Skip to content

Commit

Permalink
Revert OPENSSL_EXPERIMENTAL patch.
Browse files Browse the repository at this point in the history 
Change it so JPAKE uses the standard OPENSSL_NO_JPAKE instead.
  • Loading branch information
@snhenson
snhenson committed Nov 24, 2008
1 parent 14d4074 commit 5a02ac6
Show file tree
Hide file tree
Showing 12 changed files with 45 additions and 71 deletions.
6 changes: 0 additions & 6 deletions CHANGES
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,12 +9,6 @@
obligation to set up the dynamic locking callbacks.)
[Sander Temme <sander@temme.net>]

*) Update Configure code and WIN32 build scripts to support experimental
code. This is surrounded by OPENSSL_EXPERIMENTAL_FOO and not compiled
in by default. Using the configuration option "enable-experimental-foo"
enables it. Use this option for JPAKE.
[Steve Henson]

*) Use correct exit code if there is an error in dgst command.
[Steve Henson; problem pointed out by Roland Dirlewanger]

Expand Down
13 changes: 2 additions & 11 deletions Configure
View file
Original file line number Diff line number Diff line change
Expand Up @@ -588,7 +588,6 @@ my $no_threads=0;
my $threads=0;
my $no_shared=0; # but "no-shared" is default
my $zlib=1; # but "no-zlib" is default
my $jpake=1; # but "no-jpake" is default
my $no_krb5=0; # but "no-krb5" is implied unless "--with-krb5-..." is used
my $no_rfc3779=1; # but "no-rfc3779" is default
my $montasm=1; # but "no-montasm" is default
Expand Down Expand Up @@ -629,7 +628,7 @@ my %disabled = ( # "what" => "comment"
"camellia" => "default",
"capieng" => "default",
"cms" => "default",
"experimental-jpake" => "default",
"jpake" => "default",
"gmp" => "default",
"mdc2" => "default",
"montasm" => "default", # explicit option in 0.9.8 only (implicitly enabled in 0.9.9)
Expand All @@ -647,8 +646,7 @@ my %disabled = ( # "what" => "comment"
# For symmetry, "disable-..." is a synonym for "no-...".

# This is what $depflags will look like with the above default:
my $default_depflags = "-DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_CAPIENG -DOPENSSL_NO_CMS -DOPENSSL_NO_GMP -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SEED -DOPENSSL_NO_TLSEXT ";

my $default_depflags = " -DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_CAPIENG -DOPENSSL_NO_CMS -DOPENSSL_NO_GMP -DOPENSSL_NO_JPAKE -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SEED -DOPENSSL_NO_TLSEXT ";

my $no_sse2=0;

Expand Down Expand Up @@ -977,8 +975,6 @@ foreach (sort (keys %disabled))
{ $no_threads = 1; }
elsif (/^shared$/)
{ $no_shared = 1; }
elsif (/^experimental-jpake$/)
{ $jpake = 0; push @skip, "jpake"}
elsif (/^zlib$/)
{ $zlib = 0; }
elsif (/^montasm$/)
Expand Down Expand Up @@ -1216,11 +1212,6 @@ if ($threads)
$openssl_thread_defines .= $thread_defines;
}

if ($jpake)
{
$openssl_other_defines .= "#define OPENSSL_EXPERIMENTAL_JPAKE\n";
}

if ($zlib)
{
$cflags = "-DZLIB $cflags";
Expand Down
4 changes: 2 additions & 2 deletions apps/apps.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -130,7 +130,7 @@
#include <openssl/rsa.h>
#endif
#include <openssl/bn.h>
#ifdef OPENSSL_EXPERIMENTAL_JPAKE
#ifndef OPENSSL_NO_JPAKE
#include <openssl/jpake.h>
#endif

Expand Down Expand Up @@ -2338,7 +2338,7 @@ void policies_print(BIO *out, X509_STORE_CTX *ctx)
BIO_free(out);
}

#ifdef OPENSSL_EXPERIMENTAL_JPAKE
#ifndef OPENSSL_NO_JPAKE

static JPAKE_CTX *jpake_init(const char *us, const char *them,
const char *secret)
Expand Down
2 changes: 1 addition & 1 deletion apps/apps.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -338,7 +338,7 @@ X509_NAME *parse_name(char *str, long chtype, int multirdn);
int args_verify(char ***pargs, int *pargc,
int *badarg, BIO *err, X509_VERIFY_PARAM **pm);
void policies_print(BIO *out, X509_STORE_CTX *ctx);
#ifdef OPENSSL_EXPERIMENTAL_JPAKE
#ifndef OPENSSL_NO_JPAKE
void jpake_client_auth(BIO *out, BIO *conn, const char *secret);
void jpake_server_auth(BIO *out, BIO *conn, const char *secret);
#endif
Expand Down
6 changes: 3 additions & 3 deletions apps/s_client.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -338,7 +338,7 @@ int MAIN(int argc, char **argv)
int peerlen = sizeof(peer);
int enable_timeouts = 0 ;
long mtu = 0;
#ifdef OPENSSL_EXPERIMENTAL_JPAKE
#ifndef OPENSSL_NO_JPAKE
char *jpake_secret = NULL;
#endif

Expand Down Expand Up @@ -585,7 +585,7 @@ int MAIN(int argc, char **argv)
/* meth=TLSv1_client_method(); */
}
#endif
#ifdef OPENSSL_EXPERIMENTAL_JPAKE
#ifndef OPENSSL_NO_JPAKE
else if (strcmp(*argv,"-jpake") == 0)
{
if (--argc < 1) goto bad;
Expand Down Expand Up @@ -897,7 +897,7 @@ SSL_set_tlsext_status_ids(con, ids);
#endif
}
#endif
#ifdef OPENSSL_EXPERIMENTAL_JPAKE
#ifndef OPENSSL_NO_JPAKE
if (jpake_secret)
jpake_client_auth(bio_c_out, sbio, jpake_secret);
#endif
Expand Down
6 changes: 3 additions & 3 deletions apps/s_server.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -742,7 +742,7 @@ BIO_printf(err, "cert_status: received %d ids\n", sk_OCSP_RESPID_num(ids));
#endif
int MAIN(int, char **);

#ifdef OPENSSL_EXPERIMENTAL_JPAKE
#ifndef OPENSSL_NO_JPAKE
static char *jpake_secret = NULL;
#endif

Expand Down Expand Up @@ -1076,7 +1076,7 @@ int MAIN(int argc, char *argv[])
}

#endif
#ifdef OPENSSL_EXPERIMENTAL_JPAKE
#ifndef OPENSSL_NO_JPAKE
else if (strcmp(*argv,"-jpake") == 0)
{
if (--argc < 1) goto bad;
Expand Down Expand Up @@ -1684,7 +1684,7 @@ static int sv_body(char *hostname, int s, unsigned char *context)
test=BIO_new(BIO_f_nbio_test());
sbio=BIO_push(test,sbio);
}
#ifdef OPENSSL_EXPERIMENTAL_JPAKE
#ifndef OPENSSL_NO_JPAKE
if(jpake_secret)
jpake_server_auth(bio_s_out, sbio, jpake_secret);
#endif
Expand Down
4 changes: 2 additions & 2 deletions crypto/err/err_all.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -101,7 +101,7 @@
#ifndef OPENSSL_NO_CMS
#include <openssl/cms.h>
#endif
#ifdef OPENSSL_EXPERIMENTAL_JPAKE
#ifndef OPENSSL_NO_JPAKE
#include <openssl/jpake.h>
#endif

Expand Down Expand Up @@ -154,7 +154,7 @@ void ERR_load_crypto_strings(void)
#ifndef OPENSSL_NO_CMS
ERR_load_CMS_strings();
#endif
#ifdef OPENSSL_EXPERIMENTAL_JPAKE
#ifndef OPENSSL_NO_JPAKE
ERR_load_JPAKE_strings();
#endif
#endif
Expand Down
4 changes: 2 additions & 2 deletions crypto/jpake/jpake.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,8 +10,8 @@

#include <openssl/opensslconf.h>

#ifndef OPENSSL_EXPERIMENTAL_JPAKE
#error JPAKE is disabled
#ifdef OPENSSL_NO_JPAKE
#error JPAKE is disabled.
#endif

#ifdef __cplusplus
Expand Down
2 changes: 1 addition & 1 deletion crypto/jpake/jpaketest.c
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
#include <openssl/err.h>

#ifndef OPENSSL_EXPERIMENTAL_JPAKE
#ifdef OPENSSL_NO_JPAKE
int main(int argc, char *argv[])
{
printf("No J-PAKE support\n");
Expand Down
40 changes: 20 additions & 20 deletions util/libeay.num
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3702,23 +3702,23 @@ CRYPTO_dbg_remove_all_info 4090 EXIST::FUNCTION:
OPENSSL_init 4091 EXIST::FUNCTION:
private_Camellia_set_key 4092 EXIST:OPENSSL_FIPS:FUNCTION:CAMELLIA
CRYPTO_strdup 4093 EXIST::FUNCTION:
JPAKE_STEP3A_process 4094 EXIST:OPENSSL_EXPERIMENTAL_JPAKE:FUNCTION:
JPAKE_STEP1_release 4095 EXIST:OPENSSL_EXPERIMENTAL_JPAKE:FUNCTION:
JPAKE_get_shared_key 4096 EXIST:OPENSSL_EXPERIMENTAL_JPAKE:FUNCTION:
JPAKE_STEP3B_init 4097 EXIST:OPENSSL_EXPERIMENTAL_JPAKE:FUNCTION:
JPAKE_STEP1_generate 4098 EXIST:OPENSSL_EXPERIMENTAL_JPAKE:FUNCTION:
JPAKE_STEP1_init 4099 EXIST:OPENSSL_EXPERIMENTAL_JPAKE:FUNCTION:
JPAKE_STEP3B_process 4100 EXIST:OPENSSL_EXPERIMENTAL_JPAKE:FUNCTION:
JPAKE_STEP2_generate 4101 EXIST:OPENSSL_EXPERIMENTAL_JPAKE:FUNCTION:
JPAKE_CTX_new 4102 EXIST:OPENSSL_EXPERIMENTAL_JPAKE:FUNCTION:
JPAKE_CTX_free 4103 EXIST:OPENSSL_EXPERIMENTAL_JPAKE:FUNCTION:
JPAKE_STEP3B_release 4104 EXIST:OPENSSL_EXPERIMENTAL_JPAKE:FUNCTION:
JPAKE_STEP3A_release 4105 EXIST:OPENSSL_EXPERIMENTAL_JPAKE:FUNCTION:
JPAKE_STEP2_process 4106 EXIST:OPENSSL_EXPERIMENTAL_JPAKE:FUNCTION:
JPAKE_STEP3B_generate 4107 EXIST:OPENSSL_EXPERIMENTAL_JPAKE:FUNCTION:
JPAKE_STEP1_process 4108 EXIST:OPENSSL_EXPERIMENTAL_JPAKE:FUNCTION:
JPAKE_STEP3A_generate 4109 EXIST:OPENSSL_EXPERIMENTAL_JPAKE:FUNCTION:
JPAKE_STEP2_release 4110 EXIST:OPENSSL_EXPERIMENTAL_JPAKE:FUNCTION:
JPAKE_STEP3A_init 4111 EXIST:OPENSSL_EXPERIMENTAL_JPAKE:FUNCTION:
ERR_load_JPAKE_strings 4112 EXIST:OPENSSL_EXPERIMENTAL_JPAKE:FUNCTION:
JPAKE_STEP2_init 4113 EXIST:OPENSSL_EXPERIMENTAL_JPAKE:FUNCTION:
JPAKE_STEP3A_process 4094 EXIST::FUNCTION:JPAKE
JPAKE_STEP1_release 4095 EXIST::FUNCTION:JPAKE
JPAKE_get_shared_key 4096 EXIST::FUNCTION:JPAKE
JPAKE_STEP3B_init 4097 EXIST::FUNCTION:JPAKE
JPAKE_STEP1_generate 4098 EXIST::FUNCTION:JPAKE
JPAKE_STEP1_init 4099 EXIST::FUNCTION:JPAKE
JPAKE_STEP3B_process 4100 EXIST::FUNCTION:JPAKE
JPAKE_STEP2_generate 4101 EXIST::FUNCTION:JPAKE
JPAKE_CTX_new 4102 EXIST::FUNCTION:JPAKE
JPAKE_CTX_free 4103 EXIST::FUNCTION:JPAKE
JPAKE_STEP3B_release 4104 EXIST::FUNCTION:JPAKE
JPAKE_STEP3A_release 4105 EXIST::FUNCTION:JPAKE
JPAKE_STEP2_process 4106 EXIST::FUNCTION:JPAKE
JPAKE_STEP3B_generate 4107 EXIST::FUNCTION:JPAKE
JPAKE_STEP1_process 4108 EXIST::FUNCTION:JPAKE
JPAKE_STEP3A_generate 4109 EXIST::FUNCTION:JPAKE
JPAKE_STEP2_release 4110 EXIST::FUNCTION:JPAKE
JPAKE_STEP3A_init 4111 EXIST::FUNCTION:JPAKE
ERR_load_JPAKE_strings 4112 EXIST::FUNCTION:JPAKE
JPAKE_STEP2_init 4113 EXIST::FUNCTION:JPAKE
7 changes: 3 additions & 4 deletions util/mk1mf.pl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -233,6 +233,7 @@
$cflags.=" -DOPENSSL_NO_SSL3" if $no_ssl3;
$cflags.=" -DOPENSSL_NO_TLSEXT" if $no_tlsext;
$cflags.=" -DOPENSSL_NO_CMS" if $no_cms;
$cflags.=" -DOPENSSL_NO_JPAKE" if $no_jpake;
$cflags.=" -DOPENSSL_NO_CAPIENG" if $no_capieng;
$cflags.=" -DOPENSSL_NO_ERR" if $no_err;
$cflags.=" -DOPENSSL_NO_KRB5" if $no_krb5;
Expand All @@ -242,7 +243,6 @@
$cflags.=" -DOPENSSL_NO_ENGINE" if $no_engine;
$cflags.=" -DOPENSSL_NO_HW" if $no_hw;
$cflags.=" -DOPENSSL_FIPS" if $fips;
$cflags.=" -DOPENSSL_EXPERIMENTAL_JPAKE" if $jpake;
$cflags.= " -DZLIB" if $zlib_opt;
$cflags.= " -DZLIB_SHARED" if $zlib_opt == 2;

Expand Down Expand Up @@ -1021,8 +1021,8 @@ sub var_add
return("") if $no_dh && $dir =~ /\/dh/;
return("") if $no_ec && $dir =~ /\/ec/;
return("") if $no_cms && $dir =~ /\/cms/;
return("") if $no_jpake && $dir =~ /\/jpake/;
return("") if !$fips && $dir =~ /^fips/;
return("") if !$jpake && $dir =~ /\/jpake/;
if ($no_des && $dir =~ /\/des/)
{
if ($val =~ /read_pwd/)
Expand Down Expand Up @@ -1290,6 +1290,7 @@ sub read_options
"no-ssl3" => \$no_ssl3,
"no-tlsext" => \$no_tlsext,
"no-cms" => \$no_cms,
"no-jpake" => \$no_jpake,
"no-capieng" => \$no_capieng,
"no-err" => \$no_err,
"no-sock" => \$no_sock,
Expand Down Expand Up @@ -1320,8 +1321,6 @@ sub read_options
"fips" => \$fips,
"fipscanisterbuild" => [\$fips, \$fipscanisterbuild],
"fipsdso" => [\$fips, \$fipscanisterbuild, \$fipsdso],
"no-experimental-jpake" => 0,
"enable-experimental-jpake" => \$jpake,
);

if (exists $valid_options{$_})
Expand Down
22 changes: 6 additions & 16 deletions util/mkdef.pl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -79,8 +79,7 @@
my $safe_stack_def = 0;

my @known_platforms = ( "__FreeBSD__", "PERL5", "NeXT",
"EXPORT_VAR_AS_FUNCTION", "ZLIB", "OPENSSL_FIPS",
"OPENSSL_EXPERIMENTAL_JPAKE" );
"EXPORT_VAR_AS_FUNCTION", "ZLIB", "OPENSSL_FIPS");
my @known_ossl_platforms = ( "VMS", "WIN16", "WIN32", "WINNT", "OS2" );
my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",
"CAST", "MD2", "MD4", "MD5", "SHA", "SHA0", "SHA1",
Expand All @@ -103,6 +102,8 @@
"CMS",
# CryptoAPI Engine
"CAPIENG",
# JPAKE
"JPAKE",
# Deprecated functions
"DEPRECATED" );

Expand All @@ -123,7 +124,7 @@
my $no_ec; my $no_ecdsa; my $no_ecdh; my $no_engine; my $no_hw; my $no_camellia;
my $no_seed;
my $no_fp_api; my $no_static_engine; my $no_gmp; my $no_deprecated;
my $no_rfc3779; my $no_tlsext; my $no_cms; my $no_capieng;
my $no_rfc3779; my $no_tlsext; my $no_cms; my $no_capieng; my $no_jpake;
my $fips;


Expand Down Expand Up @@ -153,10 +154,6 @@
$zlib = 1;
}

if ($_ eq "enable-experimental-jpake") {
$jpake = 1;
}

$do_ssl=1 if $_ eq "ssleay";
if ($_ eq "ssl") {
$do_ssl=1;
Expand Down Expand Up @@ -216,6 +213,7 @@
elsif (/^no-tlsext$/) { $no_tlsext=1; }
elsif (/^no-cms$/) { $no_cms=1; }
elsif (/^no-capieng$/) { $no_capieng=1; }
elsif (/^no-jpake$/) { $no_jpake=1; }
}


Expand Down Expand Up @@ -556,10 +554,6 @@ sub do_defs
$tag{$tag[$tag_i]}=2;
print STDERR "DEBUG: $file: chaged tag $1 = 2\n" if $debug;
}
if ($tag[$tag_i] eq "OPENSSL_EXPERIMENTAL_".$1) {
$tag{$tag[$tag_i]}=-2;
print STDERR "DEBUG: $file: chaged tag $1 = -2\n" if $debug;
}
$tag_i--;
}
} elsif (/^\#\s*endif/) {
Expand All @@ -569,8 +563,6 @@ sub do_defs
print STDERR "DEBUG: \$t=\"$t\"\n" if $debug;
if ($tag{$t}==2) {
$tag{$t}=-1;
} elsif ($tag{$t}==-2) {
$tag{$t}=1;
} else {
$tag{$t}=0;
}
Expand Down Expand Up @@ -1109,9 +1101,6 @@ sub is_valid
return 1;
}
if ($keyword eq "ZLIB" && $zlib) { return 1; }
if ($keyword eq "OPENSSL_EXPERIMENTAL_JPAKE" && $jpake) {
return 1;
}
return 0;
} else {
# algorithms
Expand Down Expand Up @@ -1156,6 +1145,7 @@ sub is_valid
if ($keyword eq "TLSEXT" && $no_tlsext) { return 0; }
if ($keyword eq "CMS" && $no_cms) { return 0; }
if ($keyword eq "CAPIENG" && $no_capieng) { return 0; }
if ($keyword eq "JPAKE" && $no_jpake) { return 0; }
if ($keyword eq "DEPRECATED" && $no_deprecated) { return 0; }

# Nothing recognise as true
Expand Down

0 comments on commit 5a02ac6

Please sign in to comment.