Recent changes from 0.9.6-stable.

This commit is contained in:
Richard Levitte 2002-12-28 02:01:45 +00:00
parent f0c5491e9e
commit 2b4a238b5b
10 changed files with 74 additions and 28 deletions

View file

@ -132,8 +132,8 @@
standard headers). If it is a problem with OpenSSL itself, please
report the problem to <openssl-bugs@openssl.org> (note that your
message will be recorded in the request tracker publicly readable
via http://www.openssl.org/rt2.html and will be forwarded to a public
mailing list). Include the output of "make report" in your message.
via http://www.openssl.org/support/rt2.html and will be forwarded to a
public mailing list). Include the output of "make report" in your message.
Please check out the request tracker. Maybe the bug was already
reported or has already been fixed.
@ -154,7 +154,7 @@
in Makefile.ssl and run "make clean; make". Please send a bug
report to <openssl-bugs@openssl.org>, including the output of
"make report" in order to be added to the request tracker at
http://www.openssl.org/rt2.html.
http://www.openssl.org/support/rt2.html.
4. If everything tests ok, install OpenSSL with

View file

@ -58,6 +58,7 @@
#include <stdio.h>
#include <string.h>
#include <assert.h>
#include "cryptlib.h"
#include <openssl/crypto.h>
#include <openssl/safestack.h>
@ -206,10 +207,18 @@ int CRYPTO_get_new_dynlockid(void)
i=sk_CRYPTO_dynlock_find(dyn_locks,NULL);
/* If there was none, push, thereby creating a new one */
if (i == -1)
i=sk_CRYPTO_dynlock_push(dyn_locks,pointer);
/* Since sk_push() returns the number of items on the
stack, not the location of the pushed item, we need
to transform the returned number into a position,
by decreasing it. */
i=sk_CRYPTO_dynlock_push(dyn_locks,pointer) - 1;
else
/* If we found a place with a NULL pointer, put our pointer
in it. */
sk_CRYPTO_dynlock_set(dyn_locks,i,pointer);
CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
if (!i)
if (i == -1)
{
dynlock_destroy_callback(pointer->data,__FILE__,__LINE__);
OPENSSL_free(pointer);
@ -400,17 +409,19 @@ void CRYPTO_lock(int mode, int type, const char *file, int line)
}
#endif
if (type < 0)
{
if (dynlock_lock_callback != NULL)
{
struct CRYPTO_dynlock_value *pointer
= CRYPTO_get_dynlock_value(type);
if (pointer && dynlock_lock_callback)
{
assert(pointer != NULL);
dynlock_lock_callback(mode, pointer, file, line);
}
CRYPTO_destroy_dynlockid(type);
}
}
else
if (locking_callback != NULL)
locking_callback(mode,type,file,line);

View file

@ -86,6 +86,7 @@
#endif
#include <sys/stat.h>
#endif
#include <openssl/crypto.h>
#include <openssl/des.h>
#include <openssl/rand.h>

View file

@ -217,6 +217,7 @@ end:
static int cb_exit(int ec)
{
EXIT(ec);
return(0); /* To keep some compilers quiet */
}
static void MS_CALLBACK dsa_cb(int p, int n, void *arg)

View file

@ -897,7 +897,7 @@ void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx)
ctx->chain=NULL;
}
CRYPTO_free_ex_data(x509_store_ctx_method,ctx,&(ctx->ex_data));
OPENSSL_cleanse(&ctx->ex_data,sizeof(CRYPTO_EX_DATA));
memset(&ctx->ex_data,0,sizeof(CRYPTO_EX_DATA));
}
void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, long flags)

View file

@ -105,7 +105,7 @@ SSL_METHOD *SSLv23_client_method(void)
int ssl23_connect(SSL *s)
{
BUF_MEM *buf;
BUF_MEM *buf=NULL;
unsigned long Time=time(NULL);
void (*cb)()=NULL;
int ret= -1;
@ -159,6 +159,7 @@ int ssl23_connect(SSL *s)
goto end;
}
s->init_buf=buf;
buf=NULL;
}
if (!ssl3_setup_buffers(s)) { ret= -1; goto end; }
@ -207,6 +208,8 @@ int ssl23_connect(SSL *s)
}
end:
s->in_handshake--;
if (buf != NULL)
BUF_MEM_free(buf);
if (cb != NULL)
cb(s,SSL_CB_CONNECT_EXIT,ret);
return(ret);

View file

@ -208,10 +208,13 @@ int ssl2_connect(SSL *s)
if (!BUF_MEM_grow(buf,
SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER))
{
if (buf == s->init_buf)
buf=NULL;
ret= -1;
goto end;
}
s->init_buf=buf;
buf=NULL;
s->init_num=0;
s->state=SSL2_ST_SEND_CLIENT_HELLO_A;
s->ctx->stats.sess_connect++;
@ -338,6 +341,8 @@ int ssl2_connect(SSL *s)
}
end:
s->in_handshake--;
if (buf != NULL)
BUF_MEM_free(buf);
if (cb != NULL)
cb(s,SSL_CB_CONNECT_EXIT,ret);
return(ret);

View file

@ -164,7 +164,7 @@ SSL_METHOD *SSLv3_client_method(void)
int ssl3_connect(SSL *s)
{
BUF_MEM *buf;
BUF_MEM *buf=NULL;
unsigned long Time=time(NULL),l;
long num1;
void (*cb)()=NULL;
@ -225,6 +225,7 @@ int ssl3_connect(SSL *s)
goto end;
}
s->init_buf=buf;
buf=NULL;
}
if (!ssl3_setup_buffers(s)) { ret= -1; goto end; }
@ -503,6 +504,8 @@ int ssl3_connect(SSL *s)
}
end:
s->in_handshake--;
if (buf != NULL)
BUF_MEM_free(buf);
if (cb != NULL)
cb(s,SSL_CB_CONNECT_EXIT,ret);
return(ret);

View file

@ -112,8 +112,12 @@ $ssltest -bio_pair -server_auth -client_auth $CA || exit 1
#############################################################################
if ../apps/openssl no-dh; then
echo skipping anonymous DH tests
else
echo test tls1 with 1024bit anonymous DH, multiple handshakes
$ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time || exit 1
fi
if ../apps/openssl no-rsa; then
echo skipping RSA tests
@ -121,8 +125,12 @@ else
echo test tls1 with 1024bit RSA, no DHE, multiple handshakes
./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -num 10 -f -time || exit 1
if ../apps/openssl no-dh; then
echo skipping RSA+DHE tests
else
echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes
./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time || exit 1
fi
fi
exit 0

View file

@ -159,16 +159,25 @@ $ if $severity .ne. 1 then goto exit3
$
$!###########################################################################
$
$ write sys$output "test tls1 with 1024bit anonymous DH, multiple handshakes"
$ 'ssltest' -v -bio_pair -tls1 -cipher "ADH" -dhe1024dsa -num 10 -f -time
$ if $severity .ne. 1 then goto exit3
$
$ set noon
$ define/user sys$output nla0:
$ mcr 'exe_dir'openssl no-rsa
$ save_severity=$SEVERITY
$ no_rsa=$SEVERITY
$ define/user sys$output nla0:
$ mcr 'exe_dir'openssl no-dh
$ no_dh=$SEVERITY
$ set on
$ if save_severity
$
$ if no_dh
$ then
$ write sys$output "skipping anonymous DH tests"
$ else
$ write sys$output "test tls1 with 1024bit anonymous DH, multiple handshakes"
$ 'ssltest' -v -bio_pair -tls1 -cipher "ADH" -dhe1024dsa -num 10 -f -time
$ if $severity .ne. 1 then goto exit3
$ endif
$
$ if no_rsa
$ then
$ write sys$output "skipping RSA tests"
$ else
@ -176,10 +185,15 @@ $ write sys$output "test tls1 with 1024bit RSA, no DHE, multiple handshakes"
$ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -no_dhe -num 10 -f -time
$ if $severity .ne. 1 then goto exit3
$
$ if no_dh
$ then
$ write sys$output "skipping RSA+DHE tests"
$ else
$ write sys$output "test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes"
$ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -dhe1024dsa -num 10 -f -time
$ if $severity .ne. 1 then goto exit3
$ endif
$ endif
$
$ RET = 1
$ goto exit