From b5b000d77e05a9321bf847da4aa4efc9a0722091 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Tue, 23 Jul 2002 14:49:57 +0000 Subject: [PATCH] Merge in recent changes from OpenSSL_0_9_6-stable. --- Makefile.org | 2 +- TABLE | 4 ++-- apps/apps.c | 7 ++++--- doc/crypto/RSA_check_key.pod | 19 ------------------- doc/ssl/SSL_accept.pod | 1 + doc/ssl/SSL_connect.pod | 1 + doc/ssl/SSL_set_connect_state.pod | 1 + doc/ssl/SSL_write.pod | 3 +++ doc/ssl/ssl.pod | 1 + ssl/ssl.h | 2 -- 10 files changed, 14 insertions(+), 27 deletions(-) diff --git a/Makefile.org b/Makefile.org index 55581041b9..1ad6f3b76b 100644 --- a/Makefile.org +++ b/Makefile.org @@ -664,7 +664,7 @@ install: all install_docs ( echo installing $$i; \ if [ "$(PLATFORM)" != "Cygwin" ]; then \ cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i; \ + chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i; \ else \ c=`echo $$i | sed 's/^lib/cyg/'`; \ cp $$c $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c; \ diff --git a/TABLE b/TABLE index 73fb17babe..3a31748883 100644 --- a/TABLE +++ b/TABLE @@ -1106,7 +1106,7 @@ $ranlib = *** darwin-ppc-cc $cc = cc -$cflags = -O3 -D_DARWIN -DB_ENDIAN +$cflags = -O3 -D_DARWIN -DB_ENDIAN -fno-common $unistd = $thread_cflag = -D_REENTRANT $lflags = @@ -3124,7 +3124,7 @@ $rc5_obj = $dso_scheme = dlfcn $shared_target= solaris-shared $shared_cflag = -fPIC -$shared_ldflag = +$shared_ldflag = -m64 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR) $ranlib = diff --git a/apps/apps.c b/apps/apps.c index be00a89b91..0aaacc04e4 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -764,7 +764,7 @@ int set_name_ex(unsigned long *flags, const char *arg) void print_name(BIO *out, char *title, X509_NAME *nm, unsigned long lflags) { - char buf[256]; + char *buf; char mline = 0; int indent = 0; if(title) BIO_puts(out, title); @@ -773,9 +773,10 @@ void print_name(BIO *out, char *title, X509_NAME *nm, unsigned long lflags) indent = 4; } if(lflags == XN_FLAG_COMPAT) { - X509_NAME_oneline(nm,buf,256); - BIO_puts(out,buf); + buf = X509_NAME_oneline(nm, 0, 0); + BIO_puts(out, buf); BIO_puts(out, "\n"); + OPENSSL_free(buf); } else { if(mline) BIO_puts(out, "\n"); X509_NAME_print_ex(out, nm, indent, lflags); diff --git a/doc/crypto/RSA_check_key.pod b/doc/crypto/RSA_check_key.pod index 3d824a07f5..d2db47e978 100644 --- a/doc/crypto/RSA_check_key.pod +++ b/doc/crypto/RSA_check_key.pod @@ -37,25 +37,6 @@ and public exponent elements populated. It performs integrity checks on all the RSA key material, so the RSA key structure must contain all the private key data too. -Unlike most other RSA functions, this function does B work -transparently with any underlying ENGINE implementation because it uses the -key data in the RSA structure directly. An ENGINE implementation can -override the way key data is stored and handled, and can even provide -support for HSM keys - in which case the RSA structure may contain B -key data at all! If the ENGINE in question is only being used for -acceleration or analysis purposes, then in all likelihood the RSA key data -is complete and untouched, but this can't be assumed in the general case. - -=head1 BUGS - -A method of verifying the RSA key using opaque RSA API functions might need -to be considered. Right now RSA_check_key() simply uses the RSA structure -elements directly, bypassing the RSA_METHOD table altogether (and -completely violating encapsulation and object-orientation in the process). -The best fix will probably be to introduce a "check_key()" handler to the -RSA_METHOD function table so that alternative implementations can also -provide their own verifiers. - =head1 SEE ALSO L, L diff --git a/doc/ssl/SSL_accept.pod b/doc/ssl/SSL_accept.pod index ac6caf9baa..a673edba85 100644 --- a/doc/ssl/SSL_accept.pod +++ b/doc/ssl/SSL_accept.pod @@ -69,6 +69,7 @@ to find out the reason. L, L, L, L, L, L, +L, L =cut diff --git a/doc/ssl/SSL_connect.pod b/doc/ssl/SSL_connect.pod index 766f1876aa..8426310c0d 100644 --- a/doc/ssl/SSL_connect.pod +++ b/doc/ssl/SSL_connect.pod @@ -66,6 +66,7 @@ to find out the reason. L, L, L, L, L, L, +L, L =cut diff --git a/doc/ssl/SSL_set_connect_state.pod b/doc/ssl/SSL_set_connect_state.pod index 7adf8adfed..d88a057def 100644 --- a/doc/ssl/SSL_set_connect_state.pod +++ b/doc/ssl/SSL_set_connect_state.pod @@ -49,6 +49,7 @@ information. L, L, L, L, L, L, L, +L, L =cut diff --git a/doc/ssl/SSL_write.pod b/doc/ssl/SSL_write.pod index dfa42e9aee..e013c12d52 100644 --- a/doc/ssl/SSL_write.pod +++ b/doc/ssl/SSL_write.pod @@ -65,6 +65,9 @@ When an SSL_write() operation has to be repeated because of B or B, it must be repeated with the same arguments. +When calling SSL_write() with num=0 bytes to be sent the behaviour is +undefined. + =head1 RETURN VALUES The following return values can occur: diff --git a/doc/ssl/ssl.pod b/doc/ssl/ssl.pod index 79b19d9eb1..2dcee0385a 100644 --- a/doc/ssl/ssl.pod +++ b/doc/ssl/ssl.pod @@ -682,6 +682,7 @@ L, L, L, L, +L, L, L, L, diff --git a/ssl/ssl.h b/ssl/ssl.h index 370306ba2b..0c2044fa8c 100644 --- a/ssl/ssl.h +++ b/ssl/ssl.h @@ -372,8 +372,6 @@ typedef struct ssl_session_st /* SSL_OP_ALL: various bug workarounds that should be rather harmless */ #define SSL_OP_ALL 0x000FFFFFL -/* As server, disallow session resumption on renegotiation */ -#define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0x00010000L /* If set, always create a new key when using tmp_dh parameters */ #define SSL_OP_SINGLE_DH_USE 0x00100000L /* Set to also use the tmp_rsa key when doing RSA operations. */ -- 2.25.1