FUNCTION:DES EVP_desx_cbc 311 EXIST::FUNCTION:DES -EVP_dss 312 EXIST::FUNCTION:DSA -EVP_dss1 313 EXIST::FUNCTION:DSA +EVP_dss 312 EXIST::FUNCTION:DSA,SHA +EVP_dss1 313 EXIST::FUNCTION:DSA,SHA EVP_enc_null 314 EXIST::FUNCTION: EVP_get_cipherbyname 315 EXIST::FUNCTION: EVP_get_digestbyname 316 EXIST::FUNCTION: @@ -926,7 +926,7 @@ PKCS7_add_signature 938 EXIST::FUNCTION: PKCS7_cert_from_signer_info 939 EXIST::FUNCTION: PKCS7_get_signer_info 940 EXIST::FUNCTION: EVP_delete_alias 941 NOEXIST::FUNCTION: -EVP_mdc2 942 EXIST::FUNCTION: +EVP_mdc2 942 EXIST::FUNCTION:MDC2 PEM_read_bio_RSAPublicKey 943 EXIST::FUNCTION:RSA PEM_write_bio_RSAPublicKey 944 EXIST::FUNCTION:RSA d2i_RSAPublicKey_bio 945 EXIST::FUNCTION:RSA diff --git a/util/mkdef.pl b/util/mkdef.pl index cc41a1813e..ba453358cf 100755 --- a/util/mkdef.pl +++ b/util/mkdef.pl @@ -119,7 +119,7 @@ foreach (@ARGV, split(/ /, $options)) elsif (/^no-rc4$/) { $no_rc4=1; } elsif (/^no-rc5$/) { $no_rc5=1; } elsif (/^no-idea$/) { $no_idea=1; } - elsif (/^no-des$/) { $no_des=1; } + elsif (/^no-des$/) { $no_des=1; $no_mdc2=1; } elsif (/^no-bf$/) { $no_bf=1; } elsif (/^no-cast$/) { $no_cast=1; } elsif (/^no-md2$/) { $no_md2=1; } @@ -705,7 +705,8 @@ EOF } else { (my $n, my $i) = split /\\/, $nums{$s}; my %pf = (); - my @p = split(/,/, ($i =~ /^.*?:(.*?):/,$1)); + my @p = split(/,/, ($i =~ /^[^:]*:([^:]*):/,$1)); + my @a = split(/,/, ($i =~ /^[^:]*:[^:]*:[^:]*:([^:]*)/,$1)); # @p_purged must contain hardware platforms only my @p_purged = (); foreach $ptmp (@p) { @@ -727,7 +728,26 @@ EOF || (!$negatives && ($rsaref || !grep(/^RSAREF$/,@p))) || ($negatives - && (!$rsaref || !grep(/^!RSAREF$/,@p))))) { + && (!$rsaref || !grep(/^!RSAREF$/,@p)))) + && (!@a || (!$no_rc2 || !grep(/^RC2$/,@a))) + && (!@a || (!$no_rc4 || !grep(/^RC4$/,@a))) + && (!@a || (!$no_rc5 || !grep(/^RC5$/,@a))) + && (!@a || (!$no_idea || !grep(/^IDEA$/,@a))) + && (!@a || (!$no_des || !grep(/^DES$/,@a))) + && (!@a || (!$no_bf || !grep(/^BF$/,@a))) + && (!@a || (!$no_cast || !grep(/^CAST$/,@a))) + && (!@a || (!$no_md2 || !grep(/^MD2$/,@a))) + && (!@a || (!$no_md4 || !grep(/^MD4$/,@a))) + && (!@a || (!$no_md5 || !grep(/^MD5$/,@a))) + && (!@a || (!$no_sha || !grep(/^SHA$/,@a))) + && (!@a || (!$no_ripemd || !grep(/^RIPEMD$/,@a))) + && (!@a || (!$no_mdc2 || !grep(/^MDC2$/,@a))) + && (!@a || (!$no_rsa || !grep(/^RSA$/,@a))) + && (!@a || (!$no_dsa || !grep(/^DSA$/,@a))) + && (!@a || (!$no_dh || !grep(/^DH$/,@a))) + && (!@a || (!$no_hmac || !grep(/^HMAC$/,@a))) + && (!@a || (!$no_fp_api || !grep(/^FP_API$/,@a))) + ) { printf OUT " %s%-40s@%d\n",($W32)?"":"_",$s,$n; # } else { # print STDERR "DEBUG: \"$sym\" (@p):", -- 2.25.1