Import of old SSLeay release: SSLeay 0.9.0b

diff --git a/COPYRIGHT b/COPYRIGHT
index 75b65cf1385e0cf9bb91afed0fc6703ab89c0270..4faa8c0a46c06721a92db4fa8515d955f92d6ff1 100644 (file)
--- a/COPYRIGHT
+++ b/COPYRIGHT
@@ -62,3 +62,4 @@ The reason behind this being stated in this direct manner is past
 experience in code simply being copied and the attribution removed
 from it and then being distributed as part of other packages. This
 implementation was a non-trivial and unpaid effort.
+

diff --git a/Configure b/Configure
index ab20385473983970e6e9c44e170ca9c20c93b23b..4f66d64e25c20d7ea6535450d79611e8702e2f3b 100755 (executable)
--- a/Configure
+++ b/Configure
@@ -21,18 +21,22 @@
 #              This is used on the DEC Alpha where long is 8 bytes
 #              and int is 4
 # BN_LLONG     use the type 'long long' in crypto/bn/bn.h
-# MD2_CHAR     use 'char' instead of 'int' for MD2_INT in crypto/md/md2.h
-# MD2_LONG     use 'long' instead of 'int' for MD2_INT in crypto/md/md2.h
+# MD2_CHAR     use 'char' instead of 'int' for MD2_INT in crypto/md2/md2.h
+# MD2_LONG     use 'long' instead of 'int' for MD2_INT in crypto/md2/md2.h
 # IDEA_SHORT   use 'short' instead of 'int' for IDEA_INT in crypto/idea/idea.h
 # IDEA_LONG    use 'long' instead of 'int' for IDEA_INT in crypto/idea/idea.h
 # RC2_SHORT    use 'short' instead of 'int' for RC2_INT in crypto/rc2/rc2.h
 # RC2_LONG     use 'long' instead of 'int' for RC2_INT in crypto/rc2/rc2.h
 # RC4_CHAR     use 'char' instead of 'int' for RC4_INT in crypto/rc4/rc4.h
 # RC4_LONG     use 'long' instead of 'int' for RC4_INT in crypto/rc4/rc4.h
-# RC4_INDEX    define RC4_INDEX in crypto/rc4/rc4_enc.c.  This turns on
+# RC4_INDEX    define RC4_INDEX in crypto/rc4/rc4_locl.h.  This turns on
 #              array lookups instead of pointer use.
 # BF_PTR       use 'pointer arithmatic' for Blowfish (unsafe on Alpha).
 # BF_PTR2      use a pentium/intel specific version.
+# MD5_ASM      use some extra md5 assember,
+# SHA1_ASM     use some extra sha1 assember, must define L_ENDIAN for x86
+# RMD160_ASM   use some extra ripemd160 assember,
+# BN_ASM       use some extra bn assember,
 
 $x86_gcc_des="DES_PTR DES_RISC1 DES_UNROLL";
 
@@ -51,7 +55,13 @@ $tlib="-lnsl -lsocket";
 $bits1="THIRTY_TWO_BIT ";
 $bits2="SIXTY_FOUR_BIT ";
 
-# -DB_ENDIAN slows things down on a sparc
+$x86_sol_asm="asm/bn86-sol.o:asm/dx86-sol.o asm/yx86-sol.o:asm/bx86-sol.o:asm/mx86-sol.o:asm/sx86-sol.o:asm/cx86-sol.o:asm/rx86-sol.o:asm/rm86-sol.o:asm/r586-sol.o";
+$x86_elf_asm="asm/bn86-elf.o:asm/dx86-elf.o asm/yx86-elf.o:asm/bx86-elf.o:asm/mx86-elf.o:asm/sx86-elf.o:asm/cx86-elf.o:asm/rx86-elf.o:asm/rm86-elf.o:asm/r586-elf.o";
+$x86_out_asm="asm/bn86-out.o:asm/dx86-out.o asm/yx86-out.o:asm/bx86-out.o:asm/mx86-out.o:asm/sx86-out.o:asm/cx86-out.o:asm/rx86-out.o:asm/rm86-out.o:asm/r586-out.o";
+$x86_bsdi_asm="asm/bn86bsdi.o:asm/dx86bsdi.o asm/yx86bsdi.o:asm/bx86bsdi.o:asm/mx86bsdi.o:asm/sx86bsdi.o:asm/cx86bsdi.o:asm/rx86bsdi.o:asm/rm86bsdi.o:asm/r586bsdi.o";
+
+# -DB_ENDIAN slows things down on a sparc for md5, but helps sha1.
+# So the md5_locl.h file has an undef B_ENDIAN if sun is defined
 
 #config-string CC : CFLAGS : LDFLAGS : special header file mods:bn_asm \
 # des_asm:bf_asm
@@ -63,18 +73,17 @@ $bits2="SIXTY_FOUR_BIT ";
 
 # A few of my development configs
 "purify",      "purify gcc:-g -DPURIFY -Wall:-lsocket -lnsl::::",
-"debug",       "gcc:-DREF_CHECK -DCRYPTO_MDEBUG -g -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror:::::",
+"debug",       "gcc:-DREF_CHECK -DCRYPTO_MDEBUG -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror:::::",
 "dist",                "cc:-O -DNOPROTO::::",
 
 # Basic configs that should work on any box
 "gcc",         "gcc:-O3::BN_LLONG:::",
 "cc",          "cc:-O -DNOPROTO -DNOCONST:::::",
 
+
 # My solaris setups
-"solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -m486 -Wall -DL_ENDIAN:\
-       -lsocket -lnsl:BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-sol.o:asm/dx86-sol.o asm/cx86-sol.o:asm/bx86-sol.o",
-"solaris-sparc-gcc","gcc:-O3 -fomit-frame-pointer -mv8 -Wall:\
-       -lsocket -lnsl:BN_LLONG RC4_CHAR DES_UNROLL BF_PTR:::",
+"solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -m486 -Wall -DL_ENDIAN -DBN_ASM:-lsocket -lnsl:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_sol_asm:",
+"solaris-sparc-gcc","gcc:-O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN:-lsocket -lnsl:BN_LLONG RC4_CHAR DES_UNROLL BF_PTR:::",
 # DO NOT use /xO[34] on sparc with SC3.0. 
 # It is broken, and will not pass the tests
 "solaris-sparc-cc","cc:-fast -O -Xa -DB_ENDIAN:\
@@ -116,30 +125,44 @@ $bits2="SIXTY_FOUR_BIT ";
 "alpha400-cc", "cc:-arch host -tune host -fast -std -O4 -inline speed::SIXTY_FOUR_BIT_LONG:asm/alpha.o::",
 
 # The intel boxes :-), It would be worth seeing if bsdi-gcc can use the
-# x86-lnx.o file file since it is hand tweaked assembler.
-"linux-elf",   "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized::BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-lnx.o:asm/dx86-elf.o asm/cx86-elf.o:asm/bx86-elf.o",
-"debug-linux-elf","gcc:-DREF_CHECK -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall:-lefence:BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-lnx.o:asm/dx86-elf.o asm/cx86-elf.o:asm/bx86-elf.o",
-"linux-aout",  "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-lnxa.o:asm/dx86-out.o asm/cx86-out.o:asm/bx86-out.o",
-"NetBSD-sparc",        "gcc:-DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:::",
-"NetBSD-x86",  "gcc:-DTERMIOS -D_ANSI_SOURCE -O3 -fomit-frame-pointer -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-lnxa.o:asm/dx86-out.o asm/cx86-out.o:asm/bx86-out.o",
-"FreeBSD",   "gcc:-DTERMIOS -D_ANSI_SOURCE -fomit-frame-pointer -O3 -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-lnxa.o:asm/dx86-out.o asm/cx86-out.o:asm/bx86-out.o",
-#"bsdi-gcc",   "shlicc2:-O3 -ffast-math-m486::RSA_LLONG $x86_gcc_des $x86_gcc_opts:::",
-#"bsdi-gcc",     "gcc:-O3 -ffast-math -DPERL5 -m486::RSA_LLONG $x86_gc_des $x86_gcc_opts:asm/x86-bsdi.o:asm/dx86bsdi.o asm/cx86bsdi.o:asm/bx86bsdi.o",
-"bsdi-gcc",     "gcc:-O3 -ffast-math -DPERL5 -m486::RSA_LLONG $x86_gc_des $x86_gcc_opts:::",
-"nextstep",    "cc:-O3 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:::",
+# bn86-elf.o file file since it is hand tweaked assembler.
+"linux-elf",   "gcc:-DL_ENDIAN -DTERMIO -DBN_ASM -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
+"debug-linux-elf","gcc:-DREF_CHECK -DBN_ASM -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall:-lefence:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
+"linux-aout",  "gcc:-DL_ENDIAN -DTERMIO -DBN_ASM -O3 -fomit-frame-pointer -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_out_asm",
+"NetBSD-sparc",        "gcc:-DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:::",
+"NetBSD-m86",  "gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:::",
+"NetBSD-x86",  "gcc:-DTERMIOS -DBN_ASM -D_ANSI_SOURCE -O3 -fomit-frame-pointer -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:",
+"FreeBSD",   "gcc:-DTERMIOS -DBN_ASM -DL_ENDIAN -D_ANSI_SOURCE -fomit-frame-pointer -O3 -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_out_asm",
+#"bsdi-gcc",     "gcc:-O3 -ffast-math -DBN_ASM -DL_ENDIAN -DPERL5 -m486::RSA_LLONG $x86_gc_des $x86_gcc_opts:$x86_bsdi_asm",
+"nextstep",    "cc:-O3 -Wall -DBN_ASM::BN_LLONG $x86_gcc_des $x86_gcc_opts:::",
+# NCR MP-RAS UNIX ver 02.03.01
+"ncr-scde","cc:-O6 -Xa -Hoff=BEHAVED -686 -Hwide -Hiw:-lsocket -lnsl:$x86_gcc_des $x86_gcc_opts:::",
 
 # UnixWare 2.0
-"unixware-2.0","cc:-O:-lsocket -lnsl:$x86_gcc_des $x86_gcc_opts:::",
-"unixware-2.0-pentium","cc:-O -Kpentium -Kthread:-lsocket -lnsl:MD2_CHAR RC4_INDEX $x86_des_des::",
+"unixware-2.0","cc:-O -DFILIO_H:-lsocket -lnsl:$x86_gcc_des $x86_gcc_opts:::",
+"unixware-2.0-pentium","cc:-O -DFILIO_H -Kpentium -Kthread:-lsocket -lnsl:MD2_CHAR RC4_INDEX $x86_des_des::",
 
 # IBM's AIX.
 "aix-cc",   "cc:-O -DAIX -DB_ENDIAN::BN_LLONG RC4_CHAR:::",
 "aix-gcc",  "gcc:-O2 -DAIX -DB_ENDIAN::BN_LLONG RC4_CHAR:::",
 
+#
+# Cray T90 (SDSC)
+# It's Big-endian, but the algorithms work properly when B_ENDIAN is NOT
+# defined.  The T90 ints and longs are 8 bytes long, and apparently the
+# B_ENDIAN code assumes 4 byte ints.  Fortunately, the non-B_ENDIAN and
+# non L_ENDIAN code aligns the bytes in each word correctly.
+#
+# The BIT_FIELD_LIMITS define is to avoid two fatal compiler errors:
+#'Taking the address of a bit field is not allowed. '
+#'An expression with bit field exists as the operand of "sizeof" '
+# (written by Wayne Schroeder <schroede@SDSC.EDU>)
+"cray-t90-cc", "cc: -DBIT_FIELD_LIMITS -DTERMIOS::SIXTY_FOUR_BIT_LONG DES_INT:::",
+
 # DGUX, 88100.
 "dgux-R3-gcc", "gcc:-O3 -fomit-frame-pointer::RC4_INDEX DES_UNROLL:::",
 "dgux-R4-gcc", "gcc:-O3 -fomit-frame-pointer:-lnsl -lsocket:RC4_INDEX:RC4_INDEX DES_UNROLL:::",
-"dgux-R4-x86-gcc",     "gcc:-O3 -fomit-frame-pointer -DL_ENDIAN:-lnsl -lsocket:BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-lnx.o:asm/dx86-elf.o asm/cx86-elf.o:asm/bx86-elf.o",
+"dgux-R4-x86-gcc",     "gcc:-O3 -DBN_ASM -fomit-frame-pointer -DL_ENDIAN:-lnsl -lsocket:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
 
 # SCO 5
 "sco5-cc",  "cc:-O:-lsocket:$x86_gcc_des $x86_gcc_opts:::", # des options?
@@ -167,15 +190,21 @@ $Makefile="Makefile.ssl";
 $des_locl="crypto/des/des_locl.h";
 $des   ="crypto/des/des.h";
 $bn    ="crypto/bn/bn.h";
-$md2   ="crypto/md/md2.h";
+$md2   ="crypto/md2/md2.h";
 $rc4   ="crypto/rc4/rc4.h";
-$rc4_enc="crypto/rc4/rc4_enc.c";
+$rc4_locl="crypto/rc4/rc4_locl.h";
 $idea  ="crypto/idea/idea.h";
 $rc2   ="crypto/rc2/rc2.h";
 $bf    ="crypto/bf/bf_locl.h";
 $bn_mulw="bn_mulw.o";
 $des_enc="des_enc.o fcrypt_b.o";
 $bf_enc        ="bf_enc.o";
+$cast_enc="c_enc.o";
+$rc4_enc="rc4_enc.o";
+$rc5_enc="rc5_enc.o";
+$md5_obj="";
+$sha1_obj="";
+$rmd160_obj="";
 
 if ($#ARGV < 0)
        {
@@ -219,14 +248,33 @@ if (!defined($table{$target}))
        exit(1);
        }
 
-($cc,$cflags,$lflags,$bn_ops,$bn_obj,$des_obj,$bf_obj)=
+($cc,$cflags,$lflags,$bn_ops,$bn_obj,$des_obj,$bf_obj,$md5_obj,$sha1_obj,
+       $cast_obj,$rc4_obj,$rmd160_obj,$rc5_obj)=
        split(/\s*:\s*/,$table{$target});
 $cflags="$flags$cflags" if ($flags ne "");
 $lflags="$libs$lflags"if ($libs ne "");
 
-$bn_obj=$bn_mulw unless ($bn_obj =~ /\.o$/);
-$des_obj=$des_enc unless ($des_obj =~ /\.o$/);
-$bf_obj=$bf_enc unless ($bf_obj =~ /\.o$/);
+$bn_obj=$bn_mulw       unless ($bn_obj =~ /\.o$/);
+$des_obj=$des_enc      unless ($des_obj =~ /\.o$/);
+$bf_obj=$bf_enc                unless ($bf_obj =~ /\.o$/);
+$cast_obj=$cast_enc    unless ($cast_obj =~ /\.o$/);
+$rc4_obj=$rc4_enc      unless ($rc4_obj =~ /\.o$/);
+$rc5_obj=$rc5_enc      unless ($rc5_obj =~ /\.o$/);
+if ($sha1_obj =~ /\.o$/)
+       {
+#      $sha1_obj=$sha1_enc;
+       $cflags.=" -DSHA1_ASM";
+       }
+if ($md5_obj =~ /\.o$/)
+       {
+#      $md5_obj=$md5_enc;
+       $cflags.=" -DMD5_ASM";
+       }
+if ($rmd160_obj =~ /\.o$/)
+       {
+#      $rmd160_obj=$rmd160_enc;
+       $cflags.=" -DRMD160_ASM";
+       }
 
 $n=&file_new($Makefile);
 open(IN,"<".$Makefile) || die "unable to read $Makefile:$!\n";
@@ -240,18 +288,30 @@ while (<IN>)
        s/^BN_MULW=.*$/BN_MULW= $bn_obj/;
        s/^DES_ENC=.*$/DES_ENC= $des_obj/;
        s/^BF_ENC=.*$/BF_ENC= $bf_obj/;
+       s/^CAST_ENC=.*$/CAST_ENC= $cast_obj/;
+       s/^RC4_ENC=.*$/RC4_ENC= $rc4_obj/;
+       s/^RC5_ENC=.*$/RC5_ENC= $rc5_obj/;
+       s/^MD5_ASM_OBJ=.*$/MD5_ASM_OBJ= $md5_obj/;
+       s/^SHA1_ASM_OBJ=.*$/SHA1_ASM_OBJ= $sha1_obj/;
+       s/^RMD160_ASM_OBJ=.*$/RMD160_ASM_OBJ= $rmd160_obj/;
        print OUT $_."\n";
        }
 close(IN);
 close(OUT);
 &Rename($Makefile,&file_old($Makefile));
 &Rename($n,$Makefile);
-print "CC     =$cc\n";
-print "CFLAG  =$cflags\n";
-print "EX_LIBS=$lflags\n";
-print "BN_MULW=$bn_obj\n";
-print "DES_ENC=$des_obj\n";
-print "BF_ENC =$bf_obj\n";
+print "CC            =$cc\n";
+print "CFLAG         =$cflags\n";
+print "EX_LIBS       =$lflags\n";
+print "BN_MULW       =$bn_obj\n";
+print "DES_ENC       =$des_obj\n";
+print "BF_ENC        =$bf_obj\n";
+print "CAST_ENC      =$cast_obj\n";
+print "RC4_ENC       =$rc4_obj\n";
+print "RC5_ENC       =$rc5_obj\n";
+print "MD5_OBJ_ASM   =$md5_obj\n";
+print "SHA1_OBJ_ASM  =$sha1_obj\n";
+print "RMD160_OBJ_ASM=$rmd160_obj\n";
 
 $des_ptr=0;
 $des_risc1=0;
@@ -287,8 +347,8 @@ foreach (sort split(/\s+/,$bn_ops))
        $rc2_int=3 if /RC2_LONG/;
        $bf_ptr=1 if $_ eq "BF_PTR";
        $bf_ptr=2 if $_ eq "BF_PTR2";
-       ($b64l,$b64,$b32,$b16,$b8)=(1,0,0,0,0) if /SIXTY_FOUR_BIT_LONG/;
        ($b64l,$b64,$b32,$b16,$b8)=(0,1,0,0,0) if /SIXTY_FOUR_BIT/;
+       ($b64l,$b64,$b32,$b16,$b8)=(1,0,0,0,0) if /SIXTY_FOUR_BIT_LONG/;
        ($b64l,$b64,$b32,$b16,$b8)=(0,0,1,0,0) if /THIRTY_TWO_BIT/;
        ($b64l,$b64,$b32,$b16,$b8)=(0,0,0,1,0) if /SIXTEEN_BIT/;
        ($b64l,$b64,$b32,$b16,$b8)=(0,0,0,0,1) if /EIGHT_BIT/;
@@ -375,9 +435,9 @@ close(OUT);
 &Rename($rc4,&file_old($rc4));
 &Rename($n,$rc4);
 
-(($in=$rc4_enc) =~ s/\.([^.]+)/.$postfix/);
-$n=&file_new($rc4_enc);
-open(IN,"<".$in) || die "unable to read $rc4_enc:$!\n";
+(($in=$rc4_locl) =~ s/\.([^.]+)/.$postfix/);
+$n=&file_new($rc4_locl);
+open(IN,"<".$in) || die "unable to read $rc4_locl:$!\n";
 open(OUT,">$n") || die "unable to read $n:$!\n";
 while (<IN>)
        {
@@ -388,8 +448,8 @@ while (<IN>)
        }
 close(IN);
 close(OUT);
-&Rename($rc4_enc,&file_old($rc4_enc));
-&Rename($n,$rc4_enc);
+&Rename($rc4_locl,&file_old($rc4_locl));
+&Rename($n,$rc4_locl);
 
 (($in=$md2) =~ s/\.([^.]+)/.$postfix/);
 $n=&file_new($md2);

diff --git a/HISTORY b/HISTORY
index 7844faa55d901386cae589b3d7250ae701e37805..7712100038657dd63e4a3e7532453026a0540073 100644 (file)
--- a/HISTORY
+++ b/HISTORY
@@ -1,3 +1,193 @@
+16-Mar-98
+       - Patch for Cray T90 from Wayne Schroeder <schroede@SDSC.EDU>
+       - Lots and lots of changes
+
+29-Jan-98
+       - ASN1_BIT_STRING_set_bit()/ASN1_BIT_STRING_get_bit() from
+         Goetz Babin-Ebell <babinebell@trustcenter.de>.
+       - SSL_version() now returns SSL2_VERSION, SSL3_VERSION or
+         TLS1_VERSION.
+
+7-Jan-98
+       - Finally reworked the cipher string to ciphers again, so it
+         works correctly
+       - All the app_data stuff is now ex_data with funcion calls to access.
+         The index is supplied by a function and 'methods' can be setup
+         for the types that are called on XXX_new/XXX_free.  This lets
+         applications get notified on creation and destruction.  Some of
+         the RSA methods could be implemented this way and I may do so.
+       - Oh yes, SSL under perl5 is working at the basic level.
+
+15-Dec-97
+       - Warning - the gethostbyname cache is not fully thread safe,
+         but it should work well enough.
+       - Major internal reworking of the app_data stuff.  More functions
+         but if you were accessing ->app_data directly, things will
+         stop working.
+       - The perlv5 stuff is working.  Currently on message digests,
+         ciphers and the bignum library.
+
+9-Dec-97
+       - Modified re-negotiation so that server initated re-neg
+         will cause a SSL_read() to return -1 should retry.
+         The danger otherwise was that the server and the
+         client could end up both trying to read when using non-blocking
+         sockets.
+
+4-Dec-97
+       - Lots of small changes
+       - Fix for binaray mode in Windows for the FILE BIO, thanks to
+         Bob Denny <rdenny@dc3.com>
+
+17-Nov-97
+       - Quite a few internal cleanups, (removal of errno, and using macros
+         defined in e_os.h).
+       - A bug in ca.c, pointed out by yasuyuki-ito@d-cruise.co.jp, where
+         the automactic naming out output files was being stuffed up.
+
+29-Oct-97
+       - The Cast5 cipher has been added.  MD5 and SHA-1 are now in assember
+         for x86.
+
+21-Oct-97
+       - Fixed a bug in the BIO_gethostbyname() cache.
+
+15-Oct-97
+       - cbc mode for blowfish/des/3des is now in assember.  Blowfish asm
+         has also been improved.  At this point in time, on the pentium,
+         md5 is %80 faster, the unoptimesed sha-1 is %79 faster,
+         des-cbc is %28 faster, des-ede3-cbc is %9 faster and blowfish-cbc
+         is %62 faster.
+
+12-Oct-97
+       - MEM_BUF_grow() has been fixed so that it always sets the buf->length
+         to the value we are 'growing' to.  Think of MEM_BUF_grow() as the
+         way to set the length value correctly.
+
+10-Oct-97
+       - I now hash for certificate lookup on the raw DER encoded RDN (md5).
+         This breaks things again :-(.  This is efficent since I cache
+         the DER encoding of the RDN.
+       - The text DN now puts in the numeric OID instead of UNKNOWN.
+       - req can now process arbitary OIDs in the config file.
+       - I've been implementing md5 in x86 asm, much faster :-).
+       - Started sha1 in x86 asm, needs more work.
+       - Quite a few speedups in the BN stuff.  RSA public operation
+         has been made faster by caching the BN_MONT_CTX structure.
+         The calulating of the Ai where A*Ai === 1 mod m was rather
+         expensive.  Basically a 40-50% speedup on public operations.
+         The RSA speedup is now 15% on pentiums and %20 on pentium
+         pro.
+
+30-Sep-97
+       - After doing some profiling, I added x86 adm for bn_add_words(),
+         which just adds 2 arrays of longs together.  A %10 speedup
+         for 512 and 1024 bit RSA on the pentium pro.
+
+29-Sep-97
+       - Converted the x86 bignum assembler to us the perl scripts
+         for generation.
+
+23-Sep-97
+       - If SSL_set_session() is passed a NULL session, it now clears the
+         current session-id.
+
+22-Sep-97
+       - Added a '-ss_cert file' to apps/ca.c.  This will sign selfsigned
+         certificates.
+       - Bug in crypto/evp/encode.c where by decoding of 65 base64
+         encoded lines, one line at a time (via a memory BIO) would report
+         EOF after the first line was decoded.
+       - Fix in X509_find_by_issuer_and_serial() from
+         Dr Stephen Henson <shenson@bigfoot.com>
+
+19-Sep-97
+       - NO_FP_API and NO_STDIO added.
+       - Put in sh config command.  It auto runs Configure with the correct
+         parameters.
+
+18-Sep-97
+       - Fix x509.c so if a DSA cert has different parameters to its parent,
+         they are left in place.  Not tested yet.
+
+16-Sep-97
+       - ssl_create_cipher_list() had some bugs, fixes from
+         Patrick Eisenacher <eisenach@stud.uni-frankfurt.de>
+       - Fixed a bug in the Base64 BIO, where it would return 1 instead
+         of -1 when end of input was encountered but should retry.
+         Basically a Base64/Memory BIO interaction problem.
+       - Added a HMAC set of functions in preporarion for TLS work.
+
+15-Sep-97
+       - Top level makefile tweak - Cameron Simpson <cs@zip.com.au>
+       - Prime generation spead up %25 (512 bit prime, pentium pro linux)
+         by using montgomery multiplication in the prime number test.
+
+11-Sep-97
+       - Ugly bug in ssl3_write_bytes().  Basically if application land
+         does a SSL_write(ssl,buf,len) where len > 16k, the SSLv3 write code
+         did not check the size and tried to copy the entire buffer.
+         This would tend to cause memory overwrites since SSLv3 has
+         a maximum packet size of 16k.  If your program uses
+         buffers <= 16k, you would probably never see this problem.
+       - Fixed a new errors that were cause by malloc() not returning
+         0 initialised memory..
+       - SSL_OP_NETSCAPE_CA_DN_BUG was being switched on when using
+         SSL_CTX_set_options(ssl_ctx,SSL_OP_ALL); which was a bad thing
+         since this flags stops SSLeay being able to handle client
+         cert requests correctly.
+
+08-Sep-97
+       - SSL_SESS_CACHE_NO_INTERNAL_LOOKUP option added.  When switched
+         on, the SSL server routines will not use a SSL_SESSION that is
+         held in it's cache.  This in intended to be used with the session-id
+         callbacks so that while the session-ids are still stored in the
+         cache, the decision to use them and how to look them up can be
+         done by the callbacks.  The are the 'new', 'get' and 'remove'
+         callbacks.  This can be used to determine the session-id
+         to use depending on information like which port/host the connection
+         is coming from.  Since the are also SSL_SESSION_set_app_data() and
+         SSL_SESSION_get_app_data() functions, the application can hold
+         information against the session-id as well.
+
+03-Sep-97
+       - Added lookup of CRLs to the by_dir method,
+         X509_load_crl_file() also added.  Basically it means you can
+         lookup CRLs via the same system used to lookup certificates.
+       - Changed things so that the X509_NAME structure can contain
+         ASN.1 BIT_STRINGS which is required for the unique
+         identifier OID.
+       - Fixed some problems with the auto flushing of the session-id
+         cache.  It was not occuring on the server side.
+
+02-Sep-97
+       - Added SSL_CTX_sess_cache_size(SSL_CTX *ctx,unsigned long size)
+         which is the maximum number of entries allowed in the
+         session-id cache.  This is enforced with a simple FIFO list.
+         The default size is 20*1024 entries which is rather large :-).
+         The Timeout code is still always operating.
+
+01-Sep-97
+       - Added an argument to all the 'generate private key/prime`
+         callbacks.  It is the last parameter so this should not
+         break existing code but it is needed for C++.
+       - Added the BIO_FLAGS_BASE64_NO_NL flag for the BIO_f_base64()
+         BIO.  This lets the BIO read and write base64 encoded data
+         without inserting or looking for '\n' characters.  The '-A'
+         flag turns this on when using apps/enc.c.
+       - RSA_NO_PADDING added to help BSAFE functionality.  This is a
+         very dangerous thing to use, since RSA private key
+         operations without random padding bytes (as PKCS#1 adds) can
+         be attacked such that the private key can be revealed.
+       - ASN.1 bug and rc2-40-cbc and rc4-40 added by
+         Dr Stephen Henson <shenson@bigfoot.com>
+
+31-Aug-97 (stuff added while I was away)       
+       - Linux pthreads by Tim Hudson (tjh@cryptsoft.com).
+       - RSA_flags() added allowing bypass of pub/priv match check
+         in ssl/ssl_rsa.c - Tim Hudson.
+       - A few minor bugs.
+
 SSLeay 0.8.1 released.
 
 19-Jul-97

diff --git a/INSTALL b/INSTALL
index 9cbdfd7d33c423803f57179013c3a937ae4947ce..d394bf8a7b9eac0cc96d14069e34ba6673443211 100644 (file)
--- a/INSTALL
+++ b/INSTALL
@@ -38,7 +38,7 @@ make -f Makefile.ssl links
 Makefile.ssl           CC CFLAG EX_LIBS BN_MULW
 crypto/des/des.h       DES_LONG
 crypto/des/des_locl.h  DES_PTR
-crypto/md/md2.h                MD2_INT
+crypto/md2/md2.h       MD2_INT
 crypto/rc4/rc4.h       RC4_INT
 crypto/rc4/rc4_enc.c   RC4_INDEX
 crypto/rc2/rc2.h       RC2_INT

diff --git a/MINFO b/MINFO
index 024b85dc9e83dc13964377df2de13580743b7c59..0509f336489e6b62da5247dc7d2596553038e411 100644 (file)
--- a/MINFO
+++ b/MINFO
@@ -3,12 +3,13 @@ AR=ar r
 BASENAME=SSLeay
 BF_ENC=bf_enc.o
 BN_MULW=bn_mulw.o
+CAST_ENC=c_enc.o
 CC=cc
 CFLAG=-O -DNOPROTO
 DES_ENC=des_enc.o fcrypt_b.o
 DIRS=crypto ssl rsaref apps test tools
-EDIRS=times doc bugs util include certs ms shlib mt demos
-EX_HEADER=
+EDIRS=times doc bugs util include certs ms shlib mt demos perl dep
+EXHEADER=e_os.h
 EX_LIBS=
 GENERAL=Makefile
 HEADER=e_os.h
@@ -18,25 +19,32 @@ MAKE=make -f Makefile.ssl
 MAKEFILE=Makefile.ssl
 MAN1=1
 MAN3=3
-MISC=COPYRIGHT Configure HISTORY.066 INSTALL Makefile.ssl Makefile README TODO HISTORY README.066 README.080 VERSION PROBLEMS MINFO makefile.one e_os.h MICROSOFT makevms.com
-NAME=SSLeay-0.8.1
+MD5_ASM_OBJ=
+MISC=COPYRIGHT Configure HISTORY.066 INSTALL Makefile.ssl Makefile README TODO HISTORY README.066 README.080 README.090 VERSION PROBLEMS MINFO makefile.one e_os.h MICROSOFT makevms.com config PATENTS
+NAME=SSLeay-0.9.0
 ONEDIRS=out tmp
 PEX_LIBS=-L. -L.. -L../.. -L../../..
-SDIRS=md sha mdc2 des rc4 rc2 idea bf bn rsa dsa dh buffer bio stack lhash rand err objects evp pem asn1 x509 conf txt_db pkcs7
+RC4_ENC=rc4_enc.o
+RC5_ENC=rc5_enc.o
+RMD160_ASM_OBJ=
+SDIRS=md2 md5 sha mdc2 hmac ripemd des rc2 rc4 rc5 idea bf cast bn rsa dsa dh buffer bio stack lhash rand err objects evp pem asn1 x509 conf txt_db pkcs7
+SHA1_ASM_OBJ=
 SHELL=/bin/sh
-TARFILE=SSLeay-0.8.1.tar
+TARFILE=SSLeay-0.9.0.tar
 TOP=.
-VERSION=0.8.1
+VERSION=0.9.0
 WDIRS=windows
-WTARFILE=SSLeay-0.8.1-win.tar
+WTARFILE=SSLeay-0.9.0-win.tar
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto
-ALL=Makefile README cryptlib.c mem.c cversion.c cryptlib.h date.h crypto.h cryptall.h
+ALL=Makefile README cryptlib.c mem.c cversion.c ex_data.c cpt_err.c cryptlib.h date.h crypto.h cryptall.h
 AR=ar r
 CC=cc
 CFLAG=-g
 CFLAGS=-I. -I../include -g -DCFLAGS=" \"cc -g\" "
 DIR=crypto
+ERR=crypto
+ERRC=cpt_err
 EXHEADER=crypto.h cryptall.h
 EX_LIBS=
 GENERAL=Makefile README
@@ -45,39 +53,64 @@ INCLUDE=-I. -I../include
 INCLUDES=-I.. -I../../include
 INSTALLTOP=/usr/local/ssl
 LIB=../libcrypto.a
-LIBOBJ=cryptlib.o mem.o cversion.o
+LIBOBJ=cryptlib.o mem.o cversion.o ex_data.o cpt_err.o
 LIBS=
-LIBSRC=cryptlib.c mem.c cversion.c
+LIBSRC=cryptlib.c mem.c cversion.c ex_data.c cpt_err.c
 MAKE=make -f Makefile.ssl
 MAKEDEPEND=makedepend -f Makefile.ssl
 MAKEFILE=Makefile.ssl
 PEX_LIBS=
 RM=/bin/rm -f
-SDIRS=md sha mdc2 des rc4 rc2 idea bf bn rsa dsa dh buffer bio stack lhash rand err objects evp pem x509 asn1 conf txt_db pkcs7
-SRC=cryptlib.c mem.c cversion.c
+SDIRS=md2 md5 sha mdc2 hmac ripemd des rc2 rc4 rc5 idea bf cast bn rsa dsa dh buffer bio stack lhash rand err objects evp pem x509 asn1 conf txt_db pkcs7
+SRC=cryptlib.c mem.c cversion.c ex_data.c cpt_err.c
 TOP=..
 RELATIVE_DIRECTORY=
-RELATIVE_DIRECTORY=crypto/md
-ALL=Makefile md2_dgst.c md5_dgst.c md2_one.c md5_one.c md5_locl.h md2.h md5.h
+RELATIVE_DIRECTORY=crypto/md2
+ALL=Makefile md2_dgst.c md5_one.c md2.h
 APPS=
 AR=ar r
 CC=cc
 CFLAG=-g
 CFLAGS= -g
 DIR=md
-EXHEADER=md2.h md5.h
+EXHEADER=md2.h
 GENERAL=Makefile
-HEADER=md5_locl.h md2.h md5.h
+HEADER=md2.h
 INCLUDES=
 INSTALLTOP=/usr/local/ssl
 LIB=../../libcrypto.a
-LIBOBJ=md2_dgst.o md5_dgst.o md2_one.o md5_one.o
-LIBSRC=md2_dgst.c md5_dgst.c md2_one.c md5_one.c
+LIBOBJ=md2_dgst.o md2_one.o
+LIBSRC=md2_dgst.c md5_one.c
 MAKE=make -f Makefile.ssl
 MAKEDEPEND=makedepend -f Makefile.ssl
 MAKEFILE=Makefile.ssl
-SRC=md2_dgst.c md5_dgst.c md2_one.c md5_one.c
-TEST=md2test.c md5test.c
+SRC=md2_dgst.c md5_one.c
+TEST=md2test.c
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/md5
+ALL=Makefile md5_dgst.c md5_one.c md5_locl.h md5.h
+APPS=md5.c
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+CPP=cc -E
+DIR=md5
+EXHEADER=md5.h
+GENERAL=Makefile
+HEADER=md5_locl.h md5.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=md5_dgst.o md5_one.o 
+LIBSRC=md5_dgst.c md5_one.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+MD5_ASM_OBJ=
+SRC=md5_dgst.c md5_one.c
+TEST=md5test.c
 TOP=../..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto/sha
@@ -94,11 +127,12 @@ HEADER=sha_locl.h sha.h
 INCLUDES=
 INSTALLTOP=/usr/local/ssl
 LIB=../../libcrypto.a
-LIBOBJ=sha_dgst.o sha1dgst.o sha_one.o sha1_one.o
+LIBOBJ=sha_dgst.o sha1dgst.o sha_one.o sha1_one.o 
 LIBSRC=sha_dgst.c sha1dgst.c sha_one.c sha1_one.c
 MAKE=make -f Makefile.ssl
 MAKEDEPEND=makedepend -f Makefile.ssl
 MAKEFILE=Makefile.ssl
+SHA1_ASM_OBJ=
 SRC=sha_dgst.c sha1dgst.c sha_one.c sha1_one.c
 TEST=shatest.c sha1test.c
 TOP=../..
@@ -126,8 +160,56 @@ SRC=mdc2dgst.c mdc2_one.c
 TEST=mdc2test.c
 TOP=../..
 RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/hmac
+ALL=Makefile hmac.c hmac.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+DIR=hmac
+EXHEADER=hmac.h
+GENERAL=Makefile
+HEADER=hmac.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=hmac.o
+LIBSRC=hmac.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=hmac.c
+TEST=hmactest.c
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/ripemd
+ALL=Makefile rmd_dgst.c rmd_one.c rmd_locl.h rmdconst.h ripemd.h
+APPS=rmd160.c
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+CPP=cc -E
+DIR=ripemd
+EXHEADER=ripemd.h
+GENERAL=Makefile
+HEADER=rmd_locl.h rmdconst.h ripemd.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=rmd_dgst.o rmd_one.o 
+LIBSRC=rmd_dgst.c rmd_one.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+RIP_ASM_OBJ=
+SRC=rmd_dgst.c rmd_one.c
+TEST=rmdtest.c
+TOP=../..
+RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto/des
-ALL=Makefile des.org des_locl.org cbc3_enc.c cbc_cksm.c cbc_enc.c cfb64enc.c cfb_enc.c ecb3_enc.c ecb_enc.c ede_enc.c enc_read.c enc_writ.c fcrypt.c ncbc_enc.c ofb64enc.c ofb_enc.c pcbc_enc.c qud_cksm.c rand_key.c read_pwd.c rpc_enc.c set_key.c des_enc.c fcrypt_b.c read2pwd.c fcrypt.c xcbc_enc.c str2key.c cfb64ede.c ofb64ede.c supp.c des_locl.h rpc_des.h podd.h sk.h spr.h des_ver.h des.h
+ALL=Makefile des.org des_locl.org cbc_cksm.c cbc_enc.c cfb64enc.c cfb_enc.c ecb3_enc.c ecb_enc.c enc_read.c enc_writ.c fcrypt.c ofb64enc.c ofb_enc.c pcbc_enc.c qud_cksm.c rand_key.c read_pwd.c rpc_enc.c set_key.c des_enc.c fcrypt_b.c read2pwd.c fcrypt.c xcbc_enc.c str2key.c cfb64ede.c ofb64ede.c supp.c des_locl.h rpc_des.h podd.h sk.h spr.h des_ver.h des.h
 APPS=
 AR=ar r
 CC=cc
@@ -142,17 +224,40 @@ HEADER=des_locl.h rpc_des.h podd.h sk.h spr.h des_ver.h des.h
 INCLUDES=
 INSTALLTOP=/usr/local/ssl
 LIB=../../libcrypto.a
-LIBOBJ=set_key.o ecb_enc.o ede_enc.o cbc_enc.o cbc3_enc.o ecb3_enc.o cfb64enc.o cfb64ede.o cfb_enc.o ofb64ede.o enc_read.o enc_writ.o ncbc_enc.o ofb64enc.o ofb_enc.o str2key.o pcbc_enc.o qud_cksm.o rand_key.o des_enc.o fcrypt_b.o read2pwd.o fcrypt.o xcbc_enc.o read_pwd.o rpc_enc.o cbc_cksm.o supp.o
-LIBSRC=cbc3_enc.c cbc_cksm.c cbc_enc.c cfb64enc.c cfb_enc.c ecb3_enc.c ecb_enc.c ede_enc.c enc_read.c enc_writ.c fcrypt.c ncbc_enc.c ofb64enc.c ofb_enc.c pcbc_enc.c qud_cksm.c rand_key.c read_pwd.c rpc_enc.c set_key.c des_enc.c fcrypt_b.c read2pwd.c fcrypt.c xcbc_enc.c str2key.c cfb64ede.c ofb64ede.c supp.c
+LIBOBJ=set_key.o ecb_enc.o cbc_enc.o ecb3_enc.o cfb64enc.o cfb64ede.o cfb_enc.o ofb64ede.o enc_read.o enc_writ.o ofb64enc.o ofb_enc.o str2key.o pcbc_enc.o qud_cksm.o rand_key.o des_enc.o fcrypt_b.o read2pwd.o fcrypt.o xcbc_enc.o read_pwd.o rpc_enc.o cbc_cksm.o supp.o
+LIBSRC=cbc_cksm.c cbc_enc.c cfb64enc.c cfb_enc.c ecb3_enc.c ecb_enc.c enc_read.c enc_writ.c fcrypt.c ofb64enc.c ofb_enc.c pcbc_enc.c qud_cksm.c rand_key.c read_pwd.c rpc_enc.c set_key.c des_enc.c fcrypt_b.c read2pwd.c fcrypt.c xcbc_enc.c str2key.c cfb64ede.c ofb64ede.c supp.c
 MAKE=make -f Makefile.ssl
 MAKEDEPEND=makedepend -f Makefile.ssl
 MAKEFILE=Makefile.ssl
-SRC=cbc3_enc.c cbc_cksm.c cbc_enc.c cfb64enc.c cfb_enc.c ecb3_enc.c ecb_enc.c ede_enc.c enc_read.c enc_writ.c fcrypt.c ncbc_enc.c ofb64enc.c ofb_enc.c pcbc_enc.c qud_cksm.c rand_key.c read_pwd.c rpc_enc.c set_key.c des_enc.c fcrypt_b.c read2pwd.c fcrypt.c xcbc_enc.c str2key.c cfb64ede.c ofb64ede.c supp.c
+SRC=cbc_cksm.c cbc_enc.c cfb64enc.c cfb_enc.c ecb3_enc.c ecb_enc.c enc_read.c enc_writ.c fcrypt.c ofb64enc.c ofb_enc.c pcbc_enc.c qud_cksm.c rand_key.c read_pwd.c rpc_enc.c set_key.c des_enc.c fcrypt_b.c read2pwd.c fcrypt.c xcbc_enc.c str2key.c cfb64ede.c ofb64ede.c supp.c
 TEST=destest.c
 TOP=../..
 RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/rc2
+ALL=Makefile rc2_ecb.c rc2_skey.c rc2_cbc.c rc2cfb64.c rc2ofb64.c rc2_locl.h rc2.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+DIR=rc2
+EXHEADER=rc2.h
+GENERAL=Makefile
+HEADER=rc2_locl.h rc2.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=rc2_ecb.o rc2_skey.o rc2_cbc.o rc2cfb64.o rc2ofb64.o
+LIBSRC=rc2_ecb.c rc2_skey.c rc2_cbc.c rc2cfb64.c rc2ofb64.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=rc2_ecb.c rc2_skey.c rc2_cbc.c rc2cfb64.c rc2ofb64.c
+TEST=rc2test.c
+TOP=../..
+RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto/rc4
-ALL=Makefile rc4_enc.c rc4.h
+ALL=Makefile rc4_skey.c rc4_enc.c rc4.h rc4_locl.h
 APPS=
 AR=ar r
 CC=cc
@@ -161,40 +266,43 @@ CFLAGS= -g
 DIR=rc4
 EXHEADER=rc4.h
 GENERAL=Makefile
-HEADER=rc4.h
+HEADER=rc4.h rc4_locl.h
 INCLUDES=
 INSTALLTOP=/usr/local/ssl
 LIB=../../libcrypto.a
-LIBOBJ=rc4_enc.o
-LIBSRC=rc4_enc.c
+LIBOBJ=rc4_skey.o rc4_enc.o
+LIBSRC=rc4_skey.c rc4_enc.c
 MAKE=make -f Makefile.ssl
 MAKEDEPEND=makedepend -f Makefile.ssl
 MAKEFILE=Makefile.ssl
-SRC=rc4_enc.c
+RC4_ENC=rc4_enc.o
+SRC=rc4_skey.c rc4_enc.c
 TEST=rc4test.c
 TOP=../..
 RELATIVE_DIRECTORY=
-RELATIVE_DIRECTORY=crypto/rc2
-ALL=Makefile rc2_ecb.c rc2_skey.c rc2_cbc.c rc2cfb64.c rc2ofb64.c rc2_locl.h rc2.h
+RELATIVE_DIRECTORY=crypto/rc5
+ALL=Makefile rc5_skey.c rc5_ecb.c rc5_enc.c rc5cfb64.c rc5ofb64.c rc5_locl.h rc5.h
 APPS=
 AR=ar r
 CC=cc
 CFLAG=-g
 CFLAGS= -g
-DIR=rc2
-EXHEADER=rc2.h
+CPP=cc -E
+DIR=rc5
+EXHEADER=rc5.h
 GENERAL=Makefile
-HEADER=rc2_locl.h rc2.h
+HEADER=rc5_locl.h rc5.h
 INCLUDES=
 INSTALLTOP=/usr/local/ssl
 LIB=../../libcrypto.a
-LIBOBJ=rc2_ecb.o rc2_skey.o rc2_cbc.o rc2cfb64.o rc2ofb64.o
-LIBSRC=rc2_ecb.c rc2_skey.c rc2_cbc.c rc2cfb64.c rc2ofb64.c
+LIBOBJ=rc5_skey.o rc5_ecb.o rc5_enc.o rc5cfb64.o rc5ofb64.o
+LIBSRC=rc5_skey.c rc5_ecb.c rc5_enc.c rc5cfb64.c rc5ofb64.c
 MAKE=make -f Makefile.ssl
 MAKEDEPEND=makedepend -f Makefile.ssl
 MAKEFILE=Makefile.ssl
-SRC=rc2_ecb.c rc2_skey.c rc2_cbc.c rc2cfb64.c rc2ofb64.c
-TEST=rc2test.c
+RC5_ENC=rc5_enc.o
+SRC=rc5_skey.c rc5_ecb.c rc5_enc.c rc5cfb64.c rc5ofb64.c
+TEST=rc5test.c
 TOP=../..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto/idea
@@ -221,7 +329,7 @@ TEST=ideatest.c
 TOP=../..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto/bf
-ALL=Makefile bf_skey.c bf_ecb.c bf_enc.c bf_cbc.c bf_cfb64.c bf_ofb64.c bf_pi.h bf_locl.h blowfish.h
+ALL=Makefile bf_skey.c bf_ecb.c bf_enc.c bf_cfb64.c bf_ofb64.c bf_pi.h bf_locl.h blowfish.h
 APPS=
 AR=ar r
 BF_ENC=bf_enc.o
@@ -236,17 +344,42 @@ HEADER=bf_pi.h bf_locl.h blowfish.h
 INCLUDES=
 INSTALLTOP=/usr/local/ssl
 LIB=../../libcrypto.a
-LIBOBJ=bf_skey.o bf_ecb.o bf_enc.o bf_cbc.o bf_cfb64.o bf_ofb64.o
-LIBSRC=bf_skey.c bf_ecb.c bf_enc.c bf_cbc.c bf_cfb64.c bf_ofb64.c
+LIBOBJ=bf_skey.o bf_ecb.o bf_enc.o bf_cfb64.o bf_ofb64.o
+LIBSRC=bf_skey.c bf_ecb.c bf_enc.c bf_cfb64.c bf_ofb64.c
 MAKE=make -f Makefile.ssl
 MAKEDEPEND=makedepend -f Makefile.ssl
 MAKEFILE=Makefile.ssl
-SRC=bf_skey.c bf_ecb.c bf_enc.c bf_cbc.c bf_cfb64.c bf_ofb64.c
+SRC=bf_skey.c bf_ecb.c bf_enc.c bf_cfb64.c bf_ofb64.c
 TEST=bftest.c
 TOP=../..
 RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/cast
+ALL=Makefile c_skey.c c_ecb.c c_enc.c c_cfb64.c c_ofb64.c cast_s.h cast_lcl.h cast.h
+APPS=
+AR=ar r
+CAST_ENC=c_enc.o
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+CPP=cc -E
+DIR=cast
+EXHEADER=cast.h
+GENERAL=Makefile
+HEADER=cast_s.h cast_lcl.h cast.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=c_skey.o c_ecb.o c_enc.o c_cfb64.o c_ofb64.o
+LIBSRC=c_skey.c c_ecb.c c_enc.c c_cfb64.c c_ofb64.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=c_skey.c c_ecb.c c_enc.c c_cfb64.c c_ofb64.c
+TEST=casttest.c
+TOP=../..
+RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto/bn
-ALL=Makefile bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mod.c bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_sub.c bn_word.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_mulw.c bn_recp.c bn_mont.c bn_lcl.h bn_prime.h bn.h
+ALL=Makefile bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mod.c bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_sub.c bn_word.c bn_blind.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_mulw.c bn_recp.c bn_mont.c bn_mpi.c bn_lcl.h bn_prime.h bn.h
 APPS=
 AR=ar r
 BN_MULW=bn_mulw.o
@@ -262,17 +395,17 @@ HEADER=bn_lcl.h bn_prime.h bn.h
 INCLUDES=-I.. -I../../include
 INSTALLTOP=/usr/local/ssl
 LIB=../../libcrypto.a
-LIBOBJ=bn_add.o bn_div.o bn_exp.o bn_lib.o bn_mod.o bn_mul.o bn_print.o bn_rand.o bn_shift.o bn_sub.o bn_word.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o bn_mulw.o bn_recp.o bn_mont.o
-LIBSRC=bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mod.c bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_sub.c bn_word.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_mulw.c bn_recp.c bn_mont.c
+LIBOBJ=bn_add.o bn_div.o bn_exp.o bn_lib.o bn_mod.o bn_mul.o bn_print.o bn_rand.o bn_shift.o bn_sub.o bn_word.o bn_blind.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o bn_mulw.o bn_recp.o bn_mont.o bn_mpi.o
+LIBSRC=bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mod.c bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_sub.c bn_word.c bn_blind.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_mulw.c bn_recp.c bn_mont.c bn_mpi.c
 MAKE=make -f Makefile.ssl
 MAKEDEPEND=makedepend -f Makefile.ssl
 MAKEFILE=Makefile.ssl
-SRC=bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mod.c bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_sub.c bn_word.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_mulw.c bn_recp.c bn_mont.c
+SRC=bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mod.c bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_sub.c bn_word.c bn_blind.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_mulw.c bn_recp.c bn_mont.c bn_mpi.c
 TEST=bntest.c exptest.c
 TOP=../..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto/rsa
-ALL=Makefile rsa_enc.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c rsa.h
+ALL=Makefile rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c rsa_pk1.c rsa_ssl.c rsa_none.c rsa.h
 APPS=
 AR=ar r
 CC=cc
@@ -287,12 +420,12 @@ HEADER=rsa.h
 INCLUDES=-I.. -I../../include
 INSTALLTOP=/usr/local/ssl
 LIB=../../libcrypto.a
-LIBOBJ=rsa_enc.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o rsa_err.o
-LIBSRC=rsa_enc.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c
+LIBOBJ=rsa_eay.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o rsa_err.o rsa_pk1.o rsa_ssl.o rsa_none.o
+LIBSRC=rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c rsa_pk1.c rsa_ssl.c rsa_none.c
 MAKE=make -f Makefile.ssl
 MAKEDEPEND=makedepend -f Makefile.ssl
 MAKEFILE=Makefile.ssl
-SRC=rsa_enc.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c
+SRC=rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c rsa_pk1.c rsa_ssl.c rsa_none.c
 TEST=
 TOP=../..
 RELATIVE_DIRECTORY=
@@ -372,7 +505,7 @@ TEST=
 TOP=../..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto/bio
-ALL=Makefile bio_lib.c bio_cb.c bio_err.c bss_mem.c bss_null.c bss_fd.c bss_file.c bss_sock.c bss_conn.c bf_null.c bf_buff.c b_print.c b_dump.c b_sock.c bss_acpt.c bf_nbio.c bio.h
+ALL=Makefile bio_lib.c bio_cb.c bio_err.c bss_mem.c bss_null.c bss_fd.c bss_file.c bss_sock.c bss_conn.c bf_null.c bf_buff.c b_print.c b_dump.c b_sock.c bss_acpt.c bf_nbio.c bio.h bss_file.c
 APPS=
 AR=ar r
 CC=cc
@@ -381,9 +514,9 @@ CFLAGS=-I.. -I../../include -g
 DIR=bio
 ERR=bio
 ERRC=bio_err
-EXHEADER=bio.h
+EXHEADER=bio.h bss_file.c
 GENERAL=Makefile
-HEADER=bio.h
+HEADER=bio.h bss_file.c
 INCLUDES=-I.. -I../../include
 INSTALLTOP=/usr/local/ssl
 LIB=../../libcrypto.a
@@ -472,7 +605,7 @@ AR=ar r
 CC=cc
 CFLAG=-g
 CFLAGS=-I.. -I../../include -g
-DIR=error
+DIR=err
 EXHEADER=err.h
 GENERAL=Makefile
 HEADER=err.h
@@ -514,7 +647,7 @@ TEST=
 TOP=../..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto/evp
-ALL=Makefile encode.c digest.c evp_enc.c evp_key.c e_ecb_d.c e_cbc_d.c e_cfb_d.c e_ofb_d.c e_ecb_i.c e_cbc_i.c e_cfb_i.c e_ofb_i.c e_ecb_3d.c e_cbc_3d.c e_rc4.c names.c e_cfb_3d.c e_ofb_3d.c e_xcbc_d.c e_ecb_r2.c e_cbc_r2.c e_cfb_r2.c e_ofb_r2.c e_ecb_bf.c e_cbc_bf.c e_cfb_bf.c e_ofb_bf.c m_null.c m_md2.c m_md5.c m_sha.c m_sha1.c m_dss.c m_dss1.c m_mdc2.c p_open.c p_seal.c p_sign.c p_verify.c p_lib.c bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c c_all.c evp.h
+ALL=Makefile encode.c digest.c evp_enc.c evp_key.c e_ecb_d.c e_cbc_d.c e_cfb_d.c e_ofb_d.c e_ecb_i.c e_cbc_i.c e_cfb_i.c e_ofb_i.c e_ecb_3d.c e_cbc_3d.c e_rc4.c names.c e_cfb_3d.c e_ofb_3d.c e_xcbc_d.c e_ecb_r2.c e_cbc_r2.c e_cfb_r2.c e_ofb_r2.c e_ecb_bf.c e_cbc_bf.c e_cfb_bf.c e_ofb_bf.c e_ecb_c.c e_cbc_c.c e_cfb_c.c e_ofb_c.c e_ecb_r5.c e_cbc_r5.c e_cfb_r5.c e_ofb_r5.c m_null.c m_md2.c m_md5.c m_sha.c m_sha1.c m_dss.c m_dss1.c m_mdc2.c m_ripemd.c p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c c_all.c evp_lib.c evp.h
 APPS=
 AR=ar r
 CC=cc
@@ -529,12 +662,12 @@ HEADER=evp.h
 INCLUDES=-I.. -I../../include
 INSTALLTOP=/usr/local/ssl
 LIB=../../libcrypto.a
-LIBOBJ=encode.o digest.o evp_enc.o evp_key.o e_ecb_d.o e_cbc_d.o e_cfb_d.o e_ofb_d.o e_ecb_i.o e_cbc_i.o e_cfb_i.o e_ofb_i.o e_ecb_3d.o e_cbc_3d.o e_rc4.o names.o e_cfb_3d.o e_ofb_3d.o e_xcbc_d.o e_ecb_r2.o e_cbc_r2.o e_cfb_r2.o e_ofb_r2.o e_ecb_bf.o e_cbc_bf.o e_cfb_bf.o e_ofb_bf.o m_null.o m_md2.o m_md5.o m_sha.o m_sha1.o m_dss.o m_dss1.o m_mdc2.o p_open.o p_seal.o p_sign.o p_verify.o p_lib.o bio_md.o bio_b64.o bio_enc.o evp_err.o e_null.o c_all.o
-LIBSRC=encode.c digest.c evp_enc.c evp_key.c e_ecb_d.c e_cbc_d.c e_cfb_d.c e_ofb_d.c e_ecb_i.c e_cbc_i.c e_cfb_i.c e_ofb_i.c e_ecb_3d.c e_cbc_3d.c e_rc4.c names.c e_cfb_3d.c e_ofb_3d.c e_xcbc_d.c e_ecb_r2.c e_cbc_r2.c e_cfb_r2.c e_ofb_r2.c e_ecb_bf.c e_cbc_bf.c e_cfb_bf.c e_ofb_bf.c m_null.c m_md2.c m_md5.c m_sha.c m_sha1.c m_dss.c m_dss1.c m_mdc2.c p_open.c p_seal.c p_sign.c p_verify.c p_lib.c bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c c_all.c
+LIBOBJ=encode.o digest.o evp_enc.o evp_key.o e_ecb_d.o e_cbc_d.o e_cfb_d.o e_ofb_d.o e_ecb_i.o e_cbc_i.o e_cfb_i.o e_ofb_i.o e_ecb_3d.o e_cbc_3d.o e_rc4.o names.o e_cfb_3d.o e_ofb_3d.o e_xcbc_d.o e_ecb_r2.o e_cbc_r2.o e_cfb_r2.o e_ofb_r2.o e_ecb_bf.o e_cbc_bf.o e_cfb_bf.o e_ofb_bf.o e_ecb_c.o e_cbc_c.o e_cfb_c.o e_ofb_c.o e_ecb_r5.o e_cbc_r5.o e_cfb_r5.o e_ofb_r5.o m_null.o m_md2.o m_md5.o m_sha.o m_sha1.o m_dss.o m_dss1.o m_mdc2.o m_ripemd.o p_open.o p_seal.o p_sign.o p_verify.o p_lib.o p_enc.o p_dec.o bio_md.o bio_b64.o bio_enc.o evp_err.o e_null.o c_all.o evp_lib.o
+LIBSRC=encode.c digest.c evp_enc.c evp_key.c e_ecb_d.c e_cbc_d.c e_cfb_d.c e_ofb_d.c e_ecb_i.c e_cbc_i.c e_cfb_i.c e_ofb_i.c e_ecb_3d.c e_cbc_3d.c e_rc4.c names.c e_cfb_3d.c e_ofb_3d.c e_xcbc_d.c e_ecb_r2.c e_cbc_r2.c e_cfb_r2.c e_ofb_r2.c e_ecb_bf.c e_cbc_bf.c e_cfb_bf.c e_ofb_bf.c e_ecb_c.c e_cbc_c.c e_cfb_c.c e_ofb_c.c e_ecb_r5.c e_cbc_r5.c e_cfb_r5.c e_ofb_r5.c m_null.c m_md2.c m_md5.c m_sha.c m_sha1.c m_dss.c m_dss1.c m_mdc2.c m_ripemd.c p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c c_all.c evp_lib.c
 MAKE=make -f Makefile.ssl
 MAKEDEPEND=makedepend -f Makefile.ssl
 MAKEFILE=Makefile.ssl
-SRC=encode.c digest.c evp_enc.c evp_key.c e_ecb_d.c e_cbc_d.c e_cfb_d.c e_ofb_d.c e_ecb_i.c e_cbc_i.c e_cfb_i.c e_ofb_i.c e_ecb_3d.c e_cbc_3d.c e_rc4.c names.c e_cfb_3d.c e_ofb_3d.c e_xcbc_d.c e_ecb_r2.c e_cbc_r2.c e_cfb_r2.c e_ofb_r2.c e_ecb_bf.c e_cbc_bf.c e_cfb_bf.c e_ofb_bf.c m_null.c m_md2.c m_md5.c m_sha.c m_sha1.c m_dss.c m_dss1.c m_mdc2.c p_open.c p_seal.c p_sign.c p_verify.c p_lib.c bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c c_all.c
+SRC=encode.c digest.c evp_enc.c evp_key.c e_ecb_d.c e_cbc_d.c e_cfb_d.c e_ofb_d.c e_ecb_i.c e_cbc_i.c e_cfb_i.c e_ofb_i.c e_ecb_3d.c e_cbc_3d.c e_rc4.c names.c e_cfb_3d.c e_ofb_3d.c e_xcbc_d.c e_ecb_r2.c e_cbc_r2.c e_cfb_r2.c e_ofb_r2.c e_ecb_bf.c e_cbc_bf.c e_cfb_bf.c e_ofb_bf.c e_ecb_c.c e_cbc_c.c e_cfb_c.c e_ofb_c.c e_ecb_r5.c e_cbc_r5.c e_cfb_r5.c e_ofb_r5.c m_null.c m_md2.c m_md5.c m_sha.c m_sha1.c m_dss.c m_dss1.c m_mdc2.c m_ripemd.c p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c c_all.c evp_lib.c
 TEST=
 TOP=../..
 RELATIVE_DIRECTORY=
@@ -565,7 +698,7 @@ TEST=
 TOP=../..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto/asn1
-ALL=Makefile README a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_sign.c a_digest.c a_verify.c x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c t_req.c t_x509.c t_pkey.c p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c asn1.h asn1_mac.h
+ALL=Makefile README a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_sign.c a_digest.c a_verify.c x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c t_req.c t_x509.c t_pkey.c p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c evp_asn1.c asn1.h asn1_mac.h
 APPS=
 AR=ar r
 CC=cc
@@ -580,12 +713,12 @@ HEADER=asn1.h asn1_mac.h
 INCLUDES=-I.. -I../../include
 INSTALLTOP=/usr/local/ssl
 LIB=../../libcrypto.a
-LIBOBJ=a_object.o a_bitstr.o a_utctm.o a_int.o a_octet.o a_print.o a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o a_sign.o a_digest.o a_verify.o x_algor.o x_val.o x_pubkey.o x_sig.o x_req.o x_attrib.o x_name.o x_cinf.o x_x509.o x_crl.o x_info.o x_spki.o d2i_r_pr.o i2d_r_pr.o d2i_r_pu.o i2d_r_pu.o d2i_s_pr.o i2d_s_pr.o d2i_s_pu.o i2d_s_pu.o d2i_pu.o d2i_pr.o i2d_pu.o i2d_pr.o t_req.o t_x509.o t_pkey.o p7_i_s.o p7_signi.o p7_signd.o p7_recip.o p7_enc_c.o p7_evp.o p7_dgst.o p7_s_e.o p7_enc.o p7_lib.o f_int.o f_string.o i2d_dhp.o i2d_dsap.o d2i_dhp.o d2i_dsap.o n_pkey.o a_hdr.o x_pkey.o a_bool.o x_exten.o asn1_par.o asn1_lib.o asn1_err.o a_meth.o a_bytes.o
-LIBSRC=a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_sign.c a_digest.c a_verify.c x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c t_req.c t_x509.c t_pkey.c p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c
+LIBOBJ=a_object.o a_bitstr.o a_utctm.o a_int.o a_octet.o a_print.o a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o a_sign.o a_digest.o a_verify.o x_algor.o x_val.o x_pubkey.o x_sig.o x_req.o x_attrib.o x_name.o x_cinf.o x_x509.o x_crl.o x_info.o x_spki.o d2i_r_pr.o i2d_r_pr.o d2i_r_pu.o i2d_r_pu.o d2i_s_pr.o i2d_s_pr.o d2i_s_pu.o i2d_s_pu.o d2i_pu.o d2i_pr.o i2d_pu.o i2d_pr.o t_req.o t_x509.o t_pkey.o p7_i_s.o p7_signi.o p7_signd.o p7_recip.o p7_enc_c.o p7_evp.o p7_dgst.o p7_s_e.o p7_enc.o p7_lib.o f_int.o f_string.o i2d_dhp.o i2d_dsap.o d2i_dhp.o d2i_dsap.o n_pkey.o a_hdr.o x_pkey.o a_bool.o x_exten.o asn1_par.o asn1_lib.o asn1_err.o a_meth.o a_bytes.o evp_asn1.o
+LIBSRC=a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_sign.c a_digest.c a_verify.c x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c t_req.c t_x509.c t_pkey.c p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c evp_asn1.c
 MAKE=make -f Makefile.ssl
 MAKEDEPEND=makedepend -f Makefile.ssl
 MAKEFILE=Makefile.ssl
-SRC=a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_sign.c a_digest.c a_verify.c x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c t_req.c t_x509.c t_pkey.c p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c
+SRC=a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_sign.c a_digest.c a_verify.c x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c t_req.c t_x509.c t_pkey.c p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c evp_asn1.c
 TEST=
 TOP=../..
 RELATIVE_DIRECTORY=
@@ -688,7 +821,7 @@ TEST=
 TOP=../..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=ssl
-ALL=Makefile README s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_pkt.c s2_enc.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_pkt.c s3_enc.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c ssl_err.c ssl.h ssl2.h ssl3.h ssl23.h ssl_locl.h
+ALL=Makefile README s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c ssl_err.c ssl.h ssl2.h ssl3.h ssl23.h tls1.h ssl_locl.h
 APPS=
 AR=ar r
 CC=cc
@@ -697,18 +830,18 @@ CFLAGS=-I../crypto -I../include -g
 DIR=ssl
 ERR=ssl
 ERRC=ssl_err
-EXHEADER=ssl.h ssl2.h ssl3.h ssl23.h
+EXHEADER=ssl.h ssl2.h ssl3.h ssl23.h tls1.h
 GENERAL=Makefile README
-HEADER=ssl.h ssl2.h ssl3.h ssl23.h ssl_locl.h
+HEADER=ssl.h ssl2.h ssl3.h ssl23.h tls1.h ssl_locl.h
 INCLUDES=-I../crypto -I../include
 INSTALLTOP=/usr/local/ssl
 LIB=../libssl.a
-LIBOBJ=s2_meth.o s2_srvr.o s2_clnt.o s2_lib.o s2_pkt.o s2_enc.o s3_meth.o s3_srvr.o s3_clnt.o s3_lib.o s3_pkt.o s3_enc.o s3_both.o s23_meth.o s23_srvr.o s23_clnt.o s23_lib.o s23_pkt.o ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o ssl_ciph.o ssl_stat.o ssl_rsa.o ssl_asn1.o ssl_txt.o ssl_algs.o bio_ssl.o ssl_err.o
-LIBSRC=s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_pkt.c s2_enc.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_pkt.c s3_enc.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c ssl_err.c
+LIBOBJ=s2_meth.o s2_srvr.o s2_clnt.o s2_lib.o s2_enc.o s2_pkt.o s3_meth.o s3_srvr.o s3_clnt.o s3_lib.o s3_enc.o s3_pkt.o s3_both.o s23_meth.o s23_srvr.o s23_clnt.o s23_lib.o s23_pkt.o t1_meth.o t1_srvr.o t1_clnt.o t1_lib.o t1_enc.o ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o ssl_ciph.o ssl_stat.o ssl_rsa.o ssl_asn1.o ssl_txt.o ssl_algs.o bio_ssl.o ssl_err.o
+LIBSRC=s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c ssl_err.c
 MAKE=make -f Makefile.ssl
 MAKEDEPEND=makedepend -f Makefile.ssl
 MAKEFILE=Makefile.ssl
-SRC=s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_pkt.c s2_enc.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_pkt.c s3_enc.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c ssl_err.c
+SRC=s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c ssl_err.c
 TEST=ssltest.c
 TOP=..
 RELATIVE_DIRECTORY=
@@ -738,7 +871,7 @@ TEST=
 TOP=..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=apps
-ALL=Makefile verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c gendsa.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c version.c sess_id.c ciphers.c apps.h progs.h s_apps.h testdsa.h testrsa.h 
+ALL=Makefile verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c version.c sess_id.c ciphers.c apps.h progs.h s_apps.h testdsa.h testrsa.h 
 A_OBJ=apps.o
 A_SRC=apps.c
 CC=cc
@@ -750,9 +883,9 @@ DLIBSSL=../libssl.a
 EXE=ssleay
 EXHEADER=
 EX_LIBS=
-E_EXE=verify asn1pars req dgst dh enc gendh gendsa errstr ca crl rsa dsa dsaparam x509 genrsa s_server s_client speed s_time version pkcs7 crl2pkcs7 sess_id ciphers
-E_OBJ=verify.o asn1pars.o req.o dgst.o dh.o enc.o gendh.o errstr.o ca.o gendsa.o pkcs7.o crl2p7.o crl.o rsa.o dsa.o dsaparam.o x509.o genrsa.o s_server.o s_client.o speed.o s_time.o apps.o s_cb.o s_socket.o version.o sess_id.o ciphers.o
-E_SRC=verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c gendsa.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c version.c sess_id.c ciphers.c
+E_EXE=verify asn1pars req dgst dh enc gendh errstr ca crl rsa dsa dsaparam x509 genrsa s_server s_client speed s_time version pkcs7 crl2pkcs7 sess_id ciphers
+E_OBJ=verify.o asn1pars.o req.o dgst.o dh.o enc.o gendh.o errstr.o ca.o pkcs7.o crl2p7.o crl.o rsa.o dsa.o dsaparam.o x509.o genrsa.o s_server.o s_client.o speed.o s_time.o apps.o s_cb.o s_socket.o version.o sess_id.o ciphers.o
+E_SRC=verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c version.c sess_id.c ciphers.c
 GENERAL=Makefile
 HEADER=apps.h progs.h s_apps.h testdsa.h testrsa.h 
 INCLUDES=-I../include
@@ -766,16 +899,17 @@ PEX_LIBS=
 PROGS=ssleay.c
 RM=/bin/rm -f
 SCRIPTS=CA.sh der_chop
-SRC=verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c gendsa.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c version.c sess_id.c ciphers.c
+SRC=verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c version.c sess_id.c ciphers.c
 SSLEAY=ssleay
 S_OBJ=s_cb.o s_socket.o
 S_SRC=s_cb.c s_socket.c
 TOP=..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=test
-ALL=Makefile.ssl bntest.c ideatest.c md2test.c md5test.c rc4test.c destest.c shatest.c sha1test.c mdc2test.c randtest.c dhtest.c rc2test.c bftest.c ssltest.c dsatest.c exptest.c 
+ALL=Makefile.ssl bntest.c ideatest.c md2test.c md5test.c hmactest.c rc2test.c rc4test.c rc5test.c destest.c shatest.c sha1test.c mdc2test.c rmdtest.c randtest.c dhtest.c casttest.c bftest.c ssltest.c dsatest.c exptest.c 
 BFTEST=bftest
 BNTEST=bntest
+CASTTEST=casttest
 CC=cc
 CFLAG=-g
 CFLAGS=-I../include -g
@@ -785,12 +919,13 @@ DIR=test
 DLIBCRYPTO=../libcrypto.a
 DLIBSSL=../libssl.a
 DSATEST=dsatest
-EXE=bntest ideatest md2test md5test rc4test destest shatest sha1test mdc2test randtest dhtest rc2test bftest ssltest exptest dsatest
+EXE=bntest ideatest md2test md5test hmactest rc2test rc4test rc5test destest shatest sha1test mdc2test rmdtest randtest dhtest bftest casttest ssltest exptest dsatest
 EXHEADER=
 EXPTEST=exptest
-EX_LIBS=-lnsl -lsocket
+EX_LIBS=
 GENERAL=Makefile.ssl
 HEADER=
+HMACTEST=hmactest
 IDEATEST=ideatest
 INCLUDES=-I../include
 INSTALLTOP=/usr/local/ssl
@@ -803,14 +938,16 @@ MD2TEST=md2test
 MD5TEST=md5test
 MDC2TEST=mdc2test
 METHTEST=methtest
-OBJ=bntest.o ideatest.o md2test.o md5test.o rc4test.o destest.o shatest.o sha1test.o mdc2test.o randtest.o dhtest.o rc2test.o bftest.o ssltest.o dsatest.o exptest.o
+OBJ=bntest.o ideatest.o md2test.o md5test.o hmactest.o rc2test.o rc4test.o rc5test.o destest.o shatest.o sha1test.o mdc2test.o rmdtest.o randtest.o dhtest.o casttest.o bftest.o ssltest.o dsatest.o exptest.o
 PEX_LIBS=
 RANDTEST=randtest
 RC2TEST=rc2test
 RC4TEST=rc4test
+RC5TEST=rc5test
+RMDTEST=rmdtest
 SHA1TEST=sha1test
 SHATEST=shatest
-SRC=bntest.c ideatest.c md2test.c md5test.c rc4test.c destest.c shatest.c sha1test.c mdc2test.c randtest.c dhtest.c rc2test.c bftest.c ssltest.c dsatest.c exptest.c
+SRC=bntest.c ideatest.c md2test.c md5test.c hmactest.c rc2test.c rc4test.c rc5test.c destest.c shatest.c sha1test.c mdc2test.c rmdtest.c randtest.c dhtest.c casttest.c bftest.c ssltest.c dsatest.c exptest.c
 SSLTEST=ssltest
 TOP=..
 RELATIVE_DIRECTORY=

diff --git a/Makefile.ssl b/Makefile.ssl
index 676ece0aa82123dbdf006f18b5aaee9c2cef485f..0f352027e61c4aacabd0830385411feaae44982c 100644 (file)
--- a/Makefile.ssl
+++ b/Makefile.ssl
@@ -1,6 +1,6 @@
 #
 # Makefile for all the SSL related library routines and utilities
-VERSION        = 0.8.1a
+VERSION = 0.9.0a
 #
 # make install will install:
 #   libraries into $INSTALLTOP/lib
@@ -21,9 +21,9 @@ VERSION       = 0.8.1a
 #
 # If you must get hold of people directly (we much prefer the above
 # lists to be used if the question is of general interest!):
-#      Eric Young <eay@cryptsoft.com>
-#      Tim Hudson <tjh@cryptsoft.com>
-#      or both    <ssleay@cryptsoft.com>
+#       Eric Young <eay@cryptsoft.com>
+#       Tim Hudson <tjh@cryptsoft.com>
+#       or both    <ssleay@cryptsoft.com>
 #
 # The primary distribution of SSLeay is from
 # ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL
@@ -35,71 +35,124 @@ VERSION    = 0.8.1a
 # NO_RC4  - Define to build without the RC4 algorithm
 # NO_RC2  - Define to build without the RC2 algorithm
 # THREADS - Define when building with threads, you will probably also need any
-#          system defines as well, i.e. _REENTERANT for Solaris 2.[34]
+#           system defines as well, i.e. _REENTERANT for Solaris 2.[34]
 # TERMIO  - Define the termio terminal subsystem, needed if sgtty is missing.
 # TERMIOS - Define the termios terminal subsystem, Silicon Graphics.
 # LONGCRYPT - Define to use HPUX 10.x's long password modification to crypt(3).
 # DEVRANDOM - Give this the value of the 'random device' if your OS supports
-#          one.  32 bytes will be read from this when the random
-#          number generator is initalised.
+#           one.  32 bytes will be read from this when the random
+#           number generator is initalised.
 # SSL_ALLOW_ADH - define if you want the server to be able to use the
-#          SSLv3 anon-DH ciphers.
+#           SSLv3 anon-DH ciphers.
 # SSL_ALLOW_ENULL - define if you want the server to be able to use the
-#          NULL encryption ciphers.
+#           NULL encryption ciphers.
 #
 # LOCK_DEBUG - turns on lots of lock debug output :-)
 # REF_CHECK - turn on some xyz_free() assertions.
+# REF_PRINT - prints some stuff on structure free.
 # CRYPTO_MDEBUG - turns on my 'memory leak' detecting stuff
 # MFUNC - Make all Malloc/Free/Realloc calls call
-#      CRYPTO_malloc/CRYPTO_free/CRYPTO_realloc which can be setup to
-#      call application defined callbacks via CRYPTO_set_mem_functions()
+#       CRYPTO_malloc/CRYPTO_free/CRYPTO_realloc which can be setup to
+#       call application defined callbacks via CRYPTO_set_mem_functions()
+# MD5_ASM needs to be defined to use the x86 assembler for MD5
+# SHA1_ASM needs to be defined to use the x86 assembler for SHA1
+# RMD160_ASM needs to be defined to use the x86 assembler for RIPEMD160
 
 
 CC= cc
+#CFLAG= -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DMD5_ASM -DSHA1_ASM -DRMD160_ASM
 CFLAG= -O -DNOPROTO
-#CFLAG= -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized
 PEX_LIBS= -L. -L.. -L../.. -L../../..
 EX_LIBS= 
-#EX_LIBS= #-lRSAglue -lrsaref -lnsl -lsocket
 AR=ar r
 
 # Set BN_MULW to bn_mulw.o if you want to use the C version
-#BN_MULW= asm/x86-lnx.o
 BN_MULW= bn_mulw.o
-#BN_MULW= asm/x86-lnx.o                # elf
-#BN_MULW= asm/x86-sol.o                # solaris
-#BN_MULW= asm/x86-lnxa.o       # a.out, FreeBSD
-#BN_MULW= asm/x86-bsdi.o       # bsdi
-#BN_MULW= asm/alpha.o          # DEC Alpha
-#BN_MULW= asm/pa-risc2.o       # HP-UX PA-RISC
-#BN_MULW= asm/r3000.o          # SGI MIPS cpu
-#BN_MULW= asm/sparc.o          # Sun solaris/SunOS
-#BN_MULW= asm/x86nt32.o                # Windows 95/NT
-#BN_MULW= asm/x86w16.o         # 16 bit code for Windows 3.1/DOS
-#BN_MULW= asm/x86w32.o         # 32 bit code for Windows 3.1
+#BN_MULW= bn_mulw.o
+#BN_MULW= asm/bn86-elf.o        # elf, linux-elf
+#BN_MULW= asm/bn86-sol.o        # solaris
+#BN_MULW= asm/bn86-out.o        # a.out, FreeBSD
+#BN_MULW= asm/bn86bsdi.o        # bsdi
+#BN_MULW= asm/alpha.o           # DEC Alpha
+#BN_MULW= asm/pa-risc2.o        # HP-UX PA-RISC
+#BN_MULW= asm/r3000.o           # SGI MIPS cpu
+#BN_MULW= asm/sparc.o           # Sun solaris/SunOS
+#BN_MULW= asm/bn-win32.o                # Windows 95/NT
+#BN_MULW= asm/x86w16.o          # 16 bit code for Windows 3.1/DOS
+#BN_MULW= asm/x86w32.o          # 32 bit code for Windows 3.1
 
 # Set DES_ENC to des_enc.o if you want to use the C version
 #There are 4 x86 assember options.
 DES_ENC= des_enc.o fcrypt_b.o
-#DES_ENC= des_enc.o fcrypt_b.o         # C
-#DES_ENC= asm/dx86-elf.o asm/cx86-elf.o # elf
-#DES_ENC= asm/dx86-sol.o asm/cx86-sol.o        # solaris
-#DES_ENC= asm/dx86-out.o asm/cx86-out.o        # a.out, FreeBSD
-#DES_ENC= asm/dx86bsdi.o asm/cx86bsdi.o        # bsdi
+#DES_ENC= des_enc.o fcrypt_b.o          # C
+#DES_ENC= asm/dx86-elf.o asm/yx86-elf.o # elf
+#DES_ENC= asm/dx86-sol.o asm/yx86-sol.o # solaris
+#DES_ENC= asm/dx86-out.o asm/yx86-out.o # a.out, FreeBSD
+#DES_ENC= asm/dx86bsdi.o asm/yx86bsdi.o # bsdi
 
 # Set BF_ENC to bf_enc.o if you want to use the C version
 #There are 4 x86 assember options.
 BF_ENC= bf_enc.o
-#BF_ENC= bf_enc.o      # C
+#BF_ENC= bf_enc.o
 #BF_ENC= asm/bx86-elf.o # elf
-#BF_ENC= asm/bx86-sol.o        # solaris
-#BF_ENC= asm/bx86-out.o        # a.out, FreeBSD
-#BF_ENC= asm/bx86bsdi.o        # bsdi
+#BF_ENC= asm/bx86-sol.o # solaris
+#BF_ENC= asm/bx86-out.o # a.out, FreeBSD
+#BF_ENC= asm/bx86bsdi.o # bsdi
 
-DIRS=  crypto ssl rsaref apps test tools
+# Set CAST_ENC to c_enc.o if you want to use the C version
+#There are 4 x86 assember options.
+CAST_ENC= c_enc.o
+#CAST_ENC= c_enc.o
+#CAST_ENC= asm/cx86-elf.o # elf
+#CAST_ENC= asm/cx86-sol.o # solaris
+#CAST_ENC= asm/cx86-out.o # a.out, FreeBSD
+#CAST_ENC= asm/cx86bsdi.o # bsdi
+
+# Set RC4_ENC to rc4_enc.o if you want to use the C version
+#There are 4 x86 assember options.
+RC4_ENC= rc4_enc.o
+#RC4_ENC= rc4_enc.o
+#RC4_ENC= asm/rx86-elf.o # elf
+#RC4_ENC= asm/rx86-sol.o # solaris
+#RC4_ENC= asm/rx86-out.o # a.out, FreeBSD
+#RC4_ENC= asm/rx86bsdi.o # bsdi
+
+# Set RC5_ENC to rc5_enc.o if you want to use the C version
+#There are 4 x86 assember options.
+RC5_ENC= rc5_enc.o
+#RC5_ENC= rc5_enc.o
+#RC5_ENC= asm/r586-elf.o # elf
+#RC5_ENC= asm/r586-sol.o # solaris
+#RC5_ENC= asm/r586-out.o # a.out, FreeBSD
+#RC5_ENC= asm/r586bsdi.o # bsdi
+
+# Also need MD5_ASM defined
+MD5_ASM_OBJ= 
+#MD5_ASM_OBJ= asm/mx86-elf.o        # elf
+#MD5_ASM_OBJ= asm/mx86-sol.o        # solaris
+#MD5_ASM_OBJ= asm/mx86-out.o        # a.out, FreeBSD
+#MD5_ASM_OBJ= asm/mx86bsdi.o        # bsdi
+
+# Also need SHA1_ASM defined
+SHA1_ASM_OBJ= 
+#SHA1_ASM_OBJ= asm/sx86-elf.o       # elf
+#SHA1_ASM_OBJ= asm/sx86-sol.o       # solaris
+#SHA1_ASM_OBJ= asm/sx86-out.o       # a.out, FreeBSD
+#SHA1_ASM_OBJ= asm/sx86bsdi.o       # bsdi
+
+# Also need RMD160_ASM defined
+RMD160_ASM_OBJ= 
+#RMD160_ASM_OBJ= asm/rm86-elf.o       # elf
+#RMD160_ASM_OBJ= asm/rm86-sol.o       # solaris
+#RMD160_ASM_OBJ= asm/rm86-out.o       # a.out, FreeBSD
+#RMD160_ASM_OBJ= asm/rm86bsdi.o       # bsdi
+
+DIRS=   crypto ssl rsaref apps test tools
 # dirs in crypto to build
 SDIRS=  \
-       md sha mdc2 des rc4 rc2 idea bf bn rsa dsa dh \
+       md2 md5 sha mdc2 hmac ripemd \
+       des rc2 rc4 rc5 idea bf cast \
+       bn rsa dsa dh \
        buffer bio stack lhash rand err objects \
        evp pem asn1 x509 conf txt_db pkcs7
 
@@ -108,46 +161,46 @@ SDIRS=  \
 INSTALLTOP=/usr/local/ssl
 
 MAKEFILE= Makefile.ssl
-MAKE=    make -f Makefile.ssl
+MAKE=     make -f Makefile.ssl
 
 MAN1=1
 MAN3=3
 SHELL=/bin/sh
 
-TOP=   .
+TOP=    .
 ONEDIRS=out tmp
-EDIRS= times doc bugs util include certs ms shlib mt demos
-MISC=  COPYRIGHT Configure HISTORY.066 INSTALL Makefile.ssl Makefile \
-       README TODO HISTORY README.066 README.080 \
+EDIRS=  times doc bugs util include certs ms shlib mt demos perl dep
+MISC=   COPYRIGHT Configure HISTORY.066 INSTALL Makefile.ssl Makefile \
+       README TODO HISTORY README.066 README.080 README.090 \
        VERSION PROBLEMS MINFO makefile.one e_os.h \
-       MICROSOFT makevms.com
-WDIRS= windows
-LIBS=  libcrypto.a libssl.a 
-
-GENERAL=       Makefile
-BASENAME=      SSLeay
-NAME=          $(BASENAME)-$(VERSION)
-TARFILE=       $(NAME).tar
-WTARFILE=      $(NAME)-win.tar
-EX_HEADER=
-HEADER=                e_os.h
+       MICROSOFT makevms.com config PATENTS
+WDIRS=  windows
+LIBS=   libcrypto.a libssl.a 
+
+GENERAL=        Makefile
+BASENAME=       SSLeay
+NAME=           $(BASENAME)-$(VERSION)
+TARFILE=        $(NAME).tar
+WTARFILE=       $(NAME)-win.tar
+EXHEADER=       e_os.h
+HEADER=         e_os.h
 
 all:
        @for i in $(DIRS) ;\
        do \
        (cd $$i; echo "making $$i..."; \
-       $(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_MULW='${BN_MULW}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' SDIRS='${SDIRS}' AR='${AR}' all ); \
+       $(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_MULW='${BN_MULW}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' SDIRS='${SDIRS}' AR='${AR}' all ); \
        done;
 
 sub_all:
        @for i in $(DIRS) ;\
        do \
        (cd $$i; echo "making $$i..."; \
-       $(MAKE) CC='${CC}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_MULW='${BN_MULW}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' AR='${AR}' all ); \
+       $(MAKE) CC='${CC}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_MULW='${BN_MULW}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' all ); \
        done;
 
 clean:
-       /bin/rm -f *.o core a.out fluff *.map
+       /bin/rm -f shlib/*.o *.o core a.out fluff *.map
        @for i in $(DIRS) ;\
        do \
        (cd $$i; echo "cleaning $$i..."; \
@@ -158,14 +211,14 @@ clean:
        /bin/rm -f $(TARFILE)
        @for i in $(ONEDIRS) ;\
        do \
-       /bin/rm -f $$i/*; \
+       /bin/rm -fr $$i/*; \
        done
 
 makefile.one: files
        perl util/mk1mf.pl >makefile.one; \
        sh util/do_ms.sh
 
-files: MINFO
+files:  MINFO
        perl $(TOP)/util/files.pl Makefile.ssl > $(TOP)/MINFO
        @for i in $(DIRS) ;\
        do \
@@ -176,13 +229,14 @@ files:    MINFO
 links:
        /bin/rm -f Makefile;
        ./util/point.sh Makefile.ssl Makefile;
+       $(TOP)/util/mklink.sh include $(EXHEADER) ;
        @for i in $(DIRS) ;\
        do \
        (cd $$i; echo "making links in $$i..."; \
        $(MAKE) SDIRS='${SDIRS}' links ); \
        done;
        # @(cd apps; sh ./mklinks)
-       sh tools/c_rehash certs
+       @( SSLEAY="`pwd`/apps/ssleay"; export SSLEAY; sh tools/c_rehash certs )
 
 dclean:
        /bin/rm -f *.bak
@@ -195,11 +249,11 @@ dclean:
 rehash:
        @(PATH="`pwd`/apps:${PATH}"; sh tools/c_rehash certs)
 
-test:  tests
+test:   tests
 
 tests:
        (cd test; echo "testing $$i..."; \
-       $(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_MULW='${BN_MULW}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' SDIRS='${SDIRS}' AR='${AR}' tests );
+       $(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_MULW='${BN_MULW}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SDIRS='${SDIRS}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' tests );
        @apps/ssleay version -a
 
 depend:
@@ -242,8 +296,9 @@ tar:
        mv $(NAME) $(BASENAME) ) 
        gzip -f $(TARFILE)
 
-dist:  
+dist:   
        perl Configure dist
+       perl util/up_ver.pl ${VERSION}
        @$(MAKE) dist_pem_h
        @$(MAKE) SDIRS='${SDIRS}' clean
        @$(MAKE) SDIRS='${SDIRS}' dclean
@@ -267,7 +322,7 @@ install: all
        done
        @for i in $(LIBS) ;\
        do \
-       (       echo installing $$i; \
+       (       echo installing $$i; \
                cp $$i $(INSTALLTOP)/lib; \
                sh util/ranlib.sh $(INSTALLTOP)/lib/$$i; \
                chmod 644 $(INSTALLTOP)/lib/$$i ); \

diff --git a/PATENTS b/PATENTS
new file mode 100644 (file)
index 0000000..61423d0
--- /dev/null
+++ b/PATENTS
@@ -0,0 +1,9 @@
+RSA Data Security holds software patents on the RSA and RC5 algorithms.
+If there ciphers are used used inside the USA (and Japan?), you must contact
+RSA Data Security for licencing conditions.
+
+The IDEA algorithm is patented by XXXX and they should be contacted if that
+algorithm is to be used.
+
+RC4 is a trademark of RSA Data Security, so use of this label should perhaps
+only me used with RSA Data Security's permission.

diff --git a/README b/README
index 543a1336f53744837fc00a97fbfdad41ab6e7a4f..eaa77007f0b259b7bb1c596390d802adf3ace1ea 100644 (file)
--- a/README
+++ b/README
@@ -1,4 +1,4 @@
-               SSLeay 0.8.1b 29-Jun-1998
+               SSLeay 0.9.0b 29-Jun-1998
                Copyright (c) 1997, Eric Young
                All rights reserved.
 

diff --git a/README.090 b/README.090
new file mode 100644 (file)
index 0000000..634870d
--- /dev/null
+++ b/README.090
@@ -0,0 +1,71 @@
+10-Apr-1998
+I said the next version would go out at easter, and so it shall.
+I expect a 0.9.1 will follow with portability fixes in the next few weeks.
+
+This is a quick, meet the deadline.  Look to ssl-users for comments on what
+is new etc.
+
+The state of play
+- TLSv1 - I need to do some explaining about how the methods interact.
+  The bad news is that SSLeay 0.8.x application will not roll back to
+  SSLv3, I suffed up.  0.8.x is rather pedantic about the '3.0' version
+  number.  Look at the 'no-tls' options in applications in the apps directory.
+- The perl5 stuff is very rough.  The SSL part does not work due to
+  reference count hassles in the BIO stuff.  I just have not had time to
+  look at it.  The cipher, digest and bignum stuff works though.  I just
+  need to clean up the API.
+- Lots of x86 assember.  I now have it for des, 3des, rc4, rc5, blowfish,
+  cast, md5, sha1 and ripemd160.  It has been tested on win32, linux (elf)
+  and FreeBSD (a.out).
+- As mentioned above, cast, rc5 and ripemd160 have been added.
+- A simple HMAC set of functions.
+- EX_DATA strucutre, which can be used by applications or other libraries
+  to tack arbitarty data against strucutures that include it.
+  You will probably have to see examples to see how to use it, and I will
+  elaberate on the ssl-users mailing list
+- RSA blinding.  If you fear timing attacks on RSA, you can turn on
+  blinding which defeats it.
+- From Tim Hudson, try running 'sh config' instead of 'perl Configure'.
+  I makes an educated guess as to what you are and then runs 'perl Configure'
+- The error stuff has been modified so arbitary strings can be taged
+  against an error message.  It is used in a few places to elaberate on
+  parameters that caused the error.
+
+Areas of work
+- The 16bit big-num assember needs a routine added.  The WIN16 and
+  WIN32 stuff is ok, but MS-DOS or 286 builds need the update.
+- Most of the bignum assember will not work.  There will be a function
+  missing, bn_add_words().  I need people to send me the C compiler output
+  for platforms I don't already have.  Currently, the assember is correct for
+  x86, win32, win16(386+), linux elf, FreeBSD a.out and sparc.
+- PKCS7, I have delusions of s/MIME.  I need to do a BIO interface.
+- perl5, it needs finishing
+- X509v3 extension.  I have some ideas, I just need to
+  implement them :-)
+- Public key methods.  I need to clean up the library internally so
+  public key methods are loaded is a similar way to symetric ciphers
+  and digests.  I also need to seperate out the digests from public
+  key methods.  This stuff is needed to support sortware patents, smaller
+  code size and hardware tokens.
+
+Anyway, this release gets out the bug fixes and TLS, but be warned, until
+all those old SSLeay 0.8.x based server get upgraded, you will need to
+connect with SSLv3 if TLSv1 fails.
+
+eric (about to go bushwalking for the 4 day easter break :-)
+
+PS Common problems
+- For Win32 build, use /MD to specify your libraries, or build SSLeay with
+  the same flags as your application.  Visual C stuffs up the malloc routines
+  if memory allocated by one memory model is freed by another.  FILE pointers
+  are a major cause of these problem.
+- If you are trying to use non-blocking IO and it is not working,
+  try 'ssleay s_client -help' and see if the -nbio option is listed.
+  For unixware, it has the non-block IO define in 'differnt' header file
+  and SSLeay will silently build without non-blocking IO calls (but for
+  unixware, the special header has been included).
+- -DL_ENDIAN.  For the message digests, some code needs to be turned off
+  in the C code when assember is used.  For x86, this means the L_ENDIAN
+  needs to defined when x86 -DSHA1_ASM is defined.  The reasons this is
+  not automagically done is because non-x86 assember could be bigendian.
+  For pure C code builds, the B_ENDIAN/L_ENDIAN flags are optional.

diff --git a/apps/Makefile.ssl b/apps/Makefile.ssl
index 4fac51faa304e349d5a30fc0bdc86baf32b89d5d..1cace40ab7008851b54d2dbd3a629cf14b2a9c27 100644 (file)
--- a/apps/Makefile.ssl
+++ b/apps/Makefile.ssl
@@ -31,7 +31,7 @@ SCRIPTS=CA.sh der_chop
 
 EXE= $(SSLEAY)
 
-E_EXE= verify asn1pars req dgst dh enc gendh gendsa errstr ca crl \
+E_EXE= verify asn1pars req dgst dh enc gendh errstr ca crl \
        rsa dsa dsaparam \
        x509 genrsa s_server s_client speed \
        s_time version pkcs7 crl2pkcs7 sess_id ciphers
@@ -44,7 +44,7 @@ S_OBJ=        s_cb.o s_socket.o
 S_SRC= s_cb.c s_socket.c
 
 E_OBJ= verify.o asn1pars.o req.o dgst.o dh.o enc.o gendh.o errstr.o ca.o \
-       gendsa.o pkcs7.o crl2p7.o crl.o \
+       pkcs7.o crl2p7.o crl.o \
        rsa.o dsa.o dsaparam.o \
        x509.o genrsa.o s_server.o s_client.o speed.o \
        s_time.o $(A_OBJ) $(S_OBJ) version.o sess_id.o \
@@ -53,7 +53,7 @@ E_OBJ=        verify.o asn1pars.o req.o dgst.o dh.o enc.o gendh.o errstr.o ca.o \
 #      pem_mail.o
 
 E_SRC= verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c \
-       gendsa.c pkcs7.c crl2p7.c crl.c \
+       pkcs7.c crl2p7.c crl.c \
        rsa.c dsa.c dsaparam.c \
        x509.c genrsa.c s_server.c s_client.c speed.c \
        s_time.c $(A_SRC) $(S_SRC) version.c sess_id.c \

diff --git a/apps/apps.c b/apps/apps.c
index 7c9510e3b54f03a99e707a830a5929dab2ac1703..5f0c8fa5390b5ba8f81a366db91bcab88dea1c06 100644 (file)
--- a/apps/apps.c
+++ b/apps/apps.c
@@ -1,5 +1,5 @@
 /* apps/apps.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -65,13 +65,8 @@
 #include "apps.h"
 #undef NON_MAIN
 
-#ifdef WIN16
-#define APPS_WIN16
-#ifdef FLAT_BUILD
-#include "bss_file.c"
-#else
-#include "../crypto/bio/bss_file.c"
-#endif
+#ifdef WINDOWS
+#  include "bss_file.c"
 #endif
 
 #ifndef NOPROTO

diff --git a/apps/apps.h b/apps/apps.h
index 528828cf63f4fd24e57fbd4e7344f7ff530f259f..25a9262e037850aa353e4152592804993a47c39c 100644 (file)
--- a/apps/apps.h
+++ b/apps/apps.h
@@ -1,5 +1,5 @@
 /* apps/apps.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -59,18 +59,14 @@
 #ifndef HEADER_APPS_H
 #define HEADER_APPS_H
 
-#ifdef FLAT_INC
 #include "e_os.h"
-#else
-#include "../e_os.h"
-#endif
 
 #include "buffer.h"
 #include "bio.h"
 #include "crypto.h"
 #include "progs.h"
 
-#ifdef WIN16
+#ifdef NO_STDIO
 BIO_METHOD *BIO_s_file();
 #endif
 

diff --git a/apps/asn1pars.c b/apps/asn1pars.c
index 111e28270932004e32ece8a5dffa42076f8ff5eb..3d382282e41c497a0fbedc06b9cbe96e941a5b5a 100644 (file)
--- a/apps/asn1pars.c
+++ b/apps/asn1pars.c
@@ -1,5 +1,5 @@
 /* apps/asn1pars.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -75,6 +75,7 @@
  * -i          - indent the details by depth
  * -offset     - where in the file to start
  * -length     - how many bytes to use
+ * -oid file   - extra oid decription file
  */
 
 #undef PROG
@@ -89,17 +90,16 @@ char **argv;
        long num;
        BIO *in=NULL,*out=NULL,*b64=NULL;
        int informat,indent=0;
-       char *infile,*str=NULL,*prog;
+       char *infile=NULL,*str=NULL,*prog,*oidfile=NULL;
        BUF_MEM *buf=NULL;
 
-       infile=NULL;
        informat=FORMAT_PEM;
 
        apps_startup();
 
        if (bio_err == NULL)
                if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-                       BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+                       BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
 
        prog=argv[0];
        argc--;
@@ -120,6 +120,11 @@ char **argv;
                        {
                        indent=1;
                        }
+               else if (strcmp(*argv,"-oid") == 0)
+                       {
+                       if (--argc < 1) goto bad;
+                       oidfile= *(++argv);
+                       }
                else if (strcmp(*argv,"-offset") == 0)
                        {
                        if (--argc < 1) goto bad;
@@ -151,6 +156,7 @@ bad:
                BIO_printf(bio_err," -offset arg   offset into file\n");
                BIO_printf(bio_err," -length arg   lenth of section in file\n");
                BIO_printf(bio_err," -i            indent entries\n");
+               BIO_printf(bio_err," -oid file     file of extra oid definitions\n");
                goto end;
                }
 
@@ -163,7 +169,19 @@ bad:
                ERR_print_errors(bio_err);
                goto end;
                }
-       BIO_set_fp(out,stdout,BIO_NOCLOSE);
+       BIO_set_fp(out,stdout,BIO_NOCLOSE|BIO_FP_TEXT);
+
+       if (oidfile != NULL)
+               {
+               if (BIO_read_filename(in,oidfile) <= 0)
+                       {
+                       BIO_printf(bio_err,"problems opening %s\n",oidfile);
+                       ERR_print_errors(bio_err);
+                       goto end;
+                       }
+               OBJ_create_objects(in);
+               }
+
        if (infile == NULL)
                BIO_set_fp(in,stdin,BIO_NOCLOSE);
        else
@@ -214,6 +232,7 @@ end:
        if (ret != 0)
                ERR_print_errors(bio_err);
        if (buf != NULL) BUF_MEM_free(buf);
+       OBJ_cleanup();
        EXIT(ret);
        }
 

diff --git a/apps/ca.c b/apps/ca.c
index 3e10d6c275d6d6de23efd50dc730fca4fb84e575..a5848366cfe6649987b8c7099b0c39ab29ffb2ac 100644 (file)
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -1,5 +1,5 @@
 /* apps/ca.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -97,6 +97,7 @@
 #define ENV_PRIVATE_KEY                "private_key"
 #define ENV_RANDFILE           "RANDFILE"
 #define ENV_DEFAULT_DAYS       "default_days"
+#define ENV_DEFAULT_STARTDATE  "default_startdate"
 #define ENV_DEFAULT_CRL_DAYS   "default_crl_days"
 #define ENV_DEFAULT_CRL_HOURS  "default_crl_hours"
 #define ENV_DEFAULT_MD         "default_md"
@@ -139,6 +140,7 @@ static char *ca_usage[]={
 " -outdir dir     - Where to put output certificates\n",
 " -infiles ....   - The last argument, requests to process\n",
 " -spkac file     - File contains DN and signed public key and challenge\n",
+" -ss_cert file   - File contains a self signed cert to sign\n",
 " -preserveDN     - Don't re-order the DN\n",
 " -batch         - Don't ask questions\n",
 " -msie_hack     - msie modifications to handle all thos universal strings\n",
@@ -163,16 +165,19 @@ static int index_name_cmp(char **a,char **b);
 static BIGNUM *load_serial(char *serialfile);
 static int save_serial(char *serialfile, BIGNUM *serial);
 static int certify(X509 **xret, char *infile,EVP_PKEY *pkey,X509 *x509,
-       EVP_MD *dgst,STACK *policy,TXT_DB *db,BIGNUM *serial,int days,
-       int batch, STACK *extensions,int verbose);
+       EVP_MD *dgst,STACK *policy,TXT_DB *db,BIGNUM *serial,char *startdate,
+       int days, int batch, STACK *extensions,int verbose);
+static int certify_cert(X509 **xret, char *infile,EVP_PKEY *pkey,X509 *x509,
+       EVP_MD *dgst,STACK *policy,TXT_DB *db,BIGNUM *serial,char *startdate,
+       int days,int batch,STACK *extensions,int verbose);
 static int certify_spkac(X509 **xret, char *infile,EVP_PKEY *pkey,X509 *x509,
-       EVP_MD *dgst,STACK *policy,TXT_DB *db,BIGNUM *serial,int days,
-       STACK *extensions,int verbose);
+       EVP_MD *dgst,STACK *policy,TXT_DB *db,BIGNUM *serial,char *startdate,
+       int days,STACK *extensions,int verbose);
 static int fix_data(int nid, int *type);
 static void write_new_certificate(BIO *bp, X509 *x, int output_der);
 static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, EVP_MD *dgst,
-       STACK *policy, TXT_DB *db, BIGNUM *serial, int days, int batch,
-       int verbose, X509_REQ *req, STACK *extensions);
+       STACK *policy, TXT_DB *db, BIGNUM *serial, char *startdate,
+       int days, int batch, int verbose, X509_REQ *req, STACK *extensions);
 static int check_time_format(char *str);
 #else
 static STACK *load_extensions();
@@ -187,6 +192,7 @@ static int fix_data();
 static BIGNUM *load_serial();
 static int save_serial();
 static int certify();
+static int certify_cert();
 static int certify_spkac();
 static void write_new_certificate();
 static int do_body();
@@ -221,6 +227,7 @@ char **argv;
        char *certfile=NULL;
        char *infile=NULL;
        char *spkac_file=NULL;
+       char *ss_cert_file=NULL;
        EVP_PKEY *pkey=NULL;
        int output_der = 0;
        char *outfile=NULL;
@@ -228,6 +235,7 @@ char **argv;
        char *serialfile=NULL;
        char *extensions=NULL;
        BIGNUM *serial=NULL;
+       char *startdate=NULL;
        int days=0;
        int batch=0;
        X509 *x509=NULL;
@@ -263,7 +271,7 @@ EF_ALIGNMENT=0;
        preserve=0;
        if (bio_err == NULL)
                if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-                       BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+                       BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
 
        argc--;
        argv++;
@@ -281,6 +289,11 @@ EF_ALIGNMENT=0;
                        if (--argc < 1) goto bad;
                        section= *(++argv);
                        }
+               else if (strcmp(*argv,"-startdate") == 0)
+                       {
+                       if (--argc < 1) goto bad;
+                       startdate= *(++argv);
+                       }
                else if (strcmp(*argv,"-days") == 0)
                        {
                        if (--argc < 1) goto bad;
@@ -352,6 +365,12 @@ EF_ALIGNMENT=0;
                        req=1;
                        break;
                        }
+               else if (strcmp(*argv, "-ss_cert") == 0)
+                       {
+                       if (--argc < 1) goto bad;
+                       ss_cert_file = *(++argv);
+                       req=1;
+                       }
                else if (strcmp(*argv, "-spkac") == 0)
                        {
                        if (--argc < 1) goto bad;
@@ -570,7 +589,7 @@ bad:
                }
        if (verbose)
                {
-               BIO_set_fp(out,stdout,BIO_NOCLOSE); /* cannot fail */
+               BIO_set_fp(out,stdout,BIO_NOCLOSE|BIO_FP_TEXT); /* cannot fail */
                TXT_DB_write(out,db);
                BIO_printf(bio_err,"%d entries loaded from the database\n",
                        db->data->num);
@@ -605,7 +624,7 @@ bad:
                                }
                        }
                else
-                       BIO_set_fp(Sout,stdout,BIO_NOCLOSE);
+                       BIO_set_fp(Sout,stdout,BIO_NOCLOSE|BIO_FP_TEXT);
                }
 
        if (req)
@@ -647,6 +666,22 @@ bad:
                                goto err;
                        }
 
+               if (startdate == NULL)
+                       {
+                       startdate=(char *)CONF_get_string(conf,section,
+                               ENV_DEFAULT_STARTDATE);
+                       if (startdate == NULL)
+                               startdate="today";
+                       else
+                               {
+                               if (!ASN1_UTCTIME_set_string(NULL,startdate))
+                                       {
+                                       BIO_printf(bio_err,"start date is invalid, it should be YYMMDDHHMMSS\n");
+                                       goto err;
+                                       }
+                               }
+                       }
+
                if (days == 0)
                        {
                        days=(int)CONF_get_number(conf,section,
@@ -685,7 +720,7 @@ bad:
                        {
                        total++;
                        j=certify_spkac(&x,spkac_file,pkey,x509,dgst,attribs,db,
-                               serial,days,extensions_sk,verbose);
+                               serial,startdate,days,extensions_sk,verbose);
                        if (j < 0) goto err;
                        if (j > 0)
                                {
@@ -704,11 +739,31 @@ bad:
                                        }
                                }
                        }
+               if (ss_cert_file != NULL)
+                       {
+                       total++;
+                       j=certify_cert(&x,ss_cert_file,pkey,x509,dgst,attribs,
+                               db,serial,startdate,days,batch,
+                               extensions_sk,verbose);
+                       if (j < 0) goto err;
+                       if (j > 0)
+                               {
+                               total_done++;
+                               BIO_printf(bio_err,"\n");
+                               if (!BN_add_word(serial,1)) goto err;
+                               if (!sk_push(cert_sk,(char *)x))
+                                       {
+                                       BIO_printf(bio_err,"Malloc failure\n");
+                                       goto err;
+                                       }
+                               }
+                       }
                if (infile != NULL)
                        {
                        total++;
                        j=certify(&x,infile,pkey,x509,dgst,attribs,db,
-                               serial,days,batch,extensions_sk,verbose);
+                               serial,startdate,days,batch,
+                               extensions_sk,verbose);
                        if (j < 0) goto err;
                        if (j > 0)
                                {
@@ -726,7 +781,8 @@ bad:
                        {
                        total++;
                        j=certify(&x,argv[i],pkey,x509,dgst,attribs,db,
-                               serial,days,batch,extensions_sk,verbose);
+                               serial,startdate,days,batch,
+                               extensions_sk,verbose);
                        if (j < 0) goto err;
                        if (j > 0)
                                {
@@ -798,7 +854,7 @@ bad:
                                {
                                for (k=0; k<j; k++)
                                        {
-                                       sprintf((char *)n,"%02X",*(p++));
+                                       sprintf((char *)n,"%02X",(unsigned char)*(p++));
                                        n+=2;
                                        }
                                }
@@ -893,6 +949,8 @@ bad:
                if (ci->issuer == NULL) goto err;
 
                X509_gmtime_adj(ci->lastUpdate,0);
+               if (ci->nextUpdate == NULL)
+                       ci->nextUpdate=ASN1_UTCTIME_new();
                X509_gmtime_adj(ci->nextUpdate,(crldays*24+crlhours)*60*60);
 
                for (i=0; i<sk_num(db->data); i++)
@@ -1092,7 +1150,7 @@ err:
        return(ret);
        }
 
-static int certify(xret,infile,pkey,x509,dgst,policy,db,serial,days,
+static int certify(xret,infile,pkey,x509,dgst,policy,db,serial,startdate,days,
        batch,extensions,verbose)
 X509 **xret;
 char *infile;
@@ -1102,6 +1160,7 @@ EVP_MD *dgst;
 STACK *policy;
 TXT_DB *db;
 BIGNUM *serial;
+char *startdate;
 int days;
 int batch;
 STACK *extensions;
@@ -1130,15 +1189,6 @@ int verbose;
 
        BIO_printf(bio_err,"Check that the request matches the signature\n");
 
-       if (    (req->req_info == NULL) ||
-               (req->req_info->pubkey == NULL) ||
-               (req->req_info->pubkey->public_key == NULL) ||
-               (req->req_info->pubkey->public_key->data == NULL))
-               {
-               BIO_printf(bio_err,"The certificate request appears to corrupted\n");
-               BIO_printf(bio_err,"It does not contain a public key\n");
-               goto err;
-               }
        if ((pktmp=X509_REQ_get_pubkey(req)) == NULL)
                {
                BIO_printf(bio_err,"error unpacking public key\n");
@@ -1160,8 +1210,8 @@ int verbose;
        else
                BIO_printf(bio_err,"Signature ok\n");
 
-       ok=do_body(xret,pkey,x509,dgst,policy,db,serial,days,batch,verbose,req,
-               extensions);
+       ok=do_body(xret,pkey,x509,dgst,policy,db,serial,startdate,
+               days,batch,verbose,req,extensions);
 
 err:
        if (req != NULL) X509_REQ_free(req);
@@ -1169,15 +1219,89 @@ err:
        return(ok);
        }
 
-static int do_body(xret,pkey,x509,dgst,policy,db,serial,days,batch,verbose,req,
-       extensions)
+static int certify_cert(xret,infile,pkey,x509,dgst,policy,db,serial,startdate,
+       days, batch,extensions,verbose)
 X509 **xret;
+char *infile;
 EVP_PKEY *pkey;
 X509 *x509;
 EVP_MD *dgst;
 STACK *policy;
 TXT_DB *db;
 BIGNUM *serial;
+char *startdate;
+int days;
+int batch;
+STACK *extensions;
+int verbose;
+       {
+       X509 *req=NULL;
+       X509_REQ *rreq=NULL;
+       BIO *in=NULL;
+       EVP_PKEY *pktmp=NULL;
+       int ok= -1,i;
+
+       in=BIO_new(BIO_s_file());
+
+       if (BIO_read_filename(in,infile) <= 0)
+               {
+               perror(infile);
+               goto err;
+               }
+       if ((req=PEM_read_bio_X509(in,NULL,NULL)) == NULL)
+               {
+               BIO_printf(bio_err,"Error reading self signed certificate in %s\n",infile);
+               goto err;
+               }
+       if (verbose)
+               X509_print(bio_err,req);
+
+       BIO_printf(bio_err,"Check that the request matches the signature\n");
+
+       if ((pktmp=X509_get_pubkey(req)) == NULL)
+               {
+               BIO_printf(bio_err,"error unpacking public key\n");
+               goto err;
+               }
+       i=X509_verify(req,pktmp);
+       if (i < 0)
+               {
+               ok=0;
+               BIO_printf(bio_err,"Signature verification problems....\n");
+               goto err;
+               }
+       if (i == 0)
+               {
+               ok=0;
+               BIO_printf(bio_err,"Signature did not match the certificate request\n");
+               goto err;
+               }
+       else
+               BIO_printf(bio_err,"Signature ok\n");
+
+       if ((rreq=X509_to_X509_REQ(req,NULL,EVP_md5())) == NULL)
+               goto err;
+
+       ok=do_body(xret,pkey,x509,dgst,policy,db,serial,startdate,days,
+               batch,verbose,rreq,extensions);
+
+err:
+       if (rreq != NULL) X509_REQ_free(rreq);
+       if (req != NULL) X509_free(req);
+       if (in != NULL) BIO_free(in);
+       return(ok);
+       }
+
+static int do_body(xret,pkey,x509,dgst,policy,db,serial,startdate,days,
+       batch,verbose,req, extensions)
+X509 **xret;
+EVP_PKEY *pkey;
+X509 *x509;
+EVP_MD *dgst;
+STACK *policy;
+TXT_DB *db;
+BIGNUM *serial;
+char *startdate;
 int days;
 int batch;
 int verbose;
@@ -1185,7 +1309,7 @@ X509_REQ *req;
 STACK *extensions;
        {
        X509_NAME *name=NULL,*CAname=NULL,*subject=NULL;
-       ASN1_UTCTIME *tm;
+       ASN1_UTCTIME *tm,*tmptm;
        ASN1_STRING *str,*str2;
        ASN1_OBJECT *obj;
        X509 *ret=NULL;
@@ -1200,6 +1324,13 @@ STACK *extensions;
        char *row[DB_NUMBER],**rrow,**irow=NULL;
        char buf[25],*pbuf;
 
+       tmptm=ASN1_UTCTIME_new();
+       if (tmptm == NULL)
+               {
+               BIO_printf(bio_err,"malloc error\n");
+               return(0);
+               }
+
        for (i=0; i<DB_NUMBER; i++)
                row[i]=NULL;
 
@@ -1471,8 +1602,16 @@ again2:
                goto err;
 
        BIO_printf(bio_err,"Certificate is to be certified until ");
-       X509_gmtime_adj(X509_get_notBefore(ret),0);
-       X509_gmtime_adj(X509_get_notAfter(ret),(long)60*60*24*days);
+       if (strcmp(startdate,"today") == 0)
+               {
+               X509_gmtime_adj(X509_get_notBefore(ret),0);
+               X509_gmtime_adj(X509_get_notAfter(ret),(long)60*60*24*days);
+               }
+       else
+               {
+               /*XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX*/
+               ASN1_UTCTIME_set_string(X509_get_notBefore(ret),startdate);
+               }
        ASN1_UTCTIME_print(bio_err,X509_get_notAfter(ret));
        BIO_printf(bio_err," (%d days)\n",days);
 
@@ -1623,8 +1762,8 @@ int output_der;
        BIO_puts(bp,"\n");
        }
 
-static int certify_spkac(xret,infile,pkey,x509,dgst,policy,db,serial,days,
-       extensions,verbose)
+static int certify_spkac(xret,infile,pkey,x509,dgst,policy,db,serial,
+       startdate,days,extensions,verbose)
 X509 **xret;
 char *infile;
 EVP_PKEY *pkey;
@@ -1633,6 +1772,7 @@ EVP_MD *dgst;
 STACK *policy;
 TXT_DB *db;
 BIGNUM *serial;
+char *startdate;
 int days;
 STACK *extensions;
 int verbose;
@@ -1778,8 +1918,8 @@ int verbose;
        BIO_printf(bio_err,"Signature ok\n");
 
        X509_REQ_set_pubkey(req,pktmp);
-       ok=do_body(xret,pkey,x509,dgst,policy,db,serial,days,1,verbose,req,
-               extensions);
+       ok=do_body(xret,pkey,x509,dgst,policy,db,serial,startdate,
+               days,1,verbose,req,extensions);
 err:
        if (req != NULL) X509_REQ_free(req);
        if (parms != NULL) CONF_free(parms);

diff --git a/apps/cert.pem b/apps/cert.pem
new file mode 100644 (file)
index 0000000..de4a77a
--- /dev/null
+++ b/apps/cert.pem
@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE-----
+MIIBoDCCAUoCAQAwDQYJKoZIhvcNAQEEBQAwYzELMAkGA1UEBhMCQVUxEzARBgNV
+BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMSMwIQYD
+VQQDExpTZXJ2ZXIgdGVzdCBjZXJ0ICg1MTIgYml0KTAeFw05NzA5MDkwMzQxMjZa
+Fw05NzEwMDkwMzQxMjZaMF4xCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0
+YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxFzAVBgNVBAMT
+DkVyaWMgdGhlIFlvdW5nMFEwCQYFKw4DAgwFAANEAAJBALVEqPODnpI4rShlY8S7
+tB713JNvabvn6Gned7zylwLLiXQAo/PAT6mfdWPTyCX9RlId/Aroh1ou893BA32Q
+sggwDQYJKoZIhvcNAQEEBQADQQCU5SSgapJSdRXJoX+CpCvFy+JVh9HpSjCpSNKO
+19raHv98hKAUJuP9HyM+SUsffO6mAIgitUaqW8/wDMePhEC3
+-----END CERTIFICATE-----

diff --git a/apps/ciphers.c b/apps/ciphers.c
index 16ff2b49275dbbe25a9139918b5212170d75faf8..867196e393cd3b6fb7ceab0e77047f91202858b8 100644 (file)
--- a/apps/ciphers.c
+++ b/apps/ciphers.c
@@ -1,5 +1,5 @@
 /* apps/ciphers.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -59,7 +59,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
-#ifdef WIN16
+#ifdef NO_STDIO
 #define APPS_WIN16
 #endif
 #include "apps.h"

diff --git a/apps/crl.c b/apps/crl.c
index 9642ee52684b9eb4eef0dfd11bc9607f5551ce60..2c18374ee0ea7b75a93a2e5d0044db950db1a621 100644 (file)
--- a/apps/crl.c
+++ b/apps/crl.c
@@ -1,5 +1,5 @@
 /* apps/crl.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -109,7 +109,6 @@ char **argv;
        BIO *out=NULL;
        int informat,outformat;
        char *infile=NULL,*outfile=NULL;
-       char *str=NULL;
        int hash=0,issuer=0,lastupdate=0,nextupdate=0,noout=0;
        char **pp,buf[256];
 
@@ -117,7 +116,7 @@ char **argv;
 
        if (bio_err == NULL)
                if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-                       BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+                       BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
 
        if (bio_out == NULL)
                if ((bio_out=BIO_new(BIO_s_file())) != NULL)
@@ -209,7 +208,7 @@ bad:
                        if (issuer == i)
                                {
                                X509_NAME_oneline(x->crl->issuer,buf,256);
-                               fprintf(stdout,"issuer= %s\n",str);
+                               fprintf(stdout,"issuer= %s\n",buf);
                                }
 
                        if (hash == i)
@@ -226,7 +225,10 @@ bad:
                        if (nextupdate == i)
                                {
                                fprintf(stdout,"nextUpdate=");
-                               ASN1_UTCTIME_print(bio_out,x->crl->nextUpdate);
+                               if (x->crl->nextUpdate != NULL)
+                                       ASN1_UTCTIME_print(bio_out,x->crl->nextUpdate);
+                               else
+                                       fprintf(stdout,"NONE");
                                fprintf(stdout,"\n");
                                }
                        }
@@ -259,8 +261,10 @@ bad:
        else if (outformat == FORMAT_TEXT)
                {
                X509_REVOKED *r;
+               STACK *sk;
 
-               while ((r=(X509_REVOKED *)sk_pop(x->crl->revoked)) != NULL)
+               sk=sk_dup(x->crl->revoked);
+               while ((r=(X509_REVOKED *)sk_pop(sk)) != NULL)
                        {
                        fprintf(stdout,"revoked: serialNumber=");
                        i2a_ASN1_INTEGER(out,r->serialNumber);
@@ -268,6 +272,7 @@ bad:
                        ASN1_UTCTIME_print(bio_out,r->revocationDate);
                        fprintf(stdout,"\n");
                        }
+               sk_free(sk);
                i=1;
                }
        else    

diff --git a/apps/crl2p7.c b/apps/crl2p7.c
index 04bb1a1c87df2c5fdfe076cf22cd47062bd2d021..82a7829558667c5d1f6cfdc87ed1b44c70acf3b3 100644 (file)
--- a/apps/crl2p7.c
+++ b/apps/crl2p7.c
@@ -1,5 +1,5 @@
 /* apps/crl2p7.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -106,7 +106,7 @@ char **argv;
 
        if (bio_err == NULL)
                if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-                       BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+                       BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
 
        infile=NULL;
        outfile=NULL;

diff --git a/apps/dgst.c b/apps/dgst.c
index 6d7a1787f4a12aec1e6f7b4f01397aa23d64bf4a..eea291db1274f907c27b61ab2c02d5e5eded113f 100644 (file)
--- a/apps/dgst.c
+++ b/apps/dgst.c
@@ -1,5 +1,5 @@
 /* apps/dgst.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -103,7 +103,7 @@ char **argv;
                }
        if (bio_err == NULL)
                if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-                       BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+                       BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
 
        /* first check the program name */
         program_name(argv[0],pname,PROG_NAME_SIZE);
@@ -135,16 +135,16 @@ char **argv;
                BIO_printf(bio_err,"unknown option '%s'\n",*argv);
                BIO_printf(bio_err,"options are\n");
                BIO_printf(bio_err,"-c   to output the digest with separating colons\n");
-               BIO_printf(bio_err,"-c   to output debug info\n");
-               BIO_printf(bio_err,"-%3s to use the %s message digest alogorithm (default)\n",
+               BIO_printf(bio_err,"-d   to output debug info\n");
+               BIO_printf(bio_err,"-%3s to use the %s message digest algorithm (default)\n",
                        LN_md5,LN_md5);
-               BIO_printf(bio_err,"-%3s to use the %s message digest alogorithm\n",
+               BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
                        LN_md2,LN_md2);
-               BIO_printf(bio_err,"-%3s to use the %s message digest alogorithm\n",
+               BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
                        LN_sha1,LN_sha1);
-               BIO_printf(bio_err,"-%3s to use the %s message digest alogorithm\n",
+               BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
                        LN_sha,LN_sha);
-               BIO_printf(bio_err,"-%3s to use the %s message digest alogorithm\n",
+               BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
                        LN_mdc2,LN_mdc2);
                err=1;
                goto end;

diff --git a/apps/dh.c b/apps/dh.c
index 8a3bcfb88699ef7bb17a6cb9ddae07396b293faf..bbf445e84568330278402d4bebb900899141f2b9 100644 (file)
--- a/apps/dh.c
+++ b/apps/dh.c
@@ -1,5 +1,5 @@
 /* apps/dh.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -95,7 +95,7 @@ char **argv;
 
        if (bio_err == NULL)
                if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-                       BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+                       BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
 
        infile=NULL;
        outfile=NULL;

diff --git a/apps/dsa.c b/apps/dsa.c
index 585116a677ebf5974f7cc12fd810736ee7c6a1a6..fbd85a467adbb6edc1ba377eeb9d36a3aa28eaba 100644 (file)
--- a/apps/dsa.c
+++ b/apps/dsa.c
@@ -1,5 +1,5 @@
 /* apps/dsa.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -99,7 +99,7 @@ char **argv;
 
        if (bio_err == NULL)
                if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-                       BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+                       BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
 
        infile=NULL;
        outfile=NULL;

diff --git a/apps/dsap.pem b/apps/dsap.pem
new file mode 100644 (file)
index 0000000..d4dfdb3
--- /dev/null
+++ b/apps/dsap.pem
@@ -0,0 +1,6 @@
+-----BEGIN DSA PARAMETERS-----
+MIGcAkEA+ZiKEvZmc9MtnaFZh4NiZ3oZS4J1PHvPrm9MXj5ntVheDPkdmBDTncya
+GAJcMjwsyB/GvLDGd6yGCw/8eF+09wIVAK3VagOxGd/Q4Af5NbxR5FB7CXEjAkA2
+t/q7HgVLi0KeKvcDG8BRl3wuy7bCvpjgtWiJc/tpvcuzeuAayH89UofjAGueKjXD
+ADiRffvSdhrNw5dkqdql
+-----END DSA PARAMETERS-----

diff --git a/apps/dsaparam.c b/apps/dsaparam.c
index e9485c003623ccadad9992013cac025f2d370fdf..6e99289bd343f9d34defa6ca4c37b050bb5e60e0 100644 (file)
--- a/apps/dsaparam.c
+++ b/apps/dsaparam.c
@@ -1,5 +1,5 @@
 /* apps/dsaparam.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -83,7 +83,7 @@
  */
 
 #ifndef NOPROTO
-static void MS_CALLBACK dsa_cb(int p, int n);
+static void MS_CALLBACK dsa_cb(int p, int n, char *arg);
 #else
 static void MS_CALLBACK dsa_cb();
 #endif
@@ -104,7 +104,7 @@ char **argv;
 
        if (bio_err == NULL)
                if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-                       BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+                       BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
 
        infile=NULL;
        outfile=NULL;
@@ -217,7 +217,8 @@ bad:
 
                BIO_printf(bio_err,"Generating DSA parameters, %d bit long prime\n",num);
                BIO_printf(bio_err,"This could take some time\n");
-               dsa=DSA_generate_parameters(num,NULL,0,NULL,NULL,dsa_cb);
+               dsa=DSA_generate_parameters(num,NULL,0,NULL,NULL,
+                       dsa_cb,(char *)bio_err);
                }
        else if (informat == FORMAT_ASN1)
                dsa=d2i_DSAparams_bio(in,NULL);
@@ -322,9 +323,10 @@ end:
        EXIT(ret);
        }
 
-static void MS_CALLBACK dsa_cb(p, n)
+static void MS_CALLBACK dsa_cb(p, n, arg)
 int p;
 int n;
+char *arg;
        {
        char c='*';
 
@@ -332,8 +334,8 @@ int n;
        if (p == 1) c='+';
        if (p == 2) c='*';
        if (p == 3) c='\n';
-       BIO_write(bio_err,&c,1);
-       BIO_flush(bio_err);
+       BIO_write((BIO *)arg,&c,1);
+       BIO_flush((BIO *)arg);
 #ifdef LINT
        p=n;
 #endif

diff --git a/apps/eay.c b/apps/eay.c
index c7a59ca242a84f59e91c34a124be40fda438607e..37d5dcbd30875dcd548661e75f0374a50fad6957 100644 (file)
--- a/apps/eay.c
+++ b/apps/eay.c
@@ -1,5 +1,5 @@
 /* apps/eay.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written

diff --git a/apps/enc.c b/apps/enc.c
index d7c990911f083dcdf2812a49ff44492807031ca2..c00d520b44d9e6f6a4ff5e35f36e90bf219d9d07 100644 (file)
--- a/apps/enc.c
+++ b/apps/enc.c
@@ -1,5 +1,5 @@
 /* apps/enc.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -96,7 +96,7 @@ char **argv;
        char *str=NULL;
        char *hkey=NULL,*hiv=NULL;
        int enc=1,printkey=0,i,base64=0;
-       int debug=0;
+       int debug=0,olb64=0;
        EVP_CIPHER *cipher=NULL,*c;
        char *inf=NULL,*outf=NULL;
        BIO *in=NULL,*out=NULL,*b64=NULL,*benc=NULL,*rbio=NULL,*wbio=NULL;
@@ -107,7 +107,7 @@ char **argv;
 
        if (bio_err == NULL)
                if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-                       BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+                       BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
 
        /* first check the program name */
         program_name(argv[0],pname,PROG_NAME_SIZE);
@@ -148,6 +148,8 @@ char **argv;
                        debug=1;
                else if (strcmp(*argv,"-P") == 0)
                        printkey=2;
+               else if (strcmp(*argv,"-A") == 0)
+                       olb64=1;
                else if (strcmp(*argv,"-a") == 0)
                        base64=1;
                else if (strcmp(*argv,"-base64") == 0)
@@ -280,6 +282,18 @@ bad:
                                LN_bf_ecb, LN_bf_cbc,
                                LN_bf_cfb64, LN_bf_ofb64);
                        BIO_printf(bio_err," -%-4s (%s)\n","bf", LN_bf_cbc);
+#endif
+#ifndef NO_BLOWFISH
+                       BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s",
+                               LN_cast5_ecb, LN_cast5_cbc,
+                               LN_cast5_cfb64, LN_cast5_ofb64);
+                       BIO_printf(bio_err," -%-4s (%s)\n","cast", LN_cast5_cbc);
+#endif
+#ifndef NO_BLOWFISH
+                       BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s",
+                               LN_rc5_ecb, LN_rc5_cbc,
+                               LN_rc5_cfb64, LN_rc5_ofb64);
+                       BIO_printf(bio_err," -%-4s (%s)\n","rc5", LN_rc5_cbc);
 #endif
                        goto end;
                        }
@@ -463,6 +477,8 @@ bad:
                        BIO_set_callback(b64,BIO_debug_callback);
                        BIO_set_callback_arg(b64,bio_err);
                        }
+               if (olb64)
+                       BIO_set_flags(b64,BIO_FLAGS_BASE64_NO_NL);
                if (enc)
                        wbio=BIO_push(b64,wbio);
                else

diff --git a/apps/errstr.c b/apps/errstr.c
index 6d0f9d137be27a0615c1cf279e60fc035135300b..d2b2b3fcea1996aa329b0e4ad726a32ffb18684d 100644 (file)
--- a/apps/errstr.c
+++ b/apps/errstr.c
@@ -1,5 +1,5 @@
 /* apps/errstr.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -80,7 +80,7 @@ char **argv;
 
        if (bio_err == NULL)
                if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-                       BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+                       BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
 
        SSL_load_error_strings();
 

diff --git a/apps/ext.v3 b/apps/ext.v3
new file mode 100644 (file)
index 0000000..87ee8e6
--- /dev/null
+++ b/apps/ext.v3
@@ -0,0 +1,2 @@
+2.99999.3      SET.ex3         SET x509v3 extension 3
+

diff --git a/apps/g_ssleay.pl b/apps/g_ssleay.pl
index 237dd4c698fbdf0ac240aaafca7f3b727a8f798a..cd05fe6a785b2db6dbdcc4b2533c51c0b09b51a4 100644 (file)
--- a/apps/g_ssleay.pl
+++ b/apps/g_ssleay.pl
@@ -57,14 +57,16 @@ foreach ("md2","md5","sha","sha1","mdc2")
 
 foreach (
        "base64",
-       "des", "des3", "desx", "idea", "rc4", "rc2","bf",
+       "des", "des3", "desx", "idea", "rc4", "rc2","bf","cast","rc5",
        "des-ecb", "des-ede",    "des-ede3",
        "des-cbc", "des-ede-cbc","des-ede3-cbc",
        "des-cfb", "des-ede-cfb","des-ede3-cfb",
        "des-ofb", "des-ede-ofb","des-ede3-ofb",
        "idea-cbc","idea-ecb",   "idea-cfb", "idea-ofb",
        "rc2-cbc", "rc2-ecb",    "rc2-cfb",  "rc2-ofb",
-       "bf-cbc",  "bf-ecb",     "bf-cfb",   "bf-ofb")
+       "bf-cbc",  "bf-ecb",     "bf-cfb",   "bf-ofb",
+       "cast5-cbc","cast5-ecb", "cast5-cfb","cast5-ofb",
+       "cast-cbc", "rc5-cbc",   "rc5-ecb",  "rc5-cfb",  "rc5-ofb")
        {
        push(@files,$_);
 
@@ -74,6 +76,8 @@ foreach (
        elsif ($_ =~ /rc4/)  { $t="#ifndef NO_RC4\n${t}#endif\n"; }
        elsif ($_ =~ /rc2/)  { $t="#ifndef NO_RC2\n${t}#endif\n"; }
        elsif ($_ =~ /bf/)   { $t="#ifndef NO_BLOWFISH\n${t}#endif\n"; }
+       elsif ($_ =~ /cast/) { $t="#ifndef NO_CAST\n${t}#endif\n"; }
+       elsif ($_ =~ /rc5/)  { $t="#ifndef NO_RC5\n${t}#endif\n"; }
        print $t;
        }
 

diff --git a/apps/gendh.c b/apps/gendh.c
index b7b6d0fd629f4c6e8267e9f8455f93c88f7f5b95..2790f179fdc30d7174f31d90811c35bcbfb65acd 100644 (file)
--- a/apps/gendh.c
+++ b/apps/gendh.c
@@ -1,5 +1,5 @@
 /* apps/gendh.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -74,7 +74,7 @@
 #define PROG gendh_main
 
 #ifndef NOPROTO
-static void MS_CALLBACK dh_cb(int p, int n);
+static void MS_CALLBACK dh_cb(int p, int n, char *arg);
 static long dh_load_rand(char *names);
 #else
 static void MS_CALLBACK dh_cb();
@@ -97,7 +97,7 @@ char **argv;
 
        if (bio_err == NULL)
                if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-                       BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+                       BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
 
        argv++;
        argc--;
@@ -171,7 +171,7 @@ bad:
 
        BIO_printf(bio_err,"Generating DH parameters, %d bit long strong prime, generator of %d\n",num,g);
        BIO_printf(bio_err,"This is going to take a long time\n");
-       dh=DH_generate_parameters(num,g,dh_cb);
+       dh=DH_generate_parameters(num,g,dh_cb,(char *)bio_err);
                
        if (dh == NULL) goto end;
 
@@ -191,9 +191,10 @@ end:
        EXIT(ret);
        }
 
-static void MS_CALLBACK dh_cb(p, n)
+static void MS_CALLBACK dh_cb(p,n,arg)
 int p;
 int n;
+char *arg;
        {
        char c='*';
 
@@ -201,8 +202,8 @@ int n;
        if (p == 1) c='+';
        if (p == 2) c='*';
        if (p == 3) c='\n';
-       BIO_write(bio_err,&c,1);
-       BIO_flush(bio_err);
+       BIO_write((BIO *)arg,&c,1);
+       BIO_flush((BIO *)arg);
 #ifdef LINT
        p=n;
 #endif

diff --git a/apps/gendsa.c b/apps/gendsa.c
index 35f299a58b187eb618ade523787b15fc8a165b4b..e0e5afa400b0feb84588d201377826287bb710a4 100644 (file)
--- a/apps/gendsa.c
+++ b/apps/gendsa.c
@@ -1,5 +1,5 @@
 /* apps/gendsa.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -94,7 +94,7 @@ char **argv;
 
        if (bio_err == NULL)
                if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-                       BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+                       BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
 
        argv++;
        argc--;
@@ -135,7 +135,7 @@ bad:
                }
 
        in=BIO_new(BIO_s_file());
-       if (!(BIO_read_filename(in,"r")))
+       if (!(BIO_read_filename(in,"dsaparams")))
                {
                perror(dsaparams);
                goto end;

diff --git a/apps/genrsa.c b/apps/genrsa.c
index 973175447f484cf90b1c1c1f741a866c2e482b83..cdba6189ad6493323459d36fc2e39e5957494927 100644 (file)
--- a/apps/genrsa.c
+++ b/apps/genrsa.c
@@ -1,5 +1,5 @@
 /* apps/genrsa.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -75,7 +75,7 @@
 #define PROG genrsa_main
 
 #ifndef NOPROTO
-static void MS_CALLBACK genrsa_cb(int p, int n);
+static void MS_CALLBACK genrsa_cb(int p, int n, char *arg);
 static long gr_load_rand(char *names);
 #else
 static void MS_CALLBACK genrsa_cb();
@@ -101,7 +101,7 @@ char **argv;
 
        if (bio_err == NULL)
                if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-                       BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+                       BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
        if ((out=BIO_new(BIO_s_file())) == NULL)
                {
                BIO_printf(bio_err,"unable to creat BIO for output\n");
@@ -201,7 +201,7 @@ bad:
 
        BIO_printf(bio_err,"Generating RSA private key, %d bit long modulus\n",
                num);
-       rsa=RSA_generate_key(num,f4,genrsa_cb);
+       rsa=RSA_generate_key(num,f4,genrsa_cb,(char *)bio_err);
                
        if (randfile == NULL)
                BIO_printf(bio_err,"unable to write 'random state'\n");
@@ -234,9 +234,10 @@ err:
        EXIT(ret);
        }
 
-static void MS_CALLBACK genrsa_cb(p, n)
+static void MS_CALLBACK genrsa_cb(p, n, arg)
 int p;
 int n;
+char *arg;
        {
        char c='*';
 
@@ -244,8 +245,8 @@ int n;
        if (p == 1) c='+';
        if (p == 2) c='*';
        if (p == 3) c='\n';
-       BIO_write(bio_err,&c,1);
-       BIO_flush(bio_err);
+       BIO_write((BIO *)arg,&c,1);
+       BIO_flush((BIO *)arg);
 #ifdef LINT
        p=n;
 #endif

diff --git a/apps/mklinks b/apps/mklinks
index 6423613383ce77b057208d4b4082d268ce812788..55a56b399e4f53a711a442de5886e577765d7c3c 100644 (file)
--- a/apps/mklinks
+++ b/apps/mklinks
@@ -1,5 +1,5 @@
 #!/bin/sh
-for i in verify asn1parse req dgst dh enc gendh gendsa errstr ca crl rsa dsa dsaparam x509 genrsa s_server s_client speed s_time version pkcs7 crl2pkcs7 sess_id ciphers md2 md5 sha sha1 mdc2 base64 des des3 desx idea rc4 rc2 bf des-ecb des-ede des-ede3 des-cbc des-ede-cbc des-ede3-cbc des-cfb des-ede-cfb des-ede3-cfb des-ofb des-ede-ofb des-ede3-ofb idea-cbc idea-ecb idea-cfb idea-ofb rc2-cbc rc2-ecb rc2-cfb rc2-ofb bf-cbc bf-ecb bf-cfb bf-ofb 
+for i in verify asn1parse req dgst dh enc gendh errstr ca crl rsa dsa dsaparam x509 genrsa s_server s_client speed s_time version pkcs7 crl2pkcs7 sess_id ciphers md2 md5 sha sha1 mdc2 base64 des des3 desx idea rc4 rc2 bf cast rc5 des-ecb des-ede des-ede3 des-cbc des-ede-cbc des-ede3-cbc des-cfb des-ede-cfb des-ede3-cfb des-ofb des-ede-ofb des-ede3-ofb idea-cbc idea-ecb idea-cfb idea-ofb rc2-cbc rc2-ecb rc2-cfb rc2-ofb bf-cbc bf-ecb bf-cfb bf-ofb cast5-cbc cast5-ecb cast5-cfb cast5-ofb cast-cbc rc5-cbc rc5-ecb rc5-cfb rc5-ofb 
 do
 echo making symlink for $i
 /bin/rm -f $i

diff --git a/apps/openssl.c b/apps/openssl.c
index f69f14aa2e262e9977caefe5354b0de8e5f83f08..eac411b85405b9ee5d18ec5e58dc1e93508db961 100644 (file)
--- a/apps/openssl.c
+++ b/apps/openssl.c
@@ -1,5 +1,5 @@
 /* apps/ssleay.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -56,14 +56,13 @@
  * [including the GNU Public Licence.]
  */
 
-#define DEBUG
+#ifndef DEBUG
+#undef DEBUG
+#endif
 
 #include <stdio.h>
 #include <string.h>
 #include <stdlib.h>
-#ifdef WIN16
-#define APPS_WIN16
-#endif
 #include "bio.h"
 #include "crypto.h"
 #include "lhash.h"
@@ -78,19 +77,22 @@
 #include "s_apps.h"
 #include "err.h"
 
+/*
+#ifdef WINDOWS
+#include "bss_file.c"
+#endif
+*/
 
 #ifndef NOPROTO
 static unsigned long MS_CALLBACK hash(FUNCTION *a);
 static int MS_CALLBACK cmp(FUNCTION *a,FUNCTION *b);
 static LHASH *prog_init(void );
 static int do_cmd(LHASH *prog,int argc,char *argv[]);
-static void sig_stop(int i);
 #else
 static unsigned long MS_CALLBACK hash();
 static int MS_CALLBACK cmp();
 static LHASH *prog_init();
 static int do_cmd();
-static void sig_stop();
 #endif
 
 LHASH *config=NULL;
@@ -143,7 +145,7 @@ char *Argv[];
 
        if (bio_err == NULL)
                if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-                       BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+                       BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
 
        CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
 
@@ -224,6 +226,7 @@ char *Argv[];
                        }
                if (ret != 0)
                        BIO_printf(bio_err,"error in %s\n",argv[0]);
+               BIO_flush(bio_err);
                }
        BIO_printf(bio_err,"bad exit\n");
        ret=1;

diff --git a/apps/pem_mail.c b/apps/pem_mail.c
index e48c358f72f6b89c5717ce7b3497364bdcbeb63e..64e04acb52782d9deef9551a8034b9b8e7f2f9b5 100644 (file)
--- a/apps/pem_mail.c
+++ b/apps/pem_mail.c
@@ -1,5 +1,5 @@
 /* apps/pem_mail.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written

diff --git a/apps/pkcs7.c b/apps/pkcs7.c
index 47bd7564a97722aab5830cfae1f55bad7f789c6c..4105dbd9efbd390a1f40e76e146ab420cbf7aaba 100644 (file)
--- a/apps/pkcs7.c
+++ b/apps/pkcs7.c
@@ -1,5 +1,5 @@
 /* apps/pkcs7.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -87,7 +87,9 @@ char **argv;
        {
        PKCS7 *p7=NULL;
        int i,badops=0;
+#if !defined(NO_DES) || !defined(NO_IDEA)
        EVP_CIPHER *enc=NULL;
+#endif
        BIO *in=NULL,*out=NULL;
        int informat,outformat;
        char *infile,*outfile,*prog,buf[256];
@@ -98,7 +100,7 @@ char **argv;
 
        if (bio_err == NULL)
                if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-                       BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+                       BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
 
        infile=NULL;
        outfile=NULL;

diff --git a/apps/privkey.pem b/apps/privkey.pem
index 8308004d5b8f8deef07733aa06967a7188573088..b567e411b20e3448d517cbd83711d0def8208d0b 100644 (file)
--- a/apps/privkey.pem
+++ b/apps/privkey.pem
@@ -1,15 +1,11 @@
 -----BEGIN DSA PRIVATE KEY-----
 Proc-Type: 4,ENCRYPTED
-DEK-Info: DES-EDE3-CBC,2221AF3DAA41AB24
+DEK-Info: DES-EDE3-CBC,1BF8E9CE60B9941C
 
-IOx3ubYOV2SETDSWiuG4bsioEl7jA2CulYKAJvIfy8z5GI+08NwptNOUqbMhDV1s
-156KhUvBvG48uz9mxcOyHjZRD0HNixGNMXDaFJSajINFoGtmYZRc20DEoY6buzsi
-E76GK95cJHsjJsdNrdggIJRTaiLayLzsMFVDrKhmaJVTKlBpcdnFM4BEKSyD2H5N
-OllrfK6GgmlH+WVXU9AlXoy5Jm0YXT7i5bPCB5eDDL/GkTISFHZsnEYpHCrMARsw
-5V15dYEwFc6NA/psBGk1qS2CHVIOYNcfCfndR90+UCos+rMBkcQDfvxI95+L8dbS
-ONJJrUqiCHV/zYSE+aXZN001mJJLvHOW65YbgdwSOfiowcv7HPbFrGdwOOJvSEx2
-d571YvqfsaDojwR5KLgfFDSwVBwzo/mfcFeVrT9Q8LwPL4/dwwoElWTmYbSaW0uZ
-Ov73xRUbVGa5LTJoGbFVMvjpmEO2qtBsx7vq9AT8v8gDzYSuEafyC7d0h85EIfTJ
-wPlIN3xKTiqFpp/eFCkdKqNn826NoC1TgQuoCBIrJ8gZsIr1l8R+iAuGxKGPASoF
-cyqnpcqGgaaTrxnk9cX4dQ==
+JuhgIvVRrxCRedTTC9ABlIByMsq6IcpqyDZwOPS4rxTtVWvjj1BMHtoCebK7CKMZ
+dLsvztfSkdAYmTGK62C73RwlmnMxB4JXhTLaoAX2eL9iylojTWRg+/0Y4rbIKmUe
+hrmwrHld7vnfE9XHL8OoaFp6aJ8BB9B8HIfdJMnrNcTWJSGS6gYPTWPdm7ZCykEV
+2fFEX6IqWjBjaRm36Esj5mHLRVhBbi2n/jy5IhZeqjEsQ8adYGUulzPSe5xc2JZa
++OO4ch/RRqWTFP59eNPfdke3UE7uNlUhPnYDAOXhSdMJBzI+T9RQXU2y/tMOrYYK
+3+jNQcQ9q1Xy1s5dz/BOvw==
 -----END DSA PRIVATE KEY-----

diff --git a/apps/progs.h b/apps/progs.h
index 50e2ca4a4c63f36703eac0bc9d8c496b482859a7..ec00396ed7feebc98d3d377a1021538cd07c40a2 100644 (file)
--- a/apps/progs.h
+++ b/apps/progs.h
@@ -6,7 +6,6 @@ extern int dgst_main(int argc,char *argv[]);
 extern int dh_main(int argc,char *argv[]);
 extern int enc_main(int argc,char *argv[]);
 extern int gendh_main(int argc,char *argv[]);
-extern int gendsa_main(int argc,char *argv[]);
 extern int errstr_main(int argc,char *argv[]);
 extern int ca_main(int argc,char *argv[]);
 extern int crl_main(int argc,char *argv[]);
@@ -32,7 +31,6 @@ extern int dgst_main();
 extern int dh_main();
 extern int enc_main();
 extern int gendh_main();
-extern int gendsa_main();
 extern int errstr_main();
 extern int ca_main();
 extern int crl_main();
@@ -77,9 +75,6 @@ FUNCTION functions[] = {
        {FUNC_TYPE_GENERAL,"enc",enc_main},
 #ifndef NO_DH
        {FUNC_TYPE_GENERAL,"gendh",gendh_main},
-#endif
-#ifndef NO_DSA
-       {FUNC_TYPE_GENERAL,"gendsa",gendsa_main},
 #endif
        {FUNC_TYPE_GENERAL,"errstr",errstr_main},
 #ifndef NO_RSA
@@ -145,6 +140,12 @@ FUNCTION functions[] = {
 #ifndef NO_BLOWFISH
        {FUNC_TYPE_CIPHER,"bf",enc_main},
 #endif
+#ifndef NO_CAST
+       {FUNC_TYPE_CIPHER,"cast",enc_main},
+#endif
+#ifndef NO_RC5
+       {FUNC_TYPE_CIPHER,"rc5",enc_main},
+#endif
 #ifndef NO_DES
        {FUNC_TYPE_CIPHER,"des-ecb",enc_main},
 #endif
@@ -216,6 +217,33 @@ FUNCTION functions[] = {
 #endif
 #ifndef NO_BLOWFISH
        {FUNC_TYPE_CIPHER,"bf-ofb",enc_main},
+#endif
+#ifndef NO_CAST
+       {FUNC_TYPE_CIPHER,"cast5-cbc",enc_main},
+#endif
+#ifndef NO_CAST
+       {FUNC_TYPE_CIPHER,"cast5-ecb",enc_main},
+#endif
+#ifndef NO_CAST
+       {FUNC_TYPE_CIPHER,"cast5-cfb",enc_main},
+#endif
+#ifndef NO_CAST
+       {FUNC_TYPE_CIPHER,"cast5-ofb",enc_main},
+#endif
+#ifndef NO_CAST
+       {FUNC_TYPE_CIPHER,"cast-cbc",enc_main},
+#endif
+#ifndef NO_RC5
+       {FUNC_TYPE_CIPHER,"rc5-cbc",enc_main},
+#endif
+#ifndef NO_RC5
+       {FUNC_TYPE_CIPHER,"rc5-ecb",enc_main},
+#endif
+#ifndef NO_RC5
+       {FUNC_TYPE_CIPHER,"rc5-cfb",enc_main},
+#endif
+#ifndef NO_RC5
+       {FUNC_TYPE_CIPHER,"rc5-ofb",enc_main},
 #endif
        {0,NULL,NULL}
        };

diff --git a/apps/progs.pl b/apps/progs.pl
index 237dd4c698fbdf0ac240aaafca7f3b727a8f798a..cd05fe6a785b2db6dbdcc4b2533c51c0b09b51a4 100644 (file)
--- a/apps/progs.pl
+++ b/apps/progs.pl
@@ -57,14 +57,16 @@ foreach ("md2","md5","sha","sha1","mdc2")
 
 foreach (
        "base64",
-       "des", "des3", "desx", "idea", "rc4", "rc2","bf",
+       "des", "des3", "desx", "idea", "rc4", "rc2","bf","cast","rc5",
        "des-ecb", "des-ede",    "des-ede3",
        "des-cbc", "des-ede-cbc","des-ede3-cbc",
        "des-cfb", "des-ede-cfb","des-ede3-cfb",
        "des-ofb", "des-ede-ofb","des-ede3-ofb",
        "idea-cbc","idea-ecb",   "idea-cfb", "idea-ofb",
        "rc2-cbc", "rc2-ecb",    "rc2-cfb",  "rc2-ofb",
-       "bf-cbc",  "bf-ecb",     "bf-cfb",   "bf-ofb")
+       "bf-cbc",  "bf-ecb",     "bf-cfb",   "bf-ofb",
+       "cast5-cbc","cast5-ecb", "cast5-cfb","cast5-ofb",
+       "cast-cbc", "rc5-cbc",   "rc5-ecb",  "rc5-cfb",  "rc5-ofb")
        {
        push(@files,$_);
 
@@ -74,6 +76,8 @@ foreach (
        elsif ($_ =~ /rc4/)  { $t="#ifndef NO_RC4\n${t}#endif\n"; }
        elsif ($_ =~ /rc2/)  { $t="#ifndef NO_RC2\n${t}#endif\n"; }
        elsif ($_ =~ /bf/)   { $t="#ifndef NO_BLOWFISH\n${t}#endif\n"; }
+       elsif ($_ =~ /cast/) { $t="#ifndef NO_CAST\n${t}#endif\n"; }
+       elsif ($_ =~ /rc5/)  { $t="#ifndef NO_RC5\n${t}#endif\n"; }
        print $t;
        }
 

diff --git a/apps/req.c b/apps/req.c
index 9b6041e1791bf4633d6e37f31ff42fca8c07b881..f51345f5a2890f731a83757762d759121b023057 100644 (file)
--- a/apps/req.c
+++ b/apps/req.c
@@ -1,5 +1,5 @@
 /* apps/req.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -60,7 +60,7 @@
 #include <stdlib.h>
 #include <time.h>
 #include <string.h>
-#ifdef WIN16
+#ifdef NO_STDIO
 #define APPS_WIN16
 #endif
 #include "apps.h"
@@ -111,7 +111,7 @@ static int add_attribute_object(STACK *n, char *text, char *def,
        char *value, int nid,int min,int max);
 static int add_DN_object(X509_NAME *n, char *text, char *def, char *value,
        int nid,int min,int max);
-static void MS_CALLBACK req_cb(int p,int n);
+static void MS_CALLBACK req_cb(int p,int n,char *arg);
 static int req_fix_data(int nid,int *type,int len,int min,int max);
 #else
 static int make_REQ();
@@ -135,7 +135,9 @@ int MAIN(argc, argv)
 int argc;
 char **argv;
        {
+#ifndef NO_DSA
        DSA *dsa_params=NULL;
+#endif
        int ex=1,x509=0,days=30;
        X509 *x509ss=NULL;
        X509_REQ *req=NULL;
@@ -160,7 +162,7 @@ char **argv;
 
        if (bio_err == NULL)
                if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-                       BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+                       BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
 
        infile=NULL;
        outfile=NULL;
@@ -228,7 +230,9 @@ char **argv;
                                p+=4;
                                newkey= atoi(p);
                                }
-                       else if (strncmp("dsa:",p,4) == 0)
+                       else
+#ifndef NO_DSA
+                               if (strncmp("dsa:",p,4) == 0)
                                {
                                X509 *xtmp=NULL;
                                EVP_PKEY *dtmp;
@@ -249,6 +253,9 @@ char **argv;
                                                BIO_printf(bio_err,"unable to load DSA parameters from file\n");
                                                goto end;
                                                }
+
+                                       /* This will 'disapear'
+                                        * when we free xtmp */
                                        dtmp=X509_get_pubkey(xtmp);
                                        if (dtmp->type == EVP_PKEY_DSA)
                                                dsa_params=DSAparams_dup(dtmp->pkey.dsa);
@@ -258,18 +265,21 @@ char **argv;
                                                BIO_printf(bio_err,"Certificate does not contain DSA parameters\n");
                                                goto end;
                                                }
-                                       
                                        }
                                BIO_free(in);
                                newkey=BN_num_bits(dsa_params->p);
                                in=NULL;
                                }
-                       else if (strncmp("dh:",p,4) == 0)
+                       else 
+#endif
+#ifndef NO_DH
+                               if (strncmp("dh:",p,4) == 0)
                                {
                                pkey_type=TYPE_DH;
                                p+=3;
                                }
                        else
+#endif
                                pkey_type=TYPE_RSA;
 
                        newreq=1;
@@ -463,7 +473,8 @@ bad:
                if (pkey_type == TYPE_RSA)
                        {
                        if (!EVP_PKEY_assign_RSA(pkey,
-                               RSA_generate_key(newkey,0x10001,req_cb)))
+                               RSA_generate_key(newkey,0x10001,
+                                       req_cb,(char *)bio_err)))
                                goto end;
                        }
                else
@@ -559,8 +570,10 @@ loop:
 
        if (newreq || x509)
                {
+#ifndef NO_DSA
                if (pkey->type == EVP_PKEY_DSA)
                        digest=EVP_dss1();
+#endif
 
                if (pkey == NULL)
                        {
@@ -733,7 +746,9 @@ end:
        if (pkey != NULL) EVP_PKEY_free(pkey);
        if (req != NULL) X509_REQ_free(req);
        if (x509ss != NULL) X509_free(x509ss);
+#ifndef NO_DSA
        if (dsa_params != NULL) DSA_free(dsa_params);
+#endif
        EXIT(ex);
        }
 
@@ -743,7 +758,7 @@ EVP_PKEY *pkey;
 int attribs;
        {
        int ret=0,i,j;
-       unsigned char *p;
+       unsigned char *p,*q;
        X509_REQ_INFO *ri;
        char buf[100];
        int nid,min,max;
@@ -800,19 +815,43 @@ start:            for (;;)
                        if ((int)sk_num(sk) <= i) break;
 
                        v=(CONF_VALUE *)sk_value(sk,i);
-                       p=NULL;
+                       p=q=NULL;
                        type=v->name;
+                       /* Allow for raw OIDs */
+                       /* [n.mm.ooo.ppp] */
                        for (j=0; type[j] != '\0'; j++)
                                {
                                if (    (type[j] == ':') ||
                                        (type[j] == ',') ||
                                        (type[j] == '.'))
-                                       p= (unsigned char *)&(type[j+1]);
+                                       p=(unsigned char *)&(type[j+1]);
+                               if (type[j] == '[')
+                                       {
+                                       p=(unsigned char *)&(type[j+1]);
+                                       for (j++; type[j] != '\0'; j++)
+                                               if (type[j] == ']')
+                                                       {
+                                                       q=(unsigned char *)&(type[j]);
+                                                       break;
+                                                       }
+                                       break;
+                                       }
                                }
                        if (p != NULL)
                                type=(char *)p;
                        if ((nid=OBJ_txt2nid(type)) == NID_undef)
-                               goto start;
+                               {
+                               /* Add a new one if possible */
+                               if ((p != NULL) && (q != NULL) && (*q == ']'))
+                                       {
+                                       *q='\0';
+                                       nid=OBJ_create((char *)p,NULL,NULL);
+                                       *q=']';
+                                       if (nid == NID_undef) goto start;
+                                       }
+                               else
+                                       goto start;
+                               }
 
                        sprintf(buf,"%s_default",v->name);
                        if ((def=CONF_get_string(req_conf,tmp,buf)) == NULL)
@@ -1044,9 +1083,10 @@ err:
        return(0);
        }
 
-static void MS_CALLBACK req_cb(p, n)
+static void MS_CALLBACK req_cb(p,n,arg)
 int p;
 int n;
+char *arg;
        {
        char c='*';
 
@@ -1054,8 +1094,8 @@ int n;
        if (p == 1) c='+';
        if (p == 2) c='*';
        if (p == 3) c='\n';
-       BIO_write(bio_err,&c,1);
-       BIO_flush(bio_err);
+       BIO_write((BIO *)arg,&c,1);
+       BIO_flush((BIO *)arg);
 #ifdef LINT
        p=n;
 #endif

diff --git a/apps/req.pem b/apps/req.pem
new file mode 100644 (file)
index 0000000..5537df6
--- /dev/null
+++ b/apps/req.pem
@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBlzCCAVcCAQAwXjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
+ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEXMBUGA1UEAxMORXJp
+YyB0aGUgWW91bmcwge8wgaYGBSsOAwIMMIGcAkEA+ZiKEvZmc9MtnaFZh4NiZ3oZ
+S4J1PHvPrm9MXj5ntVheDPkdmBDTncyaGAJcMjwsyB/GvLDGd6yGCw/8eF+09wIV
+AK3VagOxGd/Q4Af5NbxR5FB7CXEjAkA2t/q7HgVLi0KeKvcDG8BRl3wuy7bCvpjg
+tWiJc/tpvcuzeuAayH89UofjAGueKjXDADiRffvSdhrNw5dkqdqlA0QAAkEAtUSo
+84OekjitKGVjxLu0HvXck29pu+foad53vPKXAsuJdACj88BPqZ91Y9PIJf1GUh38
+CuiHWi7z3cEDfZCyCKAAMAkGBSsOAwIbBQADLwAwLAIUTg8amKVBE9oqC5B75dDQ
+Chy3LdQCFHKodGEj3LjuTzdm/RTe2KZL9Uzf
+-----END CERTIFICATE REQUEST-----

diff --git a/apps/rmlinks b/apps/rmlinks
index 54bc996f1163c7de7f2311a875046cd453a91f68..7c4f8983ba08ac1ceb7ff3ecfa5ac0ed82db306a 100644 (file)
--- a/apps/rmlinks
+++ b/apps/rmlinks
@@ -1,5 +1,5 @@
 #!/bin/sh
-for i in verify asn1parse req dgst dh enc gendh gendsa errstr ca crl rsa dsa dsaparam x509 genrsa s_server s_client speed s_time version pkcs7 crl2pkcs7 sess_id ciphers md2 md5 sha sha1 mdc2 base64 des des3 desx idea rc4 rc2 bf des-ecb des-ede des-ede3 des-cbc des-ede-cbc des-ede3-cbc des-cfb des-ede-cfb des-ede3-cfb des-ofb des-ede-ofb des-ede3-ofb idea-cbc idea-ecb idea-cfb idea-ofb rc2-cbc rc2-ecb rc2-cfb rc2-ofb bf-cbc bf-ecb bf-cfb bf-ofb 
+for i in verify asn1parse req dgst dh enc gendh errstr ca crl rsa dsa dsaparam x509 genrsa s_server s_client speed s_time version pkcs7 crl2pkcs7 sess_id ciphers md2 md5 sha sha1 mdc2 base64 des des3 desx idea rc4 rc2 bf cast rc5 des-ecb des-ede des-ede3 des-cbc des-ede-cbc des-ede3-cbc des-cfb des-ede-cfb des-ede3-cfb des-ofb des-ede-ofb des-ede3-ofb idea-cbc idea-ecb idea-cfb idea-ofb rc2-cbc rc2-ecb rc2-cfb rc2-ofb bf-cbc bf-ecb bf-cfb bf-ofb cast5-cbc cast5-ecb cast5-cfb cast5-ofb cast-cbc rc5-cbc rc5-ecb rc5-cfb rc5-ofb 
 do
 echo removing $i
 /bin/rm -f $i

diff --git a/apps/rsa.c b/apps/rsa.c
index 9f2df771bd04fcbfd3669b1f4f12f5e3725fa3c6..267b12b15e1b26d1efe1f87a9f4294d6b9ea0af3 100644 (file)
--- a/apps/rsa.c
+++ b/apps/rsa.c
@@ -1,5 +1,5 @@
 /* apps/rsa.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -99,7 +99,7 @@ char **argv;
 
        if (bio_err == NULL)
                if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-                       BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+                       BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
 
        infile=NULL;
        outfile=NULL;

diff --git a/apps/s_apps.h b/apps/s_apps.h
index 685767454a27f75bc4e7ba7934f4a330f09927e6..ba320946bef496337d4323b070c93ed03cfd8599 100644 (file)
--- a/apps/s_apps.h
+++ b/apps/s_apps.h
@@ -1,5 +1,5 @@
 /* apps/s_apps.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -79,9 +79,8 @@ int nbio_init_client_ip(int *sock,unsigned char ip[4], int port);
 int nbio_sock_error(int sock);
 int spawn(int argc, char **argv, int *in, int *out);
 int init_server(int *sock, int port);
+int init_server_long(int *sock, int port,char *ip);
 int should_retry(int i);
-int sock_err(void );
-int socket_ioctl(int, long,unsigned long *);
 void sock_cleanup(void );
 int extract_port(char *str, short *port_ptr);
 int extract_host_port(char *str,char **host_ptr,unsigned char *ip,short *p);
@@ -108,8 +107,6 @@ int nbio_sock_error();
 int spawn();
 int init_server();
 int should_retry();
-int sock_err();
-int socket_ioctl();
 void sock_cleanup();
 int extract_port();
 int extract_host_port();

diff --git a/apps/s_cb.c b/apps/s_cb.c
index 712a043311564bfab5e24df82f82ccf17a9960d7..cd086bb93ed02251f4e64926ef94b8912d8fe89d 100644 (file)
--- a/apps/s_cb.c
+++ b/apps/s_cb.c
@@ -1,5 +1,5 @@
 /* apps/s_cb.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -71,7 +71,6 @@
 int verify_depth=0;
 int verify_error=X509_V_OK;
 
-/* should be X509 * but we can just have them as char *. */
 int MS_CALLBACK verify_callback(ok, ctx)
 int ok;
 X509_STORE_CTX *ctx;
@@ -137,7 +136,7 @@ char *key_file;
                if (SSL_CTX_use_certificate_file(ctx,cert_file,
                        SSL_FILETYPE_PEM) <= 0)
                        {
-                       BIO_printf(bio_err,"unable to set certificate file\n");
+                       BIO_printf(bio_err,"unable to get certificate from '%s'\n",cert_file);
                        ERR_print_errors(bio_err);
                        return(0);
                        }
@@ -145,7 +144,7 @@ char *key_file;
                if (SSL_CTX_use_PrivateKey_file(ctx,key_file,
                        SSL_FILETYPE_PEM) <= 0)
                        {
-                       BIO_printf(bio_err,"unable to set public key file\n");
+                       BIO_printf(bio_err,"unable to get private key from '%s'\n",key_file);
                        ERR_print_errors(bio_err);
                        return(0);
                        }

diff --git a/apps/s_client.c b/apps/s_client.c
index b5dc238878a73aa8b264ca57414a41950fb404fd..e783eb723c4e2b0972cec50183cfbb5abec01306 100644 (file)
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -1,5 +1,5 @@
 /* apps/s_client.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -60,7 +60,7 @@
 #include <stdlib.h>
 #include <string.h>
 #define USE_SOCKETS
-#ifdef WIN16
+#ifdef NO_STDIO
 #define APPS_WIN16
 #endif
 #include "apps.h"
@@ -127,6 +127,8 @@ static void sc_usage()
        BIO_printf(bio_err," -quiet        - no s_client output\n");
        BIO_printf(bio_err," -ssl2         - just use SSLv2\n");
        BIO_printf(bio_err," -ssl3         - just use SSLv3\n");
+       BIO_printf(bio_err," -tls1         - just use TLSv1\n");
+       BIO_printf(bio_err," -no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n");
        BIO_printf(bio_err," -bugs         - Switch on all SSL implementation bug workarounds\n");
        BIO_printf(bio_err," -cipher       - prefered cipher to use, use the 'ssleay ciphers'\n");
        BIO_printf(bio_err,"                 command to se what is available\n");
@@ -137,6 +139,7 @@ int MAIN(argc, argv)
 int argc;
 char **argv;
        {
+       int off=0;
        SSL *con=NULL,*con2=NULL;
        int s,k,width,state=0;
        char *cbuf=NULL,*sbuf=NULL;
@@ -165,6 +168,7 @@ char **argv;
 #endif
 
        apps_startup();
+       c_Pause=0;
        c_quiet=0;
        c_debug=0;
 
@@ -234,6 +238,10 @@ char **argv;
 #ifndef NO_SSL3
                else if (strcmp(*argv,"-ssl3") == 0)
                        meth=SSLv3_client_method();
+#endif
+#ifndef NO_TLS1
+               else if (strcmp(*argv,"-tls1") == 0)
+                       meth=TLSv1_client_method();
 #endif
                else if (strcmp(*argv,"-bugs") == 0)
                        bugs=1;
@@ -256,6 +264,12 @@ char **argv;
                        if (--argc < 1) goto bad;
                        CAfile= *(++argv);
                        }
+               else if (strcmp(*argv,"-no_tls1") == 0)
+                       off|=SSL_OP_NO_TLSv1;
+               else if (strcmp(*argv,"-no_ssl3") == 0)
+                       off|=SSL_OP_NO_SSLv3;
+               else if (strcmp(*argv,"-no_ssl2") == 0)
+                       off|=SSL_OP_NO_SSLv2;
                else if (strcmp(*argv,"-cipher") == 0)
                        {
                        if (--argc < 1) goto bad;
@@ -302,7 +316,10 @@ bad:
                goto end;
                }
 
-       if (bugs) SSL_CTX_set_options(ctx,SSL_OP_ALL);
+       if (bugs)
+               SSL_CTX_set_options(ctx,SSL_OP_ALL|off);
+       else
+               SSL_CTX_set_options(ctx,off);
 
        if (state) SSL_CTX_set_info_callback(ctx,apps_ssl_info_callback);
        if (cipher != NULL)
@@ -319,20 +336,21 @@ bad:
        if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) ||
                (!SSL_CTX_set_default_verify_paths(ctx)))
                {
-               BIO_printf(bio_err,"error seting default verify locations\n");
+               /* BIO_printf(bio_err,"error seting default verify locations\n"); */
                ERR_print_errors(bio_err);
-               goto end;
+               /* goto end; */
                }
 
        SSL_load_error_strings();
 
        con=(SSL *)SSL_new(ctx);
+/*     SSL_set_cipher_list(con,"RC4-MD5"); */
 
 re_start:
 
        if (init_client(&s,host,port) == 0)
                {
-               BIO_printf(bio_err,"connect:errno=%d\n",errno);
+               BIO_printf(bio_err,"connect:errno=%d\n",get_last_socket_error());
                SHUTDOWN(s);
                goto end;
                }
@@ -343,7 +361,11 @@ re_start:
                {
                unsigned long l=1;
                BIO_printf(bio_c_out,"turning on non blocking io\n");
-               socket_ioctl(s,FIONBIO,&l);
+               if (BIO_socket_ioctl(s,FIONBIO,&l) < 0)
+                       {
+                       ERR_print_errors(bio_err);
+                       goto end;
+                       }
                }
 #endif                                              
        if (c_Pause & 0x01) con->debug=1;
@@ -386,7 +408,7 @@ re_start:
                FD_ZERO(&readfds);
                FD_ZERO(&writefds);
 
-               if (SSL_in_init(con))
+               if (SSL_in_init(con) && !SSL_total_renegotiations(con))
                        {
                        in_init=1;
                        tty_on=0;
@@ -427,11 +449,11 @@ re_start:
 /*             printf("mode tty(%d %d%d) ssl(%d%d)\n",
                        tty_on,read_tty,write_tty,read_ssl,write_ssl);*/
 
-/*             printf("pending=%d\n",SSL_pending(con)); */
                i=select(width,&readfds,&writefds,NULL,NULL);
                if ( i < 0)
                        {
-                       BIO_printf(bio_err,"bad select %d\n",sock_err());
+                       BIO_printf(bio_err,"bad select %d\n",
+                               get_last_socket_error());
                        goto shut;
                        /* goto end; */
                        }
@@ -489,7 +511,7 @@ re_start:
                                if ((k != 0) || (cbuf_len != 0))
                                        {
                                        BIO_printf(bio_err,"write:errno=%d\n",
-                                               errno);
+                                               get_last_socket_error());
                                        goto shut;
                                        }
                                else
@@ -526,7 +548,10 @@ re_start:
 #endif
                else if (FD_ISSET(SSL_get_fd(con),&readfds))
                        {
-                       k=SSL_read(con,sbuf,BUFSIZZ);
+#ifdef RENEG
+{ static int iiii; if (++iiii == 52) { SSL_renegotiate(con); iiii=0; } }
+#endif
+                       k=SSL_read(con,sbuf,1024 /* BUFSIZZ */ );
 
                        switch (SSL_get_error(con,k))
                                {
@@ -555,7 +580,7 @@ re_start:
                                BIO_printf(bio_c_out,"read X BLOCK\n");
                                break;
                        case SSL_ERROR_SYSCALL:
-                               BIO_printf(bio_err,"read:errno=%d\n",errno);
+                               BIO_printf(bio_err,"read:errno=%d\n",get_last_socket_error());
                                goto shut;
                        case SSL_ERROR_ZERO_RETURN:
                                BIO_printf(bio_c_out,"closed\n");
@@ -619,7 +644,7 @@ BIO *bio;
 SSL *s;
 int full;
        {
-       X509 *peer;
+       X509 *peer=NULL;
        char *p;
        static char *space="                ";
        char buf[BUFSIZ];
@@ -657,7 +682,6 @@ int full;
                        X509_NAME_oneline(X509_get_issuer_name(peer),
                                buf,BUFSIZ);
                        BIO_printf(bio,"issuer=%s\n",buf);
-                       X509_free(peer);
                        }
                else
                        BIO_printf(bio,"no peer certificate available\n");
@@ -687,7 +711,7 @@ int full;
                                {
                                if (*p == ':')
                                        {
-                                       BIO_write(bio,space,15-j);
+                                       BIO_write(bio,space,15-j%25);
                                        i++;
                                        j=0;
                                        BIO_write(bio,((i%3)?" ":"\n"),1);
@@ -711,7 +735,12 @@ int full;
        BIO_printf(bio,"%s, Cipher is %s\n",
                SSL_CIPHER_get_version(c),
                SSL_CIPHER_get_name(c));
+       if (peer != NULL)
+               BIO_printf(bio,"Server public key is %d bit\n",
+                       EVP_PKEY_bits(X509_get_pubkey(peer)));
        SSL_SESSION_print(bio,SSL_get_session(s));
        BIO_printf(bio,"---\n");
+       if (peer != NULL)
+               X509_free(peer);
        }
 

diff --git a/apps/s_server.c b/apps/s_server.c
index d1e406c7b47e2501bbb8cc270337c113fd2ee48a..5012ef254da704a8676df51a31f21bfd1c36500c 100644 (file)
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -1,5 +1,5 @@
 /* apps/s_server.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -61,7 +61,7 @@
 #include <string.h>
 #include <sys/types.h>
 #include <sys/stat.h>
-#ifdef WIN16
+#ifdef NO_STDIO
 #define APPS_WIN16
 #endif
 #include "lhash.h"
@@ -82,8 +82,11 @@ static void close_accept_socket(void );
 static void sv_usage(void);
 static int init_ssl_connection(SSL *s);
 static void print_stats(BIO *bp,SSL_CTX *ctx);
+#ifndef NO_DH
 static DH *load_dh_param(void );
 static DH *get_dh512(void);
+#endif
+/* static void s_server_init(void);*/
 #else
 static RSA MS_CALLBACK *tmp_rsa_cb();
 static int sv_body();
@@ -92,15 +95,19 @@ static void close_accept_socket();
 static void sv_usage();
 static int init_ssl_connection();
 static void print_stats();
+#ifndef NO_DH
 static DH *load_dh_param();
 static DH *get_dh512();
 #endif
+/* static void s_server_init(); */
+#endif
 
 
 #ifndef S_ISDIR
 #define S_ISDIR(a)     (((a) & _S_IFMT) == _S_IFDIR)
 #endif
 
+#ifndef NO_DH
 static unsigned char dh512_p[]={
        0xDA,0x58,0x3C,0x16,0xD9,0x85,0x22,0x89,0xD0,0xE4,0xAF,0x75,
        0x6F,0x4C,0xCA,0x92,0xDD,0x4B,0xE5,0x33,0xB8,0x04,0xFB,0x0F,
@@ -117,15 +124,14 @@ static DH *get_dh512()
        {
        DH *dh=NULL;
 
-#ifndef NO_DH
        if ((dh=DH_new()) == NULL) return(NULL);
        dh->p=BN_bin2bn(dh512_p,sizeof(dh512_p),NULL);
        dh->g=BN_bin2bn(dh512_g,sizeof(dh512_g),NULL);
        if ((dh->p == NULL) || (dh->g == NULL))
                return(NULL);
-#endif
        return(dh);
        }
+#endif
 
 /* static int load_CA(SSL_CTX *ctx, char *file);*/
 
@@ -142,8 +148,9 @@ static int accept_socket= -1;
 extern int verify_depth;
 
 static char *cipher=NULL;
-int verify=SSL_VERIFY_NONE;
-char *s_cert_file=TEST_CERT,*s_key_file=NULL;
+static int s_server_verify=SSL_VERIFY_NONE;
+static char *s_cert_file=TEST_CERT,*s_key_file=NULL;
+static char *s_dcert_file=NULL,*s_dkey_file=NULL;
 #ifdef FIONBIO
 static int s_nbio=0;
 #endif
@@ -155,11 +162,33 @@ static BIO *bio_s_out=NULL;
 static int s_debug=0;
 static int s_quiet=0;
 
+#if 0
+static void s_server_init()
+       {
+       cipher=NULL;
+       s_server_verify=SSL_VERIFY_NONE;
+       s_dcert_file=NULL;
+       s_dkey_file=NULL;
+       s_cert_file=TEST_CERT;
+       s_key_file=NULL;
+#ifdef FIONBIO
+       s_nbio=0;
+#endif
+       s_nbio_test=0;
+       ctx=NULL;
+       www=0;
+
+       bio_s_out=NULL;
+       s_debug=0;
+       s_quiet=0;
+       }
+#endif
+
 static void sv_usage()
        {
        BIO_printf(bio_err,"usage: s_server [args ...]\n");
        BIO_printf(bio_err,"\n");
-       BIO_printf(bio_err," -accpet arg   - port to accept on (default is %d\n",PORT);
+       BIO_printf(bio_err," -accept arg   - port to accept on (default is %d\n",PORT);
        BIO_printf(bio_err," -verify arg   - turn on peer certificate verification\n");
        BIO_printf(bio_err," -Verify arg   - turn on peer certificate verification, must have a cert.\n");
        BIO_printf(bio_err," -cert arg     - certificate file to use, PEM format assumed\n");
@@ -180,14 +209,18 @@ static void sv_usage()
        BIO_printf(bio_err," -no_tmp_rsa   - Do not generate a tmp RSA key\n");
        BIO_printf(bio_err," -ssl2         - Just talk SSLv2\n");
        BIO_printf(bio_err," -ssl3         - Just talk SSLv3\n");
+       BIO_printf(bio_err," -tls1         - Just talk TLSv1\n");
+       BIO_printf(bio_err," -no_ssl2      - Just disable SSLv2\n");
+       BIO_printf(bio_err," -no_ssl3      - Just disable SSLv3\n");
+       BIO_printf(bio_err," -no_tls1      - Just disable TLSv1\n");
        BIO_printf(bio_err," -bugs         - Turn on SSL bug compatability\n");
        BIO_printf(bio_err," -www          - Respond to a 'GET /' with a status page\n");
        BIO_printf(bio_err," -WWW          - Returns requested page from to a 'GET <path> HTTP/1.0'\n");
        }
 
-static int local_argc;
+static int local_argc=0;
 static char **local_argv;
-static int hack;
+static int hack=0;
 
 int MAIN(argc, argv)
 int argc;
@@ -197,10 +230,13 @@ char *argv[];
        char *CApath=NULL,*CAfile=NULL;
        int badop=0,bugs=0;
        int ret=1;
+       int off=0;
        int no_tmp_rsa=0,nocert=0;
        int state=0;
        SSL_METHOD *meth=NULL;
+#ifndef NO_DH
        DH *dh=NULL;
+#endif
 
 #if !defined(NO_SSL2) && !defined(NO_SSL3)
        meth=SSLv23_server_method();
@@ -240,14 +276,14 @@ char *argv[];
                        }
                else if (strcmp(*argv,"-verify") == 0)
                        {
-                       verify=SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE;
+                       s_server_verify=SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE;
                        if (--argc < 1) goto bad;
                        verify_depth=atoi(*(++argv));
                        BIO_printf(bio_err,"verify depth is %d\n",verify_depth);
                        }
                else if (strcmp(*argv,"-Verify") == 0)
                        {
-                       verify=SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT|
+                       s_server_verify=SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT|
                                SSL_VERIFY_CLIENT_ONCE;
                        if (--argc < 1) goto bad;
                        verify_depth=atoi(*(++argv));
@@ -263,6 +299,16 @@ char *argv[];
                        if (--argc < 1) goto bad;
                        s_key_file= *(++argv);
                        }
+               else if (strcmp(*argv,"-dcert") == 0)
+                       {
+                       if (--argc < 1) goto bad;
+                       s_dcert_file= *(++argv);
+                       }
+               else if (strcmp(*argv,"-dkey") == 0)
+                       {
+                       if (--argc < 1) goto bad;
+                       s_dkey_file= *(++argv);
+                       }
                else if (strcmp(*argv,"-nocert") == 0)
                        {
                        nocert=1;
@@ -309,6 +355,12 @@ char *argv[];
                        { www=1; }
                else if (strcmp(*argv,"-WWW") == 0)
                        { www=2; }
+               else if (strcmp(*argv,"-no_ssl2") == 0)
+                       { off|=SSL_OP_NO_SSLv2; }
+               else if (strcmp(*argv,"-no_ssl3") == 0)
+                       { off|=SSL_OP_NO_SSLv3; }
+               else if (strcmp(*argv,"-no_tls1") == 0)
+                       { off|=SSL_OP_NO_TLSv1; }
 #ifndef NO_SSL2
                else if (strcmp(*argv,"-ssl2") == 0)
                        { meth=SSLv2_server_method(); }
@@ -316,6 +368,10 @@ char *argv[];
 #ifndef NO_SSL3
                else if (strcmp(*argv,"-ssl3") == 0)
                        { meth=SSLv3_server_method(); }
+#endif
+#ifndef NO_TLS1
+               else if (strcmp(*argv,"-tls1") == 0)
+                       { meth=TLSv1_server_method(); }
 #endif
                else
                        {
@@ -352,6 +408,8 @@ bad:
                {
                s_cert_file=NULL;
                s_key_file=NULL;
+               s_dcert_file=NULL;
+               s_dkey_file=NULL;
                }
 
        SSL_load_error_strings();
@@ -364,12 +422,16 @@ bad:
                goto end;
                }
 
+       SSL_CTX_set_quiet_shutdown(ctx,1);
        if (bugs) SSL_CTX_set_options(ctx,SSL_OP_ALL);
        if (hack) SSL_CTX_set_options(ctx,SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG);
+       SSL_CTX_set_options(ctx,off);
        if (hack) SSL_CTX_set_options(ctx,SSL_OP_NON_EXPORT_FIRST);
 
        if (state) SSL_CTX_set_info_callback(ctx,apps_ssl_info_callback);
 
+       SSL_CTX_sess_set_cache_size(ctx,128);
+
 #if 0
        if (cipher == NULL) cipher=getenv("SSL_CIPHER");
 #endif
@@ -385,9 +447,9 @@ bad:
        if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) ||
                (!SSL_CTX_set_default_verify_paths(ctx)))
                {
-               BIO_printf(bio_err,"X509_load_verify_locations\n");
+               /* BIO_printf(bio_err,"X509_load_verify_locations\n"); */
                ERR_print_errors(bio_err);
-               goto end;
+               /* goto end; */
                }
 
 #ifndef NO_DH
@@ -410,6 +472,11 @@ bad:
        
        if (!set_cert_stuff(ctx,s_cert_file,s_key_file))
                goto end;
+       if (s_dcert_file != NULL)
+               {
+               if (!set_cert_stuff(ctx,s_dcert_file,s_dkey_file))
+                       goto end;
+               }
 
 #if 1
        SSL_CTX_set_tmp_rsa_callback(ctx,tmp_rsa_cb);
@@ -435,7 +502,7 @@ bad:
 
        if (cipher != NULL)
                SSL_CTX_set_cipher_list(ctx,cipher);
-       SSL_CTX_set_verify(ctx,verify,verify_callback);
+       SSL_CTX_set_verify(ctx,s_server_verify,verify_callback);
 
        SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(s_cert_file));
 
@@ -464,16 +531,23 @@ SSL_CTX *ssl_ctx;
                SSL_CTX_sess_number(ssl_ctx));
        BIO_printf(bio,"%4d client connects (SSL_connect())\n",
                SSL_CTX_sess_connect(ssl_ctx));
+       BIO_printf(bio,"%4d client renegotiates (SSL_connect())\n",
+               SSL_CTX_sess_connect_renegotiate(ssl_ctx));
        BIO_printf(bio,"%4d client connects that finished\n",