wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Include some fixes from 0.9.8-stable branch.

Browse source
This commit is contained in:
Dr. Stephen Henson 2007-09-19 00:02:49 +00:00
parent 90ac9ec264
commit f36a8c2060
18 changed files with 149 additions and 47 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
Configure
View file

@ -1227,9 +1227,13 @@ $cpuid_obj.=" uplink.o uplink-cof.o" if ($cflags =~ /\-DOPENSSL_USE_APPLINK/);
#
if ($target =~ /\-icc$/) # Intel C compiler
{
my($iccver)=`$cc -V 2>&1`;
if ($iccver =~ /Version ([0-9]+)\./) { $iccver=$1; }
else { $iccver=0; }
my $iccver=0;
if (open(FD,"$cc -V 2>&1 |"))
{
while(<FD>) { $iccver=$1 if (/Version ([0-9]+)\./); }
close(FD);
}
if ($iccver>=8)
{
# Eliminate unnecessary dependency from libirc.a. This is
@ -1237,6 +1241,15 @@ if ($target =~ /\-icc$/) # Intel C compiler
# apps/openssl can end up in endless loop upon startup...
$cflags.=" -Dmemcpy=__builtin_memcpy -Dmemset=__builtin_memset";
}
if ($iccver>=9)
{
$cflags.=" -i-static";
$cflags=~s/\-no_cpprt/-no-cpprt/;
}
if ($iccver>=10)
{
$cflags=~s/\-i\-static/-static-intel/;
}
}
# Unlike other OSes (like Solaris, Linux, Tru64, IRIX) BSD run-time

4
Makefile.shared
View file

@ -466,7 +466,7 @@ link_o.hpux:
ALLSYMSFLAGS='-Wl,-Fl'; \
NOALLSYMSFLAGS=''; \
expr $(PLATFORM) : 'hpux64' > /dev/null && ALLSYMSFLAGS='-Wl,+forceload'; \
SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -Wl,-B,symbolic,+vnocompatwarnings,-z,+s,+h,$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"; \
SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -Wl,-B,symbolic,+vnocompatwarnings,-z,+s,+h,$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX,+cdp,../:,+cdp,./:"; \
fi; \
rm -f $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX || :; \
$(LINK_SO_O) && chmod a=rx $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX
@ -479,7 +479,7 @@ link_a.hpux:
ALLSYMSFLAGS='-Wl,-Fl'; \
NOALLSYMSFLAGS=''; \
expr $(PLATFORM) : 'hpux64' > /dev/null && ALLSYMSFLAGS='-Wl,+forceload'; \
SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -Wl,-B,symbolic,+vnocompatwarnings,-z,+s,+h,$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"; \
SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -Wl,-B,symbolic,+vnocompatwarnings,-z,+s,+h,$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX,+cdp,../:,+cdp,./:"; \
fi; \
rm -f $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX || :; \
$(LINK_SO_A) && chmod a=rx $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX

62
TABLE
View file

@ -947,7 +947,7 @@ $arflags =
*** darwin-i386-cc
$cc = cc
$cflags = -O3 -fomit-frame-pointer -fno-common
$cflags = -arch i386 -O3 -fomit-frame-pointer -fno-common
$unistd =
$thread_cflag = -D_REENTRANT
$sys_id = MACOSX
@ -967,14 +967,14 @@ $rc5_obj =
$dso_scheme = dlfcn
$shared_target= darwin-shared
$shared_cflag = -fPIC -fno-common
$shared_ldflag = -dynamiclib
$shared_ldflag = -arch i386 -dynamiclib
$shared_extension = .$(SHLIB_MAJOR).$(SHLIB_MINOR).dylib
$ranlib =
$arflags =
*** darwin-ppc-cc
$cc = cc
$cflags = -O3 -DB_ENDIAN
$cflags = -arch ppc -O3 -DB_ENDIAN
$unistd =
$thread_cflag = -D_REENTRANT
$sys_id = MACOSX
@ -994,7 +994,61 @@ $rc5_obj =
$dso_scheme = dlfcn
$shared_target= darwin-shared
$shared_cflag = -fPIC -fno-common
$shared_ldflag = -dynamiclib
$shared_ldflag = -arch ppc -dynamiclib
$shared_extension = .$(SHLIB_MAJOR).$(SHLIB_MINOR).dylib
$ranlib =
$arflags =
*** darwin64-ppc-cc
$cc = cc
$cflags = -arch ppc64 -O3 -DB_ENDIAN
$unistd =
$thread_cflag = -D_REENTRANT
$sys_id = MACOSX
$lflags = -Wl,-search_paths_first%
$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
$cpuid_obj = ppccpuid_osx64.o
$bn_obj = osx_ppc64.o osx_ppc64-mont.o
$des_obj =
$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj = sha1-ppc_osx64.o sha256-ppc_osx64.o sha512-ppc_osx64.o
$cast_obj =
$rc4_obj =
$rmd160_obj =
$rc5_obj =
$dso_scheme =
$shared_target=
$shared_cflag = dlfcn
$shared_ldflag = darwin-shared
$shared_extension = -fPIC -fno-common
$ranlib = -arch ppc64 -dynamiclib
$arflags = .$(SHLIB_MAJOR).$(SHLIB_MINOR).dylib
*** darwin64-x86_64-cc
$cc = cc
$cflags = -arch x86_64 -O3 -fomit-frame-pointer -DL_ENDIAN -DMD32_REG_T=int -Wall
$unistd =
$thread_cflag = -D_REENTRANT
$sys_id = MACOSX
$lflags = -Wl,-search_paths_first%
$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK BF_PTR2 DES_INT DES_UNROLL
$cpuid_obj =
$bn_obj =
$des_obj =
$aes_obj =
$bf_obj =
$md5_obj =
$sha1_obj =
$cast_obj =
$rc4_obj =
$rmd160_obj =
$rc5_obj =
$dso_scheme = dlfcn
$shared_target= darwin-shared
$shared_cflag = -fPIC -fno-common
$shared_ldflag = -arch x86_64 -dynamiclib
$shared_extension = .$(SHLIB_MAJOR).$(SHLIB_MINOR).dylib
$ranlib =
$arflags =

22
apps/dgst.c
View file

@ -256,29 +256,33 @@ ERR_load_crypto_strings();
BIO_printf(bio_err,"-engine e use engine e, possibly a hardware device.\n");
#endif
BIO_printf(bio_err,"-%3s to use the %s message digest algorithm (default)\n",
BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm (default)\n",
LN_md5,LN_md5);
BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n",
LN_md4,LN_md4);
BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n",
LN_md2,LN_md2);
#ifndef OPENSSL_NO_SHA
BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n",
LN_sha1,LN_sha1);
BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n",
LN_sha,LN_sha);
#ifndef OPENSSL_NO_SHA256
BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n",
LN_sha224,LN_sha224);
BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n",
LN_sha256,LN_sha256);
#endif
#ifndef OPENSSL_NO_SHA512
BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n",
LN_sha384,LN_sha384);
BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n",
LN_sha512,LN_sha512);
#endif
#endif
BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n",
LN_mdc2,LN_mdc2);
BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n",
LN_ripemd160,LN_ripemd160);
err=1;
goto end;

10
crypto/aes/aes_ige.c
View file

@ -62,9 +62,11 @@ typedef struct {
/* XXX: probably some better way to do this */
#if defined(__i386__) || defined(__x86_64__)
#define UNALIGNED_MEMOPS_ARE_FAST 1
#else
#define UNALIGNED_MEMOPS_ARE_FAST 0
#endif
#ifdef UNALIGNED_MEMOPS_ARE_FAST
#if UNALIGNED_MEMOPS_ARE_FAST
#define load_block(d, s) (d) = *(const aes_block_t *)(s)
#define store_block(d, s) *(aes_block_t *)(d) = (s)
#else
@ -89,7 +91,8 @@ void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
if (AES_ENCRYPT == enc)
{
if (in != out)
if (in != out &&
(UNALIGNED_MEMOPS_ARE_FAST || ((size_t)in|(size_t)out|(size_t)ivec)%sizeof(long)==0))
{
aes_block_t *ivp = (aes_block_t *)ivec;
aes_block_t *iv2p = (aes_block_t *)(ivec + AES_BLOCK_SIZE);
@ -143,7 +146,8 @@ void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
}
else
{
if(in != out)
if (in != out &&
(UNALIGNED_MEMOPS_ARE_FAST || ((size_t)in|(size_t)out|(size_t)ivec)%sizeof(long)==0))
{
aes_block_t *ivp = (aes_block_t *)ivec;
aes_block_t *iv2p = (aes_block_t *)(ivec + AES_BLOCK_SIZE);

4
crypto/bio/b_print.c
View file

@ -79,7 +79,7 @@
#include <openssl/bn.h> /* To get BN_LLONG properly defined */
#include <openssl/bio.h>
#ifdef BN_LLONG
#if defined(BN_LLONG) || defined(SIXTY_FOUR_BIT)
# ifndef HAVE_LONG_LONG
# define HAVE_LONG_LONG 1
# endif
@ -117,7 +117,7 @@
#if HAVE_LONG_LONG
# if defined(OPENSSL_SYS_WIN32) && !defined(__GNUC__)
# define LLONG _int64
# define LLONG __int64
# else
# define LLONG long long
# endif

10
crypto/bio/b_sock.c
View file

@ -456,9 +456,6 @@ int BIO_sock_init(void)
{
int err;
#ifdef SIGINT
signal(SIGINT,(void (*)(int))BIO_sock_cleanup);
#endif
wsa_init_done=1;
memset(&wsa_state,0,sizeof(wsa_state));
if (WSAStartup(0x0101,&wsa_state)!=0)
@ -484,11 +481,6 @@ int BIO_sock_init(void)
if (!wsa_init_done)
{
# ifdef SIGINT
signal(SIGINT,(void (*)(int))BIO_sock_cleanup);
# endif
wsa_init_done=1;
wVerReq = MAKEWORD( 2, 0 );
err = WSAStartup(wVerReq,&wsaData);
@ -511,7 +503,7 @@ void BIO_sock_cleanup(void)
{
wsa_init_done=0;
#ifndef OPENSSL_SYS_WINCE
WSACancelBlockingCall();
WSACancelBlockingCall(); /* Winsock 1.1 specific */
#endif
WSACleanup();
}

16
crypto/bio/bio.h
View file

@ -129,8 +129,8 @@ extern "C" {
/* dgram BIO stuff */
#define BIO_CTRL_DGRAM_CONNECT 31 /* BIO dgram special */
#define BIO_CTRL_DGRAM_SET_CONNECTED 32 /* allow for an externally
* connected socket to be
* passed in */
* connected socket to be
* passed in */
#define BIO_CTRL_DGRAM_SET_RECV_TIMEOUT 33 /* setsockopt, essentially */
#define BIO_CTRL_DGRAM_GET_RECV_TIMEOUT 34 /* getsockopt, essentially */
#define BIO_CTRL_DGRAM_SET_SEND_TIMEOUT 35 /* setsockopt, essentially */
@ -146,14 +146,14 @@ extern "C" {
#define BIO_CTRL_DGRAM_QUERY_MTU 40 /* as kernel for current MTU */
#define BIO_CTRL_DGRAM_GET_MTU 41 /* get cached value for MTU */
#define BIO_CTRL_DGRAM_SET_MTU 42 /* set cached value for
* MTU. want to use this
* if asking the kernel
* fails */
* MTU. want to use this
* if asking the kernel
* fails */
#define BIO_CTRL_DGRAM_MTU_EXCEEDED 43 /* check whether the MTU
* was exceed in the
* previous write
* operation */
* was exceed in the
* previous write
* operation */
#define BIO_CTRL_DGRAM_SET_PEER 44 /* Destination for the data */

2
crypto/bn/bn_mont.c
View file

@ -299,6 +299,8 @@ int BN_from_montgomery(BIGNUM *ret, const BIGNUM *a, BN_MONT_CTX *mont,
}
for (ri+=4; i<ri; i++)
rp[i]=nrp[i], ap[i]=0;
bn_correct_top(r);
bn_correct_top(ret);
# else
if (bn_wexpand(ret,al) == NULL) goto err;
ret->top=al;

4
crypto/bn/bn_prime.c
View file

@ -377,14 +377,14 @@ static int witness(BIGNUM *w, const BIGNUM *a, const BIGNUM *a1,
static int probable_prime(BIGNUM *rnd, int bits)
{
int i;
BN_ULONG mods[NUMPRIMES];
prime_t mods[NUMPRIMES];
BN_ULONG delta,maxdelta;
again:
if (!BN_rand(rnd,bits,1,1)) return(0);
/* we now have a random number 'rand' to test. */
for (i=1; i<NUMPRIMES; i++)
mods[i]=BN_mod_word(rnd,(BN_ULONG)primes[i]);
mods[i]=(prime_t)BN_mod_word(rnd,(BN_ULONG)primes[i]);
maxdelta=BN_MASK2 - primes[NUMPRIMES-1];
delta=0;
loop: for (i=1; i<NUMPRIMES; i++)

4
crypto/bn/bn_prime.h
View file

@ -58,10 +58,12 @@
#ifndef EIGHT_BIT
#define NUMPRIMES 2048
typedef unsigned short prime_t;
#else
#define NUMPRIMES 54
typedef unsigned char prime_t;
#endif
static const unsigned int primes[NUMPRIMES]=
static const prime_t primes[NUMPRIMES]=
{
2, 3, 5, 7, 11, 13, 17, 19,
23, 29, 31, 37, 41, 43, 47, 53,

4
crypto/bn/bn_prime.pl
View file

@ -101,10 +101,12 @@ for ($i=0; $i <= $#primes; $i++)
printf "#ifndef EIGHT_BIT\n";
printf "#define NUMPRIMES %d\n",$num;
printf "typedef unsigned short prime_t;\n";
printf "#else\n";
printf "#define NUMPRIMES %d\n",$eight;
printf "typedef unsigned char prime_t;\n";
printf "#endif\n";
print "static const unsigned int primes[NUMPRIMES]=\n\t{\n\t";
print "static const prime_t primes[NUMPRIMES]=\n\t{\n\t";
$init=0;
for ($i=0; $i <= $#primes; $i++)
{

2
crypto/des/set_key.c
View file

@ -116,7 +116,7 @@ int DES_check_key_parity(const_DES_cblock *key)
* (and actual cblock values).
*/
#define NUM_WEAK_KEY 16
static DES_cblock weak_keys[NUM_WEAK_KEY]={
static const DES_cblock weak_keys[NUM_WEAK_KEY]={
/* weak keys */
{0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01},
{0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE},

2
crypto/pqueue/pq_compat.h
View file

@ -57,7 +57,7 @@
*
*/
#include "opensslconf.h"
#include <openssl/opensslconf.h>
#include <openssl/bn.h>
/*

8
doc/apps/enc.pod
View file

@ -227,6 +227,14 @@ Blowfish and RC5 algorithms use a 128 bit key.
rc5-ecb RC5 cipher in ECB mode
rc5-ofb RC5 cipher in OFB mode
aes-[128|192|256]-cbc 128/192/256 bit AES in CBC mode
aes-[128|192|256] Alias for aes-[128|192|256]-cbc
aes-[128|192|256]-cfb 128/192/256 bit AES in 128 bit CFB mode
aes-[128|192|256]-cfb1 128/192/256 bit AES in 1 bit CFB mode
aes-[128|192|256]-cfb8 128/192/256 bit AES in 8 bit CFB mode
aes-[128|192|256]-ecb 128/192/256 bit AES in ECB mode
aes-[128|192|256]-ofb 128/192/256 bit AES in OFB mode
=head1 EXAMPLES
Just base64 encode a binary file:

16
doc/apps/openssl.pod
View file

@ -227,6 +227,22 @@ SHA Digest
SHA-1 Digest
=item B<sha224>
SHA-224 Digest
=item B<sha256>
SHA-256 Digest
=item B<sha384>
SHA-384 Digest
=item B<sha512>
SHA-512 Digest
=back
=head2 ENCODING AND CIPHER COMMANDS

2
doc/apps/rsautl.pod
View file

@ -152,7 +152,7 @@ The final BIT STRING contains the actual signature. It can be extracted with:
The certificate public key can be extracted with:
openssl x509 -in test/testx509.pem -pubout -noout >pubkey.pem
openssl x509 -in test/testx509.pem -pubkey -noout >pubkey.pem
The signature can be analysed with:

5
ssl/d1_srvr.c
View file

@ -1009,6 +1009,7 @@ int dtls1_send_certificate_request(SSL *s)
STACK_OF(X509_NAME) *sk=NULL;
X509_NAME *name;
BUF_MEM *buf;
unsigned int msg_len;
if (s->state == SSL3_ST_SW_CERT_REQ_A)
{
@ -1086,6 +1087,10 @@ int dtls1_send_certificate_request(SSL *s)
#endif
/* XDTLS: set message header ? */
msg_len = s->init_num - DTLS1_HM_HEADER_LENGTH;
dtls1_set_message_header(s, s->init_buf->data,
SSL3_MT_CERTIFICATE_REQUEST, msg_len, 0, msg_len);
/* buffer the message to handle re-xmits */
dtls1_buffer_message(s, 0);