experience in code simply being copied and the attribution removed
from it and then being distributed as part of other packages. This
implementation was a non-trivial and unpaid effort.
+
# This is used on the DEC Alpha where long is 8 bytes
# and int is 4
# BN_LLONG use the type 'long long' in crypto/bn/bn.h
-# MD2_CHAR use 'char' instead of 'int' for MD2_INT in crypto/md/md2.h
-# MD2_LONG use 'long' instead of 'int' for MD2_INT in crypto/md/md2.h
+# MD2_CHAR use 'char' instead of 'int' for MD2_INT in crypto/md2/md2.h
+# MD2_LONG use 'long' instead of 'int' for MD2_INT in crypto/md2/md2.h
# IDEA_SHORT use 'short' instead of 'int' for IDEA_INT in crypto/idea/idea.h
# IDEA_LONG use 'long' instead of 'int' for IDEA_INT in crypto/idea/idea.h
# RC2_SHORT use 'short' instead of 'int' for RC2_INT in crypto/rc2/rc2.h
# RC2_LONG use 'long' instead of 'int' for RC2_INT in crypto/rc2/rc2.h
# RC4_CHAR use 'char' instead of 'int' for RC4_INT in crypto/rc4/rc4.h
# RC4_LONG use 'long' instead of 'int' for RC4_INT in crypto/rc4/rc4.h
-# RC4_INDEX define RC4_INDEX in crypto/rc4/rc4_enc.c. This turns on
+# RC4_INDEX define RC4_INDEX in crypto/rc4/rc4_locl.h. This turns on
# array lookups instead of pointer use.
# BF_PTR use 'pointer arithmatic' for Blowfish (unsafe on Alpha).
# BF_PTR2 use a pentium/intel specific version.
+# MD5_ASM use some extra md5 assember,
+# SHA1_ASM use some extra sha1 assember, must define L_ENDIAN for x86
+# RMD160_ASM use some extra ripemd160 assember,
+# BN_ASM use some extra bn assember,
$x86_gcc_des="DES_PTR DES_RISC1 DES_UNROLL";
$bits1="THIRTY_TWO_BIT ";
$bits2="SIXTY_FOUR_BIT ";
-# -DB_ENDIAN slows things down on a sparc
+$x86_sol_asm="asm/bn86-sol.o:asm/dx86-sol.o asm/yx86-sol.o:asm/bx86-sol.o:asm/mx86-sol.o:asm/sx86-sol.o:asm/cx86-sol.o:asm/rx86-sol.o:asm/rm86-sol.o:asm/r586-sol.o";
+$x86_elf_asm="asm/bn86-elf.o:asm/dx86-elf.o asm/yx86-elf.o:asm/bx86-elf.o:asm/mx86-elf.o:asm/sx86-elf.o:asm/cx86-elf.o:asm/rx86-elf.o:asm/rm86-elf.o:asm/r586-elf.o";
+$x86_out_asm="asm/bn86-out.o:asm/dx86-out.o asm/yx86-out.o:asm/bx86-out.o:asm/mx86-out.o:asm/sx86-out.o:asm/cx86-out.o:asm/rx86-out.o:asm/rm86-out.o:asm/r586-out.o";
+$x86_bsdi_asm="asm/bn86bsdi.o:asm/dx86bsdi.o asm/yx86bsdi.o:asm/bx86bsdi.o:asm/mx86bsdi.o:asm/sx86bsdi.o:asm/cx86bsdi.o:asm/rx86bsdi.o:asm/rm86bsdi.o:asm/r586bsdi.o";
+
+# -DB_ENDIAN slows things down on a sparc for md5, but helps sha1.
+# So the md5_locl.h file has an undef B_ENDIAN if sun is defined
#config-string CC : CFLAGS : LDFLAGS : special header file mods:bn_asm \
# des_asm:bf_asm
# A few of my development configs
"purify", "purify gcc:-g -DPURIFY -Wall:-lsocket -lnsl::::",
-"debug", "gcc:-DREF_CHECK -DCRYPTO_MDEBUG -g -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror:::::",
+"debug", "gcc:-DREF_CHECK -DCRYPTO_MDEBUG -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror:::::",
"dist", "cc:-O -DNOPROTO::::",
# Basic configs that should work on any box
"gcc", "gcc:-O3::BN_LLONG:::",
"cc", "cc:-O -DNOPROTO -DNOCONST:::::",
+
# My solaris setups
-"solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -m486 -Wall -DL_ENDIAN:\
- -lsocket -lnsl:BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-sol.o:asm/dx86-sol.o asm/cx86-sol.o:asm/bx86-sol.o",
-"solaris-sparc-gcc","gcc:-O3 -fomit-frame-pointer -mv8 -Wall:\
- -lsocket -lnsl:BN_LLONG RC4_CHAR DES_UNROLL BF_PTR:::",
+"solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -m486 -Wall -DL_ENDIAN -DBN_ASM:-lsocket -lnsl:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_sol_asm:",
+"solaris-sparc-gcc","gcc:-O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN:-lsocket -lnsl:BN_LLONG RC4_CHAR DES_UNROLL BF_PTR:::",
# DO NOT use /xO[34] on sparc with SC3.0.
# It is broken, and will not pass the tests
"solaris-sparc-cc","cc:-fast -O -Xa -DB_ENDIAN:\
"alpha400-cc", "cc:-arch host -tune host -fast -std -O4 -inline speed::SIXTY_FOUR_BIT_LONG:asm/alpha.o::",
# The intel boxes :-), It would be worth seeing if bsdi-gcc can use the
-# x86-lnx.o file file since it is hand tweaked assembler.
-"linux-elf", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized::BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-lnx.o:asm/dx86-elf.o asm/cx86-elf.o:asm/bx86-elf.o",
-"debug-linux-elf","gcc:-DREF_CHECK -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall:-lefence:BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-lnx.o:asm/dx86-elf.o asm/cx86-elf.o:asm/bx86-elf.o",
-"linux-aout", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-lnxa.o:asm/dx86-out.o asm/cx86-out.o:asm/bx86-out.o",
-"NetBSD-sparc", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:::",
-"NetBSD-x86", "gcc:-DTERMIOS -D_ANSI_SOURCE -O3 -fomit-frame-pointer -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-lnxa.o:asm/dx86-out.o asm/cx86-out.o:asm/bx86-out.o",
-"FreeBSD", "gcc:-DTERMIOS -D_ANSI_SOURCE -fomit-frame-pointer -O3 -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-lnxa.o:asm/dx86-out.o asm/cx86-out.o:asm/bx86-out.o",
-#"bsdi-gcc", "shlicc2:-O3 -ffast-math-m486::RSA_LLONG $x86_gcc_des $x86_gcc_opts:::",
-#"bsdi-gcc", "gcc:-O3 -ffast-math -DPERL5 -m486::RSA_LLONG $x86_gc_des $x86_gcc_opts:asm/x86-bsdi.o:asm/dx86bsdi.o asm/cx86bsdi.o:asm/bx86bsdi.o",
-"bsdi-gcc", "gcc:-O3 -ffast-math -DPERL5 -m486::RSA_LLONG $x86_gc_des $x86_gcc_opts:::",
-"nextstep", "cc:-O3 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:::",
+# bn86-elf.o file file since it is hand tweaked assembler.
+"linux-elf", "gcc:-DL_ENDIAN -DTERMIO -DBN_ASM -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
+"debug-linux-elf","gcc:-DREF_CHECK -DBN_ASM -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall:-lefence:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
+"linux-aout", "gcc:-DL_ENDIAN -DTERMIO -DBN_ASM -O3 -fomit-frame-pointer -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_out_asm",
+"NetBSD-sparc", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:::",
+"NetBSD-m86", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:::",
+"NetBSD-x86", "gcc:-DTERMIOS -DBN_ASM -D_ANSI_SOURCE -O3 -fomit-frame-pointer -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:",
+"FreeBSD", "gcc:-DTERMIOS -DBN_ASM -DL_ENDIAN -D_ANSI_SOURCE -fomit-frame-pointer -O3 -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_out_asm",
+#"bsdi-gcc", "gcc:-O3 -ffast-math -DBN_ASM -DL_ENDIAN -DPERL5 -m486::RSA_LLONG $x86_gc_des $x86_gcc_opts:$x86_bsdi_asm",
+"nextstep", "cc:-O3 -Wall -DBN_ASM::BN_LLONG $x86_gcc_des $x86_gcc_opts:::",
+# NCR MP-RAS UNIX ver 02.03.01
+"ncr-scde","cc:-O6 -Xa -Hoff=BEHAVED -686 -Hwide -Hiw:-lsocket -lnsl:$x86_gcc_des $x86_gcc_opts:::",
# UnixWare 2.0
-"unixware-2.0","cc:-O:-lsocket -lnsl:$x86_gcc_des $x86_gcc_opts:::",
-"unixware-2.0-pentium","cc:-O -Kpentium -Kthread:-lsocket -lnsl:MD2_CHAR RC4_INDEX $x86_des_des::",
+"unixware-2.0","cc:-O -DFILIO_H:-lsocket -lnsl:$x86_gcc_des $x86_gcc_opts:::",
+"unixware-2.0-pentium","cc:-O -DFILIO_H -Kpentium -Kthread:-lsocket -lnsl:MD2_CHAR RC4_INDEX $x86_des_des::",
# IBM's AIX.
"aix-cc", "cc:-O -DAIX -DB_ENDIAN::BN_LLONG RC4_CHAR:::",
"aix-gcc", "gcc:-O2 -DAIX -DB_ENDIAN::BN_LLONG RC4_CHAR:::",
+#
+# Cray T90 (SDSC)
+# It's Big-endian, but the algorithms work properly when B_ENDIAN is NOT
+# defined. The T90 ints and longs are 8 bytes long, and apparently the
+# B_ENDIAN code assumes 4 byte ints. Fortunately, the non-B_ENDIAN and
+# non L_ENDIAN code aligns the bytes in each word correctly.
+#
+# The BIT_FIELD_LIMITS define is to avoid two fatal compiler errors:
+#'Taking the address of a bit field is not allowed. '
+#'An expression with bit field exists as the operand of "sizeof" '
+# (written by Wayne Schroeder <schroede@SDSC.EDU>)
+"cray-t90-cc", "cc: -DBIT_FIELD_LIMITS -DTERMIOS::SIXTY_FOUR_BIT_LONG DES_INT:::",
+
# DGUX, 88100.
"dgux-R3-gcc", "gcc:-O3 -fomit-frame-pointer::RC4_INDEX DES_UNROLL:::",
"dgux-R4-gcc", "gcc:-O3 -fomit-frame-pointer:-lnsl -lsocket:RC4_INDEX:RC4_INDEX DES_UNROLL:::",
-"dgux-R4-x86-gcc", "gcc:-O3 -fomit-frame-pointer -DL_ENDIAN:-lnsl -lsocket:BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-lnx.o:asm/dx86-elf.o asm/cx86-elf.o:asm/bx86-elf.o",
+"dgux-R4-x86-gcc", "gcc:-O3 -DBN_ASM -fomit-frame-pointer -DL_ENDIAN:-lnsl -lsocket:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
# SCO 5
"sco5-cc", "cc:-O:-lsocket:$x86_gcc_des $x86_gcc_opts:::", # des options?
$des_locl="crypto/des/des_locl.h";
$des ="crypto/des/des.h";
$bn ="crypto/bn/bn.h";
-$md2 ="crypto/md/md2.h";
+$md2 ="crypto/md2/md2.h";
$rc4 ="crypto/rc4/rc4.h";
-$rc4_enc="crypto/rc4/rc4_enc.c";
+$rc4_locl="crypto/rc4/rc4_locl.h";
$idea ="crypto/idea/idea.h";
$rc2 ="crypto/rc2/rc2.h";
$bf ="crypto/bf/bf_locl.h";
$bn_mulw="bn_mulw.o";
$des_enc="des_enc.o fcrypt_b.o";
$bf_enc ="bf_enc.o";
+$cast_enc="c_enc.o";
+$rc4_enc="rc4_enc.o";
+$rc5_enc="rc5_enc.o";
+$md5_obj="";
+$sha1_obj="";
+$rmd160_obj="";
if ($#ARGV < 0)
{
exit(1);
}
-($cc,$cflags,$lflags,$bn_ops,$bn_obj,$des_obj,$bf_obj)=
+($cc,$cflags,$lflags,$bn_ops,$bn_obj,$des_obj,$bf_obj,$md5_obj,$sha1_obj,
+ $cast_obj,$rc4_obj,$rmd160_obj,$rc5_obj)=
split(/\s*:\s*/,$table{$target});
$cflags="$flags$cflags" if ($flags ne "");
$lflags="$libs$lflags"if ($libs ne "");
-$bn_obj=$bn_mulw unless ($bn_obj =~ /\.o$/);
-$des_obj=$des_enc unless ($des_obj =~ /\.o$/);
-$bf_obj=$bf_enc unless ($bf_obj =~ /\.o$/);
+$bn_obj=$bn_mulw unless ($bn_obj =~ /\.o$/);
+$des_obj=$des_enc unless ($des_obj =~ /\.o$/);
+$bf_obj=$bf_enc unless ($bf_obj =~ /\.o$/);
+$cast_obj=$cast_enc unless ($cast_obj =~ /\.o$/);
+$rc4_obj=$rc4_enc unless ($rc4_obj =~ /\.o$/);
+$rc5_obj=$rc5_enc unless ($rc5_obj =~ /\.o$/);
+if ($sha1_obj =~ /\.o$/)
+ {
+# $sha1_obj=$sha1_enc;
+ $cflags.=" -DSHA1_ASM";
+ }
+if ($md5_obj =~ /\.o$/)
+ {
+# $md5_obj=$md5_enc;
+ $cflags.=" -DMD5_ASM";
+ }
+if ($rmd160_obj =~ /\.o$/)
+ {
+# $rmd160_obj=$rmd160_enc;
+ $cflags.=" -DRMD160_ASM";
+ }
$n=&file_new($Makefile);
open(IN,"<".$Makefile) || die "unable to read $Makefile:$!\n";
s/^BN_MULW=.*$/BN_MULW= $bn_obj/;
s/^DES_ENC=.*$/DES_ENC= $des_obj/;
s/^BF_ENC=.*$/BF_ENC= $bf_obj/;
+ s/^CAST_ENC=.*$/CAST_ENC= $cast_obj/;
+ s/^RC4_ENC=.*$/RC4_ENC= $rc4_obj/;
+ s/^RC5_ENC=.*$/RC5_ENC= $rc5_obj/;
+ s/^MD5_ASM_OBJ=.*$/MD5_ASM_OBJ= $md5_obj/;
+ s/^SHA1_ASM_OBJ=.*$/SHA1_ASM_OBJ= $sha1_obj/;
+ s/^RMD160_ASM_OBJ=.*$/RMD160_ASM_OBJ= $rmd160_obj/;
print OUT $_."\n";
}
close(IN);
close(OUT);
&Rename($Makefile,&file_old($Makefile));
&Rename($n,$Makefile);
-print "CC =$cc\n";
-print "CFLAG =$cflags\n";
-print "EX_LIBS=$lflags\n";
-print "BN_MULW=$bn_obj\n";
-print "DES_ENC=$des_obj\n";
-print "BF_ENC =$bf_obj\n";
+print "CC =$cc\n";
+print "CFLAG =$cflags\n";
+print "EX_LIBS =$lflags\n";
+print "BN_MULW =$bn_obj\n";
+print "DES_ENC =$des_obj\n";
+print "BF_ENC =$bf_obj\n";
+print "CAST_ENC =$cast_obj\n";
+print "RC4_ENC =$rc4_obj\n";
+print "RC5_ENC =$rc5_obj\n";
+print "MD5_OBJ_ASM =$md5_obj\n";
+print "SHA1_OBJ_ASM =$sha1_obj\n";
+print "RMD160_OBJ_ASM=$rmd160_obj\n";
$des_ptr=0;
$des_risc1=0;
$rc2_int=3 if /RC2_LONG/;
$bf_ptr=1 if $_ eq "BF_PTR";
$bf_ptr=2 if $_ eq "BF_PTR2";
- ($b64l,$b64,$b32,$b16,$b8)=(1,0,0,0,0) if /SIXTY_FOUR_BIT_LONG/;
($b64l,$b64,$b32,$b16,$b8)=(0,1,0,0,0) if /SIXTY_FOUR_BIT/;
+ ($b64l,$b64,$b32,$b16,$b8)=(1,0,0,0,0) if /SIXTY_FOUR_BIT_LONG/;
($b64l,$b64,$b32,$b16,$b8)=(0,0,1,0,0) if /THIRTY_TWO_BIT/;
($b64l,$b64,$b32,$b16,$b8)=(0,0,0,1,0) if /SIXTEEN_BIT/;
($b64l,$b64,$b32,$b16,$b8)=(0,0,0,0,1) if /EIGHT_BIT/;
&Rename($rc4,&file_old($rc4));
&Rename($n,$rc4);
-(($in=$rc4_enc) =~ s/\.([^.]+)/.$postfix/);
-$n=&file_new($rc4_enc);
-open(IN,"<".$in) || die "unable to read $rc4_enc:$!\n";
+(($in=$rc4_locl) =~ s/\.([^.]+)/.$postfix/);
+$n=&file_new($rc4_locl);
+open(IN,"<".$in) || die "unable to read $rc4_locl:$!\n";
open(OUT,">$n") || die "unable to read $n:$!\n";
while (<IN>)
{
}
close(IN);
close(OUT);
-&Rename($rc4_enc,&file_old($rc4_enc));
-&Rename($n,$rc4_enc);
+&Rename($rc4_locl,&file_old($rc4_locl));
+&Rename($n,$rc4_locl);
(($in=$md2) =~ s/\.([^.]+)/.$postfix/);
$n=&file_new($md2);
+16-Mar-98
+ - Patch for Cray T90 from Wayne Schroeder <schroede@SDSC.EDU>
+ - Lots and lots of changes
+
+29-Jan-98
+ - ASN1_BIT_STRING_set_bit()/ASN1_BIT_STRING_get_bit() from
+ Goetz Babin-Ebell <babinebell@trustcenter.de>.
+ - SSL_version() now returns SSL2_VERSION, SSL3_VERSION or
+ TLS1_VERSION.
+
+7-Jan-98
+ - Finally reworked the cipher string to ciphers again, so it
+ works correctly
+ - All the app_data stuff is now ex_data with funcion calls to access.
+ The index is supplied by a function and 'methods' can be setup
+ for the types that are called on XXX_new/XXX_free. This lets
+ applications get notified on creation and destruction. Some of
+ the RSA methods could be implemented this way and I may do so.
+ - Oh yes, SSL under perl5 is working at the basic level.
+
+15-Dec-97
+ - Warning - the gethostbyname cache is not fully thread safe,
+ but it should work well enough.
+ - Major internal reworking of the app_data stuff. More functions
+ but if you were accessing ->app_data directly, things will
+ stop working.
+ - The perlv5 stuff is working. Currently on message digests,
+ ciphers and the bignum library.
+
+9-Dec-97
+ - Modified re-negotiation so that server initated re-neg
+ will cause a SSL_read() to return -1 should retry.
+ The danger otherwise was that the server and the
+ client could end up both trying to read when using non-blocking
+ sockets.
+
+4-Dec-97
+ - Lots of small changes
+ - Fix for binaray mode in Windows for the FILE BIO, thanks to
+ Bob Denny <rdenny@dc3.com>
+
+17-Nov-97
+ - Quite a few internal cleanups, (removal of errno, and using macros
+ defined in e_os.h).
+ - A bug in ca.c, pointed out by yasuyuki-ito@d-cruise.co.jp, where
+ the automactic naming out output files was being stuffed up.
+
+29-Oct-97
+ - The Cast5 cipher has been added. MD5 and SHA-1 are now in assember
+ for x86.
+
+21-Oct-97
+ - Fixed a bug in the BIO_gethostbyname() cache.
+
+15-Oct-97
+ - cbc mode for blowfish/des/3des is now in assember. Blowfish asm
+ has also been improved. At this point in time, on the pentium,
+ md5 is %80 faster, the unoptimesed sha-1 is %79 faster,
+ des-cbc is %28 faster, des-ede3-cbc is %9 faster and blowfish-cbc
+ is %62 faster.
+
+12-Oct-97
+ - MEM_BUF_grow() has been fixed so that it always sets the buf->length
+ to the value we are 'growing' to. Think of MEM_BUF_grow() as the
+ way to set the length value correctly.
+
+10-Oct-97
+ - I now hash for certificate lookup on the raw DER encoded RDN (md5).
+ This breaks things again :-(. This is efficent since I cache
+ the DER encoding of the RDN.
+ - The text DN now puts in the numeric OID instead of UNKNOWN.
+ - req can now process arbitary OIDs in the config file.
+ - I've been implementing md5 in x86 asm, much faster :-).
+ - Started sha1 in x86 asm, needs more work.
+ - Quite a few speedups in the BN stuff. RSA public operation
+ has been made faster by caching the BN_MONT_CTX structure.
+ The calulating of the Ai where A*Ai === 1 mod m was rather
+ expensive. Basically a 40-50% speedup on public operations.
+ The RSA speedup is now 15% on pentiums and %20 on pentium
+ pro.
+
+30-Sep-97
+ - After doing some profiling, I added x86 adm for bn_add_words(),
+ which just adds 2 arrays of longs together. A %10 speedup
+ for 512 and 1024 bit RSA on the pentium pro.
+
+29-Sep-97
+ - Converted the x86 bignum assembler to us the perl scripts
+ for generation.
+
+23-Sep-97
+ - If SSL_set_session() is passed a NULL session, it now clears the
+ current session-id.
+
+22-Sep-97
+ - Added a '-ss_cert file' to apps/ca.c. This will sign selfsigned
+ certificates.
+ - Bug in crypto/evp/encode.c where by decoding of 65 base64
+ encoded lines, one line at a time (via a memory BIO) would report
+ EOF after the first line was decoded.
+ - Fix in X509_find_by_issuer_and_serial() from
+ Dr Stephen Henson <shenson@bigfoot.com>
+
+19-Sep-97
+ - NO_FP_API and NO_STDIO added.
+ - Put in sh config command. It auto runs Configure with the correct
+ parameters.
+
+18-Sep-97
+ - Fix x509.c so if a DSA cert has different parameters to its parent,
+ they are left in place. Not tested yet.
+
+16-Sep-97
+ - ssl_create_cipher_list() had some bugs, fixes from
+ Patrick Eisenacher <eisenach@stud.uni-frankfurt.de>
+ - Fixed a bug in the Base64 BIO, where it would return 1 instead
+ of -1 when end of input was encountered but should retry.
+ Basically a Base64/Memory BIO interaction problem.
+ - Added a HMAC set of functions in preporarion for TLS work.
+
+15-Sep-97
+ - Top level makefile tweak - Cameron Simpson <cs@zip.com.au>
+ - Prime generation spead up %25 (512 bit prime, pentium pro linux)
+ by using montgomery multiplication in the prime number test.
+
+11-Sep-97
+ - Ugly bug in ssl3_write_bytes(). Basically if application land
+ does a SSL_write(ssl,buf,len) where len > 16k, the SSLv3 write code
+ did not check the size and tried to copy the entire buffer.
+ This would tend to cause memory overwrites since SSLv3 has
+ a maximum packet size of 16k. If your program uses
+ buffers <= 16k, you would probably never see this problem.
+ - Fixed a new errors that were cause by malloc() not returning
+ 0 initialised memory..
+ - SSL_OP_NETSCAPE_CA_DN_BUG was being switched on when using
+ SSL_CTX_set_options(ssl_ctx,SSL_OP_ALL); which was a bad thing
+ since this flags stops SSLeay being able to handle client
+ cert requests correctly.
+
+08-Sep-97
+ - SSL_SESS_CACHE_NO_INTERNAL_LOOKUP option added. When switched
+ on, the SSL server routines will not use a SSL_SESSION that is
+ held in it's cache. This in intended to be used with the session-id
+ callbacks so that while the session-ids are still stored in the
+ cache, the decision to use them and how to look them up can be
+ done by the callbacks. The are the 'new', 'get' and 'remove'
+ callbacks. This can be used to determine the session-id
+ to use depending on information like which port/host the connection
+ is coming from. Since the are also SSL_SESSION_set_app_data() and
+ SSL_SESSION_get_app_data() functions, the application can hold
+ information against the session-id as well.
+
+03-Sep-97
+ - Added lookup of CRLs to the by_dir method,
+ X509_load_crl_file() also added. Basically it means you can
+ lookup CRLs via the same system used to lookup certificates.
+ - Changed things so that the X509_NAME structure can contain
+ ASN.1 BIT_STRINGS which is required for the unique
+ identifier OID.
+ - Fixed some problems with the auto flushing of the session-id
+ cache. It was not occuring on the server side.
+
+02-Sep-97
+ - Added SSL_CTX_sess_cache_size(SSL_CTX *ctx,unsigned long size)
+ which is the maximum number of entries allowed in the
+ session-id cache. This is enforced with a simple FIFO list.
+ The default size is 20*1024 entries which is rather large :-).
+ The Timeout code is still always operating.
+
+01-Sep-97
+ - Added an argument to all the 'generate private key/prime`
+ callbacks. It is the last parameter so this should not
+ break existing code but it is needed for C++.
+ - Added the BIO_FLAGS_BASE64_NO_NL flag for the BIO_f_base64()
+ BIO. This lets the BIO read and write base64 encoded data
+ without inserting or looking for '\n' characters. The '-A'
+ flag turns this on when using apps/enc.c.
+ - RSA_NO_PADDING added to help BSAFE functionality. This is a
+ very dangerous thing to use, since RSA private key
+ operations without random padding bytes (as PKCS#1 adds) can
+ be attacked such that the private key can be revealed.
+ - ASN.1 bug and rc2-40-cbc and rc4-40 added by
+ Dr Stephen Henson <shenson@bigfoot.com>
+
+31-Aug-97 (stuff added while I was away)
+ - Linux pthreads by Tim Hudson (tjh@cryptsoft.com).
+ - RSA_flags() added allowing bypass of pub/priv match check
+ in ssl/ssl_rsa.c - Tim Hudson.
+ - A few minor bugs.
+
SSLeay 0.8.1 released.
19-Jul-97
Makefile.ssl CC CFLAG EX_LIBS BN_MULW
crypto/des/des.h DES_LONG
crypto/des/des_locl.h DES_PTR
-crypto/md/md2.h MD2_INT
+crypto/md2/md2.h MD2_INT
crypto/rc4/rc4.h RC4_INT
crypto/rc4/rc4_enc.c RC4_INDEX
crypto/rc2/rc2.h RC2_INT
BASENAME=SSLeay
BF_ENC=bf_enc.o
BN_MULW=bn_mulw.o
+CAST_ENC=c_enc.o
CC=cc
CFLAG=-O -DNOPROTO
DES_ENC=des_enc.o fcrypt_b.o
DIRS=crypto ssl rsaref apps test tools
-EDIRS=times doc bugs util include certs ms shlib mt demos
-EX_HEADER=
+EDIRS=times doc bugs util include certs ms shlib mt demos perl dep
+EXHEADER=e_os.h
EX_LIBS=
GENERAL=Makefile
HEADER=e_os.h
MAKEFILE=Makefile.ssl
MAN1=1
MAN3=3
-MISC=COPYRIGHT Configure HISTORY.066 INSTALL Makefile.ssl Makefile README TODO HISTORY README.066 README.080 VERSION PROBLEMS MINFO makefile.one e_os.h MICROSOFT makevms.com
-NAME=SSLeay-0.8.1
+MD5_ASM_OBJ=
+MISC=COPYRIGHT Configure HISTORY.066 INSTALL Makefile.ssl Makefile README TODO HISTORY README.066 README.080 README.090 VERSION PROBLEMS MINFO makefile.one e_os.h MICROSOFT makevms.com config PATENTS
+NAME=SSLeay-0.9.0
ONEDIRS=out tmp
PEX_LIBS=-L. -L.. -L../.. -L../../..
-SDIRS=md sha mdc2 des rc4 rc2 idea bf bn rsa dsa dh buffer bio stack lhash rand err objects evp pem asn1 x509 conf txt_db pkcs7
+RC4_ENC=rc4_enc.o
+RC5_ENC=rc5_enc.o
+RMD160_ASM_OBJ=
+SDIRS=md2 md5 sha mdc2 hmac ripemd des rc2 rc4 rc5 idea bf cast bn rsa dsa dh buffer bio stack lhash rand err objects evp pem asn1 x509 conf txt_db pkcs7
+SHA1_ASM_OBJ=
SHELL=/bin/sh
-TARFILE=SSLeay-0.8.1.tar
+TARFILE=SSLeay-0.9.0.tar
TOP=.
-VERSION=0.8.1
+VERSION=0.9.0
WDIRS=windows
-WTARFILE=SSLeay-0.8.1-win.tar
+WTARFILE=SSLeay-0.9.0-win.tar
RELATIVE_DIRECTORY=
RELATIVE_DIRECTORY=crypto
-ALL=Makefile README cryptlib.c mem.c cversion.c cryptlib.h date.h crypto.h cryptall.h
+ALL=Makefile README cryptlib.c mem.c cversion.c ex_data.c cpt_err.c cryptlib.h date.h crypto.h cryptall.h
AR=ar r
CC=cc
CFLAG=-g
CFLAGS=-I. -I../include -g -DCFLAGS=" \"cc -g\" "
DIR=crypto
+ERR=crypto
+ERRC=cpt_err
EXHEADER=crypto.h cryptall.h
EX_LIBS=
GENERAL=Makefile README
INCLUDES=-I.. -I../../include
INSTALLTOP=/usr/local/ssl
LIB=../libcrypto.a
-LIBOBJ=cryptlib.o mem.o cversion.o
+LIBOBJ=cryptlib.o mem.o cversion.o ex_data.o cpt_err.o
LIBS=
-LIBSRC=cryptlib.c mem.c cversion.c
+LIBSRC=cryptlib.c mem.c cversion.c ex_data.c cpt_err.c
MAKE=make -f Makefile.ssl
MAKEDEPEND=makedepend -f Makefile.ssl
MAKEFILE=Makefile.ssl
PEX_LIBS=
RM=/bin/rm -f
-SDIRS=md sha mdc2 des rc4 rc2 idea bf bn rsa dsa dh buffer bio stack lhash rand err objects evp pem x509 asn1 conf txt_db pkcs7
-SRC=cryptlib.c mem.c cversion.c
+SDIRS=md2 md5 sha mdc2 hmac ripemd des rc2 rc4 rc5 idea bf cast bn rsa dsa dh buffer bio stack lhash rand err objects evp pem x509 asn1 conf txt_db pkcs7
+SRC=cryptlib.c mem.c cversion.c ex_data.c cpt_err.c
TOP=..
RELATIVE_DIRECTORY=
-RELATIVE_DIRECTORY=crypto/md
-ALL=Makefile md2_dgst.c md5_dgst.c md2_one.c md5_one.c md5_locl.h md2.h md5.h
+RELATIVE_DIRECTORY=crypto/md2
+ALL=Makefile md2_dgst.c md5_one.c md2.h
APPS=
AR=ar r
CC=cc
CFLAG=-g
CFLAGS= -g
DIR=md
-EXHEADER=md2.h md5.h
+EXHEADER=md2.h
GENERAL=Makefile
-HEADER=md5_locl.h md2.h md5.h
+HEADER=md2.h
INCLUDES=
INSTALLTOP=/usr/local/ssl
LIB=../../libcrypto.a
-LIBOBJ=md2_dgst.o md5_dgst.o md2_one.o md5_one.o
-LIBSRC=md2_dgst.c md5_dgst.c md2_one.c md5_one.c
+LIBOBJ=md2_dgst.o md2_one.o
+LIBSRC=md2_dgst.c md5_one.c
MAKE=make -f Makefile.ssl
MAKEDEPEND=makedepend -f Makefile.ssl
MAKEFILE=Makefile.ssl
-SRC=md2_dgst.c md5_dgst.c md2_one.c md5_one.c
-TEST=md2test.c md5test.c
+SRC=md2_dgst.c md5_one.c
+TEST=md2test.c
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/md5
+ALL=Makefile md5_dgst.c md5_one.c md5_locl.h md5.h
+APPS=md5.c
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+CPP=cc -E
+DIR=md5
+EXHEADER=md5.h
+GENERAL=Makefile
+HEADER=md5_locl.h md5.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=md5_dgst.o md5_one.o
+LIBSRC=md5_dgst.c md5_one.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+MD5_ASM_OBJ=
+SRC=md5_dgst.c md5_one.c
+TEST=md5test.c
TOP=../..
RELATIVE_DIRECTORY=
RELATIVE_DIRECTORY=crypto/sha
INCLUDES=
INSTALLTOP=/usr/local/ssl
LIB=../../libcrypto.a
-LIBOBJ=sha_dgst.o sha1dgst.o sha_one.o sha1_one.o
+LIBOBJ=sha_dgst.o sha1dgst.o sha_one.o sha1_one.o
LIBSRC=sha_dgst.c sha1dgst.c sha_one.c sha1_one.c
MAKE=make -f Makefile.ssl
MAKEDEPEND=makedepend -f Makefile.ssl
MAKEFILE=Makefile.ssl
+SHA1_ASM_OBJ=
SRC=sha_dgst.c sha1dgst.c sha_one.c sha1_one.c
TEST=shatest.c sha1test.c
TOP=../..
TEST=mdc2test.c
TOP=../..
RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/hmac
+ALL=Makefile hmac.c hmac.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+DIR=hmac
+EXHEADER=hmac.h
+GENERAL=Makefile
+HEADER=hmac.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=hmac.o
+LIBSRC=hmac.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=hmac.c
+TEST=hmactest.c
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/ripemd
+ALL=Makefile rmd_dgst.c rmd_one.c rmd_locl.h rmdconst.h ripemd.h
+APPS=rmd160.c
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+CPP=cc -E
+DIR=ripemd
+EXHEADER=ripemd.h
+GENERAL=Makefile
+HEADER=rmd_locl.h rmdconst.h ripemd.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=rmd_dgst.o rmd_one.o
+LIBSRC=rmd_dgst.c rmd_one.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+RIP_ASM_OBJ=
+SRC=rmd_dgst.c rmd_one.c
+TEST=rmdtest.c
+TOP=../..
+RELATIVE_DIRECTORY=
RELATIVE_DIRECTORY=crypto/des
-ALL=Makefile des.org des_locl.org cbc3_enc.c cbc_cksm.c cbc_enc.c cfb64enc.c cfb_enc.c ecb3_enc.c ecb_enc.c ede_enc.c enc_read.c enc_writ.c fcrypt.c ncbc_enc.c ofb64enc.c ofb_enc.c pcbc_enc.c qud_cksm.c rand_key.c read_pwd.c rpc_enc.c set_key.c des_enc.c fcrypt_b.c read2pwd.c fcrypt.c xcbc_enc.c str2key.c cfb64ede.c ofb64ede.c supp.c des_locl.h rpc_des.h podd.h sk.h spr.h des_ver.h des.h
+ALL=Makefile des.org des_locl.org cbc_cksm.c cbc_enc.c cfb64enc.c cfb_enc.c ecb3_enc.c ecb_enc.c enc_read.c enc_writ.c fcrypt.c ofb64enc.c ofb_enc.c pcbc_enc.c qud_cksm.c rand_key.c read_pwd.c rpc_enc.c set_key.c des_enc.c fcrypt_b.c read2pwd.c fcrypt.c xcbc_enc.c str2key.c cfb64ede.c ofb64ede.c supp.c des_locl.h rpc_des.h podd.h sk.h spr.h des_ver.h des.h
APPS=
AR=ar r
CC=cc
INCLUDES=
INSTALLTOP=/usr/local/ssl
LIB=../../libcrypto.a
-LIBOBJ=set_key.o ecb_enc.o ede_enc.o cbc_enc.o cbc3_enc.o ecb3_enc.o cfb64enc.o cfb64ede.o cfb_enc.o ofb64ede.o enc_read.o enc_writ.o ncbc_enc.o ofb64enc.o ofb_enc.o str2key.o pcbc_enc.o qud_cksm.o rand_key.o des_enc.o fcrypt_b.o read2pwd.o fcrypt.o xcbc_enc.o read_pwd.o rpc_enc.o cbc_cksm.o supp.o
-LIBSRC=cbc3_enc.c cbc_cksm.c cbc_enc.c cfb64enc.c cfb_enc.c ecb3_enc.c ecb_enc.c ede_enc.c enc_read.c enc_writ.c fcrypt.c ncbc_enc.c ofb64enc.c ofb_enc.c pcbc_enc.c qud_cksm.c rand_key.c read_pwd.c rpc_enc.c set_key.c des_enc.c fcrypt_b.c read2pwd.c fcrypt.c xcbc_enc.c str2key.c cfb64ede.c ofb64ede.c supp.c
+LIBOBJ=set_key.o ecb_enc.o cbc_enc.o ecb3_enc.o cfb64enc.o cfb64ede.o cfb_enc.o ofb64ede.o enc_read.o enc_writ.o ofb64enc.o ofb_enc.o str2key.o pcbc_enc.o qud_cksm.o rand_key.o des_enc.o fcrypt_b.o read2pwd.o fcrypt.o xcbc_enc.o read_pwd.o rpc_enc.o cbc_cksm.o supp.o
+LIBSRC=cbc_cksm.c cbc_enc.c cfb64enc.c cfb_enc.c ecb3_enc.c ecb_enc.c enc_read.c enc_writ.c fcrypt.c ofb64enc.c ofb_enc.c pcbc_enc.c qud_cksm.c rand_key.c read_pwd.c rpc_enc.c set_key.c des_enc.c fcrypt_b.c read2pwd.c fcrypt.c xcbc_enc.c str2key.c cfb64ede.c ofb64ede.c supp.c
MAKE=make -f Makefile.ssl
MAKEDEPEND=makedepend -f Makefile.ssl
MAKEFILE=Makefile.ssl
-SRC=cbc3_enc.c cbc_cksm.c cbc_enc.c cfb64enc.c cfb_enc.c ecb3_enc.c ecb_enc.c ede_enc.c enc_read.c enc_writ.c fcrypt.c ncbc_enc.c ofb64enc.c ofb_enc.c pcbc_enc.c qud_cksm.c rand_key.c read_pwd.c rpc_enc.c set_key.c des_enc.c fcrypt_b.c read2pwd.c fcrypt.c xcbc_enc.c str2key.c cfb64ede.c ofb64ede.c supp.c
+SRC=cbc_cksm.c cbc_enc.c cfb64enc.c cfb_enc.c ecb3_enc.c ecb_enc.c enc_read.c enc_writ.c fcrypt.c ofb64enc.c ofb_enc.c pcbc_enc.c qud_cksm.c rand_key.c read_pwd.c rpc_enc.c set_key.c des_enc.c fcrypt_b.c read2pwd.c fcrypt.c xcbc_enc.c str2key.c cfb64ede.c ofb64ede.c supp.c
TEST=destest.c
TOP=../..
RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/rc2
+ALL=Makefile rc2_ecb.c rc2_skey.c rc2_cbc.c rc2cfb64.c rc2ofb64.c rc2_locl.h rc2.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+DIR=rc2
+EXHEADER=rc2.h
+GENERAL=Makefile
+HEADER=rc2_locl.h rc2.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=rc2_ecb.o rc2_skey.o rc2_cbc.o rc2cfb64.o rc2ofb64.o
+LIBSRC=rc2_ecb.c rc2_skey.c rc2_cbc.c rc2cfb64.c rc2ofb64.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=rc2_ecb.c rc2_skey.c rc2_cbc.c rc2cfb64.c rc2ofb64.c
+TEST=rc2test.c
+TOP=../..
+RELATIVE_DIRECTORY=
RELATIVE_DIRECTORY=crypto/rc4
-ALL=Makefile rc4_enc.c rc4.h
+ALL=Makefile rc4_skey.c rc4_enc.c rc4.h rc4_locl.h
APPS=
AR=ar r
CC=cc
DIR=rc4
EXHEADER=rc4.h
GENERAL=Makefile
-HEADER=rc4.h
+HEADER=rc4.h rc4_locl.h
INCLUDES=
INSTALLTOP=/usr/local/ssl
LIB=../../libcrypto.a
-LIBOBJ=rc4_enc.o
-LIBSRC=rc4_enc.c
+LIBOBJ=rc4_skey.o rc4_enc.o
+LIBSRC=rc4_skey.c rc4_enc.c
MAKE=make -f Makefile.ssl
MAKEDEPEND=makedepend -f Makefile.ssl
MAKEFILE=Makefile.ssl
-SRC=rc4_enc.c
+RC4_ENC=rc4_enc.o
+SRC=rc4_skey.c rc4_enc.c
TEST=rc4test.c
TOP=../..
RELATIVE_DIRECTORY=
-RELATIVE_DIRECTORY=crypto/rc2
-ALL=Makefile rc2_ecb.c rc2_skey.c rc2_cbc.c rc2cfb64.c rc2ofb64.c rc2_locl.h rc2.h
+RELATIVE_DIRECTORY=crypto/rc5
+ALL=Makefile rc5_skey.c rc5_ecb.c rc5_enc.c rc5cfb64.c rc5ofb64.c rc5_locl.h rc5.h
APPS=
AR=ar r
CC=cc
CFLAG=-g
CFLAGS= -g
-DIR=rc2
-EXHEADER=rc2.h
+CPP=cc -E
+DIR=rc5
+EXHEADER=rc5.h
GENERAL=Makefile
-HEADER=rc2_locl.h rc2.h
+HEADER=rc5_locl.h rc5.h
INCLUDES=
INSTALLTOP=/usr/local/ssl
LIB=../../libcrypto.a
-LIBOBJ=rc2_ecb.o rc2_skey.o rc2_cbc.o rc2cfb64.o rc2ofb64.o
-LIBSRC=rc2_ecb.c rc2_skey.c rc2_cbc.c rc2cfb64.c rc2ofb64.c
+LIBOBJ=rc5_skey.o rc5_ecb.o rc5_enc.o rc5cfb64.o rc5ofb64.o
+LIBSRC=rc5_skey.c rc5_ecb.c rc5_enc.c rc5cfb64.c rc5ofb64.c
MAKE=make -f Makefile.ssl
MAKEDEPEND=makedepend -f Makefile.ssl
MAKEFILE=Makefile.ssl
-SRC=rc2_ecb.c rc2_skey.c rc2_cbc.c rc2cfb64.c rc2ofb64.c
-TEST=rc2test.c
+RC5_ENC=rc5_enc.o
+SRC=rc5_skey.c rc5_ecb.c rc5_enc.c rc5cfb64.c rc5ofb64.c
+TEST=rc5test.c
TOP=../..
RELATIVE_DIRECTORY=
RELATIVE_DIRECTORY=crypto/idea
TOP=../..
RELATIVE_DIRECTORY=
RELATIVE_DIRECTORY=crypto/bf
-ALL=Makefile bf_skey.c bf_ecb.c bf_enc.c bf_cbc.c bf_cfb64.c bf_ofb64.c bf_pi.h bf_locl.h blowfish.h
+ALL=Makefile bf_skey.c bf_ecb.c bf_enc.c bf_cfb64.c bf_ofb64.c bf_pi.h bf_locl.h blowfish.h
APPS=
AR=ar r
BF_ENC=bf_enc.o
INCLUDES=
INSTALLTOP=/usr/local/ssl
LIB=../../libcrypto.a
-LIBOBJ=bf_skey.o bf_ecb.o bf_enc.o bf_cbc.o bf_cfb64.o bf_ofb64.o
-LIBSRC=bf_skey.c bf_ecb.c bf_enc.c bf_cbc.c bf_cfb64.c bf_ofb64.c
+LIBOBJ=bf_skey.o bf_ecb.o bf_enc.o bf_cfb64.o bf_ofb64.o
+LIBSRC=bf_skey.c bf_ecb.c bf_enc.c bf_cfb64.c bf_ofb64.c
MAKE=make -f Makefile.ssl
MAKEDEPEND=makedepend -f Makefile.ssl
MAKEFILE=Makefile.ssl
-SRC=bf_skey.c bf_ecb.c bf_enc.c bf_cbc.c bf_cfb64.c bf_ofb64.c
+SRC=bf_skey.c bf_ecb.c bf_enc.c bf_cfb64.c bf_ofb64.c
TEST=bftest.c
TOP=../..
RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/cast
+ALL=Makefile c_skey.c c_ecb.c c_enc.c c_cfb64.c c_ofb64.c cast_s.h cast_lcl.h cast.h
+APPS=
+AR=ar r
+CAST_ENC=c_enc.o
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+CPP=cc -E
+DIR=cast
+EXHEADER=cast.h
+GENERAL=Makefile
+HEADER=cast_s.h cast_lcl.h cast.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=c_skey.o c_ecb.o c_enc.o c_cfb64.o c_ofb64.o
+LIBSRC=c_skey.c c_ecb.c c_enc.c c_cfb64.c c_ofb64.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=c_skey.c c_ecb.c c_enc.c c_cfb64.c c_ofb64.c
+TEST=casttest.c
+TOP=../..
+RELATIVE_DIRECTORY=
RELATIVE_DIRECTORY=crypto/bn
-ALL=Makefile bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mod.c bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_sub.c bn_word.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_mulw.c bn_recp.c bn_mont.c bn_lcl.h bn_prime.h bn.h
+ALL=Makefile bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mod.c bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_sub.c bn_word.c bn_blind.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_mulw.c bn_recp.c bn_mont.c bn_mpi.c bn_lcl.h bn_prime.h bn.h
APPS=
AR=ar r
BN_MULW=bn_mulw.o
INCLUDES=-I.. -I../../include
INSTALLTOP=/usr/local/ssl
LIB=../../libcrypto.a
-LIBOBJ=bn_add.o bn_div.o bn_exp.o bn_lib.o bn_mod.o bn_mul.o bn_print.o bn_rand.o bn_shift.o bn_sub.o bn_word.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o bn_mulw.o bn_recp.o bn_mont.o
-LIBSRC=bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mod.c bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_sub.c bn_word.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_mulw.c bn_recp.c bn_mont.c
+LIBOBJ=bn_add.o bn_div.o bn_exp.o bn_lib.o bn_mod.o bn_mul.o bn_print.o bn_rand.o bn_shift.o bn_sub.o bn_word.o bn_blind.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o bn_mulw.o bn_recp.o bn_mont.o bn_mpi.o
+LIBSRC=bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mod.c bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_sub.c bn_word.c bn_blind.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_mulw.c bn_recp.c bn_mont.c bn_mpi.c
MAKE=make -f Makefile.ssl
MAKEDEPEND=makedepend -f Makefile.ssl
MAKEFILE=Makefile.ssl
-SRC=bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mod.c bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_sub.c bn_word.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_mulw.c bn_recp.c bn_mont.c
+SRC=bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mod.c bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_sub.c bn_word.c bn_blind.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_mulw.c bn_recp.c bn_mont.c bn_mpi.c
TEST=bntest.c exptest.c
TOP=../..
RELATIVE_DIRECTORY=
RELATIVE_DIRECTORY=crypto/rsa
-ALL=Makefile rsa_enc.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c rsa.h
+ALL=Makefile rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c rsa_pk1.c rsa_ssl.c rsa_none.c rsa.h
APPS=
AR=ar r
CC=cc
INCLUDES=-I.. -I../../include
INSTALLTOP=/usr/local/ssl
LIB=../../libcrypto.a
-LIBOBJ=rsa_enc.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o rsa_err.o
-LIBSRC=rsa_enc.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c
+LIBOBJ=rsa_eay.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o rsa_err.o rsa_pk1.o rsa_ssl.o rsa_none.o
+LIBSRC=rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c rsa_pk1.c rsa_ssl.c rsa_none.c
MAKE=make -f Makefile.ssl
MAKEDEPEND=makedepend -f Makefile.ssl
MAKEFILE=Makefile.ssl
-SRC=rsa_enc.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c
+SRC=rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c rsa_pk1.c rsa_ssl.c rsa_none.c
TEST=
TOP=../..
RELATIVE_DIRECTORY=
TOP=../..
RELATIVE_DIRECTORY=
RELATIVE_DIRECTORY=crypto/bio
-ALL=Makefile bio_lib.c bio_cb.c bio_err.c bss_mem.c bss_null.c bss_fd.c bss_file.c bss_sock.c bss_conn.c bf_null.c bf_buff.c b_print.c b_dump.c b_sock.c bss_acpt.c bf_nbio.c bio.h
+ALL=Makefile bio_lib.c bio_cb.c bio_err.c bss_mem.c bss_null.c bss_fd.c bss_file.c bss_sock.c bss_conn.c bf_null.c bf_buff.c b_print.c b_dump.c b_sock.c bss_acpt.c bf_nbio.c bio.h bss_file.c
APPS=
AR=ar r
CC=cc
DIR=bio
ERR=bio
ERRC=bio_err
-EXHEADER=bio.h
+EXHEADER=bio.h bss_file.c
GENERAL=Makefile
-HEADER=bio.h
+HEADER=bio.h bss_file.c
INCLUDES=-I.. -I../../include
INSTALLTOP=/usr/local/ssl
LIB=../../libcrypto.a
CC=cc
CFLAG=-g
CFLAGS=-I.. -I../../include -g
-DIR=error
+DIR=err
EXHEADER=err.h
GENERAL=Makefile
HEADER=err.h
TOP=../..
RELATIVE_DIRECTORY=
RELATIVE_DIRECTORY=crypto/evp
-ALL=Makefile encode.c digest.c evp_enc.c evp_key.c e_ecb_d.c e_cbc_d.c e_cfb_d.c e_ofb_d.c e_ecb_i.c e_cbc_i.c e_cfb_i.c e_ofb_i.c e_ecb_3d.c e_cbc_3d.c e_rc4.c names.c e_cfb_3d.c e_ofb_3d.c e_xcbc_d.c e_ecb_r2.c e_cbc_r2.c e_cfb_r2.c e_ofb_r2.c e_ecb_bf.c e_cbc_bf.c e_cfb_bf.c e_ofb_bf.c m_null.c m_md2.c m_md5.c m_sha.c m_sha1.c m_dss.c m_dss1.c m_mdc2.c p_open.c p_seal.c p_sign.c p_verify.c p_lib.c bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c c_all.c evp.h
+ALL=Makefile encode.c digest.c evp_enc.c evp_key.c e_ecb_d.c e_cbc_d.c e_cfb_d.c e_ofb_d.c e_ecb_i.c e_cbc_i.c e_cfb_i.c e_ofb_i.c e_ecb_3d.c e_cbc_3d.c e_rc4.c names.c e_cfb_3d.c e_ofb_3d.c e_xcbc_d.c e_ecb_r2.c e_cbc_r2.c e_cfb_r2.c e_ofb_r2.c e_ecb_bf.c e_cbc_bf.c e_cfb_bf.c e_ofb_bf.c e_ecb_c.c e_cbc_c.c e_cfb_c.c e_ofb_c.c e_ecb_r5.c e_cbc_r5.c e_cfb_r5.c e_ofb_r5.c m_null.c m_md2.c m_md5.c m_sha.c m_sha1.c m_dss.c m_dss1.c m_mdc2.c m_ripemd.c p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c c_all.c evp_lib.c evp.h
APPS=
AR=ar r
CC=cc
INCLUDES=-I.. -I../../include
INSTALLTOP=/usr/local/ssl
LIB=../../libcrypto.a
-LIBOBJ=encode.o digest.o evp_enc.o evp_key.o e_ecb_d.o e_cbc_d.o e_cfb_d.o e_ofb_d.o e_ecb_i.o e_cbc_i.o e_cfb_i.o e_ofb_i.o e_ecb_3d.o e_cbc_3d.o e_rc4.o names.o e_cfb_3d.o e_ofb_3d.o e_xcbc_d.o e_ecb_r2.o e_cbc_r2.o e_cfb_r2.o e_ofb_r2.o e_ecb_bf.o e_cbc_bf.o e_cfb_bf.o e_ofb_bf.o m_null.o m_md2.o m_md5.o m_sha.o m_sha1.o m_dss.o m_dss1.o m_mdc2.o p_open.o p_seal.o p_sign.o p_verify.o p_lib.o bio_md.o bio_b64.o bio_enc.o evp_err.o e_null.o c_all.o
-LIBSRC=encode.c digest.c evp_enc.c evp_key.c e_ecb_d.c e_cbc_d.c e_cfb_d.c e_ofb_d.c e_ecb_i.c e_cbc_i.c e_cfb_i.c e_ofb_i.c e_ecb_3d.c e_cbc_3d.c e_rc4.c names.c e_cfb_3d.c e_ofb_3d.c e_xcbc_d.c e_ecb_r2.c e_cbc_r2.c e_cfb_r2.c e_ofb_r2.c e_ecb_bf.c e_cbc_bf.c e_cfb_bf.c e_ofb_bf.c m_null.c m_md2.c m_md5.c m_sha.c m_sha1.c m_dss.c m_dss1.c m_mdc2.c p_open.c p_seal.c p_sign.c p_verify.c p_lib.c bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c c_all.c
+LIBOBJ=encode.o digest.o evp_enc.o evp_key.o e_ecb_d.o e_cbc_d.o e_cfb_d.o e_ofb_d.o e_ecb_i.o e_cbc_i.o e_cfb_i.o e_ofb_i.o e_ecb_3d.o e_cbc_3d.o e_rc4.o names.o e_cfb_3d.o e_ofb_3d.o e_xcbc_d.o e_ecb_r2.o e_cbc_r2.o e_cfb_r2.o e_ofb_r2.o e_ecb_bf.o e_cbc_bf.o e_cfb_bf.o e_ofb_bf.o e_ecb_c.o e_cbc_c.o e_cfb_c.o e_ofb_c.o e_ecb_r5.o e_cbc_r5.o e_cfb_r5.o e_ofb_r5.o m_null.o m_md2.o m_md5.o m_sha.o m_sha1.o m_dss.o m_dss1.o m_mdc2.o m_ripemd.o p_open.o p_seal.o p_sign.o p_verify.o p_lib.o p_enc.o p_dec.o bio_md.o bio_b64.o bio_enc.o evp_err.o e_null.o c_all.o evp_lib.o
+LIBSRC=encode.c digest.c evp_enc.c evp_key.c e_ecb_d.c e_cbc_d.c e_cfb_d.c e_ofb_d.c e_ecb_i.c e_cbc_i.c e_cfb_i.c e_ofb_i.c e_ecb_3d.c e_cbc_3d.c e_rc4.c names.c e_cfb_3d.c e_ofb_3d.c e_xcbc_d.c e_ecb_r2.c e_cbc_r2.c e_cfb_r2.c e_ofb_r2.c e_ecb_bf.c e_cbc_bf.c e_cfb_bf.c e_ofb_bf.c e_ecb_c.c e_cbc_c.c e_cfb_c.c e_ofb_c.c e_ecb_r5.c e_cbc_r5.c e_cfb_r5.c e_ofb_r5.c m_null.c m_md2.c m_md5.c m_sha.c m_sha1.c m_dss.c m_dss1.c m_mdc2.c m_ripemd.c p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c c_all.c evp_lib.c
MAKE=make -f Makefile.ssl
MAKEDEPEND=makedepend -f Makefile.ssl
MAKEFILE=Makefile.ssl
-SRC=encode.c digest.c evp_enc.c evp_key.c e_ecb_d.c e_cbc_d.c e_cfb_d.c e_ofb_d.c e_ecb_i.c e_cbc_i.c e_cfb_i.c e_ofb_i.c e_ecb_3d.c e_cbc_3d.c e_rc4.c names.c e_cfb_3d.c e_ofb_3d.c e_xcbc_d.c e_ecb_r2.c e_cbc_r2.c e_cfb_r2.c e_ofb_r2.c e_ecb_bf.c e_cbc_bf.c e_cfb_bf.c e_ofb_bf.c m_null.c m_md2.c m_md5.c m_sha.c m_sha1.c m_dss.c m_dss1.c m_mdc2.c p_open.c p_seal.c p_sign.c p_verify.c p_lib.c bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c c_all.c
+SRC=encode.c digest.c evp_enc.c evp_key.c e_ecb_d.c e_cbc_d.c e_cfb_d.c e_ofb_d.c e_ecb_i.c e_cbc_i.c e_cfb_i.c e_ofb_i.c e_ecb_3d.c e_cbc_3d.c e_rc4.c names.c e_cfb_3d.c e_ofb_3d.c e_xcbc_d.c e_ecb_r2.c e_cbc_r2.c e_cfb_r2.c e_ofb_r2.c e_ecb_bf.c e_cbc_bf.c e_cfb_bf.c e_ofb_bf.c e_ecb_c.c e_cbc_c.c e_cfb_c.c e_ofb_c.c e_ecb_r5.c e_cbc_r5.c e_cfb_r5.c e_ofb_r5.c m_null.c m_md2.c m_md5.c m_sha.c m_sha1.c m_dss.c m_dss1.c m_mdc2.c m_ripemd.c p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c c_all.c evp_lib.c
TEST=
TOP=../..
RELATIVE_DIRECTORY=
TOP=../..
RELATIVE_DIRECTORY=
RELATIVE_DIRECTORY=crypto/asn1
-ALL=Makefile README a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_sign.c a_digest.c a_verify.c x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c t_req.c t_x509.c t_pkey.c p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c asn1.h asn1_mac.h
+ALL=Makefile README a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_sign.c a_digest.c a_verify.c x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c t_req.c t_x509.c t_pkey.c p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c evp_asn1.c asn1.h asn1_mac.h
APPS=
AR=ar r
CC=cc
INCLUDES=-I.. -I../../include
INSTALLTOP=/usr/local/ssl
LIB=../../libcrypto.a
-LIBOBJ=a_object.o a_bitstr.o a_utctm.o a_int.o a_octet.o a_print.o a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o a_sign.o a_digest.o a_verify.o x_algor.o x_val.o x_pubkey.o x_sig.o x_req.o x_attrib.o x_name.o x_cinf.o x_x509.o x_crl.o x_info.o x_spki.o d2i_r_pr.o i2d_r_pr.o d2i_r_pu.o i2d_r_pu.o d2i_s_pr.o i2d_s_pr.o d2i_s_pu.o i2d_s_pu.o d2i_pu.o d2i_pr.o i2d_pu.o i2d_pr.o t_req.o t_x509.o t_pkey.o p7_i_s.o p7_signi.o p7_signd.o p7_recip.o p7_enc_c.o p7_evp.o p7_dgst.o p7_s_e.o p7_enc.o p7_lib.o f_int.o f_string.o i2d_dhp.o i2d_dsap.o d2i_dhp.o d2i_dsap.o n_pkey.o a_hdr.o x_pkey.o a_bool.o x_exten.o asn1_par.o asn1_lib.o asn1_err.o a_meth.o a_bytes.o
-LIBSRC=a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_sign.c a_digest.c a_verify.c x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c t_req.c t_x509.c t_pkey.c p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c
+LIBOBJ=a_object.o a_bitstr.o a_utctm.o a_int.o a_octet.o a_print.o a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o a_sign.o a_digest.o a_verify.o x_algor.o x_val.o x_pubkey.o x_sig.o x_req.o x_attrib.o x_name.o x_cinf.o x_x509.o x_crl.o x_info.o x_spki.o d2i_r_pr.o i2d_r_pr.o d2i_r_pu.o i2d_r_pu.o d2i_s_pr.o i2d_s_pr.o d2i_s_pu.o i2d_s_pu.o d2i_pu.o d2i_pr.o i2d_pu.o i2d_pr.o t_req.o t_x509.o t_pkey.o p7_i_s.o p7_signi.o p7_signd.o p7_recip.o p7_enc_c.o p7_evp.o p7_dgst.o p7_s_e.o p7_enc.o p7_lib.o f_int.o f_string.o i2d_dhp.o i2d_dsap.o d2i_dhp.o d2i_dsap.o n_pkey.o a_hdr.o x_pkey.o a_bool.o x_exten.o asn1_par.o asn1_lib.o asn1_err.o a_meth.o a_bytes.o evp_asn1.o
+LIBSRC=a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_sign.c a_digest.c a_verify.c x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c t_req.c t_x509.c t_pkey.c p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c evp_asn1.c
MAKE=make -f Makefile.ssl
MAKEDEPEND=makedepend -f Makefile.ssl
MAKEFILE=Makefile.ssl
-SRC=a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_sign.c a_digest.c a_verify.c x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c t_req.c t_x509.c t_pkey.c p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c
+SRC=a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_sign.c a_digest.c a_verify.c x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c t_req.c t_x509.c t_pkey.c p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c evp_asn1.c
TEST=
TOP=../..
RELATIVE_DIRECTORY=
TOP=../..
RELATIVE_DIRECTORY=
RELATIVE_DIRECTORY=ssl
-ALL=Makefile README s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_pkt.c s2_enc.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_pkt.c s3_enc.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c ssl_err.c ssl.h ssl2.h ssl3.h ssl23.h ssl_locl.h
+ALL=Makefile README s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c ssl_err.c ssl.h ssl2.h ssl3.h ssl23.h tls1.h ssl_locl.h
APPS=
AR=ar r
CC=cc
DIR=ssl
ERR=ssl
ERRC=ssl_err
-EXHEADER=ssl.h ssl2.h ssl3.h ssl23.h
+EXHEADER=ssl.h ssl2.h ssl3.h ssl23.h tls1.h
GENERAL=Makefile README
-HEADER=ssl.h ssl2.h ssl3.h ssl23.h ssl_locl.h
+HEADER=ssl.h ssl2.h ssl3.h ssl23.h tls1.h ssl_locl.h
INCLUDES=-I../crypto -I../include
INSTALLTOP=/usr/local/ssl
LIB=../libssl.a
-LIBOBJ=s2_meth.o s2_srvr.o s2_clnt.o s2_lib.o s2_pkt.o s2_enc.o s3_meth.o s3_srvr.o s3_clnt.o s3_lib.o s3_pkt.o s3_enc.o s3_both.o s23_meth.o s23_srvr.o s23_clnt.o s23_lib.o s23_pkt.o ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o ssl_ciph.o ssl_stat.o ssl_rsa.o ssl_asn1.o ssl_txt.o ssl_algs.o bio_ssl.o ssl_err.o
-LIBSRC=s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_pkt.c s2_enc.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_pkt.c s3_enc.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c ssl_err.c
+LIBOBJ=s2_meth.o s2_srvr.o s2_clnt.o s2_lib.o s2_enc.o s2_pkt.o s3_meth.o s3_srvr.o s3_clnt.o s3_lib.o s3_enc.o s3_pkt.o s3_both.o s23_meth.o s23_srvr.o s23_clnt.o s23_lib.o s23_pkt.o t1_meth.o t1_srvr.o t1_clnt.o t1_lib.o t1_enc.o ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o ssl_ciph.o ssl_stat.o ssl_rsa.o ssl_asn1.o ssl_txt.o ssl_algs.o bio_ssl.o ssl_err.o
+LIBSRC=s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c ssl_err.c
MAKE=make -f Makefile.ssl
MAKEDEPEND=makedepend -f Makefile.ssl
MAKEFILE=Makefile.ssl
-SRC=s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_pkt.c s2_enc.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_pkt.c s3_enc.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c ssl_err.c
+SRC=s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c ssl_err.c
TEST=ssltest.c
TOP=..
RELATIVE_DIRECTORY=
TOP=..
RELATIVE_DIRECTORY=
RELATIVE_DIRECTORY=apps
-ALL=Makefile verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c gendsa.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c version.c sess_id.c ciphers.c apps.h progs.h s_apps.h testdsa.h testrsa.h
+ALL=Makefile verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c version.c sess_id.c ciphers.c apps.h progs.h s_apps.h testdsa.h testrsa.h
A_OBJ=apps.o
A_SRC=apps.c
CC=cc
EXE=ssleay
EXHEADER=
EX_LIBS=
-E_EXE=verify asn1pars req dgst dh enc gendh gendsa errstr ca crl rsa dsa dsaparam x509 genrsa s_server s_client speed s_time version pkcs7 crl2pkcs7 sess_id ciphers
-E_OBJ=verify.o asn1pars.o req.o dgst.o dh.o enc.o gendh.o errstr.o ca.o gendsa.o pkcs7.o crl2p7.o crl.o rsa.o dsa.o dsaparam.o x509.o genrsa.o s_server.o s_client.o speed.o s_time.o apps.o s_cb.o s_socket.o version.o sess_id.o ciphers.o
-E_SRC=verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c gendsa.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c version.c sess_id.c ciphers.c
+E_EXE=verify asn1pars req dgst dh enc gendh errstr ca crl rsa dsa dsaparam x509 genrsa s_server s_client speed s_time version pkcs7 crl2pkcs7 sess_id ciphers
+E_OBJ=verify.o asn1pars.o req.o dgst.o dh.o enc.o gendh.o errstr.o ca.o pkcs7.o crl2p7.o crl.o rsa.o dsa.o dsaparam.o x509.o genrsa.o s_server.o s_client.o speed.o s_time.o apps.o s_cb.o s_socket.o version.o sess_id.o ciphers.o
+E_SRC=verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c version.c sess_id.c ciphers.c
GENERAL=Makefile
HEADER=apps.h progs.h s_apps.h testdsa.h testrsa.h
INCLUDES=-I../include
PROGS=ssleay.c
RM=/bin/rm -f
SCRIPTS=CA.sh der_chop
-SRC=verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c gendsa.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c version.c sess_id.c ciphers.c
+SRC=verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c version.c sess_id.c ciphers.c
SSLEAY=ssleay
S_OBJ=s_cb.o s_socket.o
S_SRC=s_cb.c s_socket.c
TOP=..
RELATIVE_DIRECTORY=
RELATIVE_DIRECTORY=test
-ALL=Makefile.ssl bntest.c ideatest.c md2test.c md5test.c rc4test.c destest.c shatest.c sha1test.c mdc2test.c randtest.c dhtest.c rc2test.c bftest.c ssltest.c dsatest.c exptest.c
+ALL=Makefile.ssl bntest.c ideatest.c md2test.c md5test.c hmactest.c rc2test.c rc4test.c rc5test.c destest.c shatest.c sha1test.c mdc2test.c rmdtest.c randtest.c dhtest.c casttest.c bftest.c ssltest.c dsatest.c exptest.c
BFTEST=bftest
BNTEST=bntest
+CASTTEST=casttest
CC=cc
CFLAG=-g
CFLAGS=-I../include -g
DLIBCRYPTO=../libcrypto.a
DLIBSSL=../libssl.a
DSATEST=dsatest
-EXE=bntest ideatest md2test md5test rc4test destest shatest sha1test mdc2test randtest dhtest rc2test bftest ssltest exptest dsatest
+EXE=bntest ideatest md2test md5test hmactest rc2test rc4test rc5test destest shatest sha1test mdc2test rmdtest randtest dhtest bftest casttest ssltest exptest dsatest
EXHEADER=
EXPTEST=exptest
-EX_LIBS=-lnsl -lsocket
+EX_LIBS=
GENERAL=Makefile.ssl
HEADER=
+HMACTEST=hmactest
IDEATEST=ideatest
INCLUDES=-I../include
INSTALLTOP=/usr/local/ssl
MD5TEST=md5test
MDC2TEST=mdc2test
METHTEST=methtest
-OBJ=bntest.o ideatest.o md2test.o md5test.o rc4test.o destest.o shatest.o sha1test.o mdc2test.o randtest.o dhtest.o rc2test.o bftest.o ssltest.o dsatest.o exptest.o
+OBJ=bntest.o ideatest.o md2test.o md5test.o hmactest.o rc2test.o rc4test.o rc5test.o destest.o shatest.o sha1test.o mdc2test.o rmdtest.o randtest.o dhtest.o casttest.o bftest.o ssltest.o dsatest.o exptest.o
PEX_LIBS=
RANDTEST=randtest
RC2TEST=rc2test
RC4TEST=rc4test
+RC5TEST=rc5test
+RMDTEST=rmdtest
SHA1TEST=sha1test
SHATEST=shatest
-SRC=bntest.c ideatest.c md2test.c md5test.c rc4test.c destest.c shatest.c sha1test.c mdc2test.c randtest.c dhtest.c rc2test.c bftest.c ssltest.c dsatest.c exptest.c
+SRC=bntest.c ideatest.c md2test.c md5test.c hmactest.c rc2test.c rc4test.c rc5test.c destest.c shatest.c sha1test.c mdc2test.c rmdtest.c randtest.c dhtest.c casttest.c bftest.c ssltest.c dsatest.c exptest.c
SSLTEST=ssltest
TOP=..
RELATIVE_DIRECTORY=
#
# Makefile for all the SSL related library routines and utilities
-VERSION = 0.8.1a
+VERSION = 0.9.0a
#
# make install will install:
# libraries into $INSTALLTOP/lib
#
# If you must get hold of people directly (we much prefer the above
# lists to be used if the question is of general interest!):
-# Eric Young <eay@cryptsoft.com>
-# Tim Hudson <tjh@cryptsoft.com>
-# or both <ssleay@cryptsoft.com>
+# Eric Young <eay@cryptsoft.com>
+# Tim Hudson <tjh@cryptsoft.com>
+# or both <ssleay@cryptsoft.com>
#
# The primary distribution of SSLeay is from
# ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL
# NO_RC4 - Define to build without the RC4 algorithm
# NO_RC2 - Define to build without the RC2 algorithm
# THREADS - Define when building with threads, you will probably also need any
-# system defines as well, i.e. _REENTERANT for Solaris 2.[34]
+# system defines as well, i.e. _REENTERANT for Solaris 2.[34]
# TERMIO - Define the termio terminal subsystem, needed if sgtty is missing.
# TERMIOS - Define the termios terminal subsystem, Silicon Graphics.
# LONGCRYPT - Define to use HPUX 10.x's long password modification to crypt(3).
# DEVRANDOM - Give this the value of the 'random device' if your OS supports
-# one. 32 bytes will be read from this when the random
-# number generator is initalised.
+# one. 32 bytes will be read from this when the random
+# number generator is initalised.
# SSL_ALLOW_ADH - define if you want the server to be able to use the
-# SSLv3 anon-DH ciphers.
+# SSLv3 anon-DH ciphers.
# SSL_ALLOW_ENULL - define if you want the server to be able to use the
-# NULL encryption ciphers.
+# NULL encryption ciphers.
#
# LOCK_DEBUG - turns on lots of lock debug output :-)
# REF_CHECK - turn on some xyz_free() assertions.
+# REF_PRINT - prints some stuff on structure free.
# CRYPTO_MDEBUG - turns on my 'memory leak' detecting stuff
# MFUNC - Make all Malloc/Free/Realloc calls call
-# CRYPTO_malloc/CRYPTO_free/CRYPTO_realloc which can be setup to
-# call application defined callbacks via CRYPTO_set_mem_functions()
+# CRYPTO_malloc/CRYPTO_free/CRYPTO_realloc which can be setup to
+# call application defined callbacks via CRYPTO_set_mem_functions()
+# MD5_ASM needs to be defined to use the x86 assembler for MD5
+# SHA1_ASM needs to be defined to use the x86 assembler for SHA1
+# RMD160_ASM needs to be defined to use the x86 assembler for RIPEMD160
CC= cc
+#CFLAG= -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DMD5_ASM -DSHA1_ASM -DRMD160_ASM
CFLAG= -O -DNOPROTO
-#CFLAG= -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized
PEX_LIBS= -L. -L.. -L../.. -L../../..
EX_LIBS=
-#EX_LIBS= #-lRSAglue -lrsaref -lnsl -lsocket
AR=ar r
# Set BN_MULW to bn_mulw.o if you want to use the C version
-#BN_MULW= asm/x86-lnx.o
BN_MULW= bn_mulw.o
-#BN_MULW= asm/x86-lnx.o # elf
-#BN_MULW= asm/x86-sol.o # solaris
-#BN_MULW= asm/x86-lnxa.o # a.out, FreeBSD
-#BN_MULW= asm/x86-bsdi.o # bsdi
-#BN_MULW= asm/alpha.o # DEC Alpha
-#BN_MULW= asm/pa-risc2.o # HP-UX PA-RISC
-#BN_MULW= asm/r3000.o # SGI MIPS cpu
-#BN_MULW= asm/sparc.o # Sun solaris/SunOS
-#BN_MULW= asm/x86nt32.o # Windows 95/NT
-#BN_MULW= asm/x86w16.o # 16 bit code for Windows 3.1/DOS
-#BN_MULW= asm/x86w32.o # 32 bit code for Windows 3.1
+#BN_MULW= bn_mulw.o
+#BN_MULW= asm/bn86-elf.o # elf, linux-elf
+#BN_MULW= asm/bn86-sol.o # solaris
+#BN_MULW= asm/bn86-out.o # a.out, FreeBSD
+#BN_MULW= asm/bn86bsdi.o # bsdi
+#BN_MULW= asm/alpha.o # DEC Alpha
+#BN_MULW= asm/pa-risc2.o # HP-UX PA-RISC
+#BN_MULW= asm/r3000.o # SGI MIPS cpu
+#BN_MULW= asm/sparc.o # Sun solaris/SunOS
+#BN_MULW= asm/bn-win32.o # Windows 95/NT
+#BN_MULW= asm/x86w16.o # 16 bit code for Windows 3.1/DOS
+#BN_MULW= asm/x86w32.o # 32 bit code for Windows 3.1
# Set DES_ENC to des_enc.o if you want to use the C version
#There are 4 x86 assember options.
DES_ENC= des_enc.o fcrypt_b.o
-#DES_ENC= des_enc.o fcrypt_b.o # C
-#DES_ENC= asm/dx86-elf.o asm/cx86-elf.o # elf
-#DES_ENC= asm/dx86-sol.o asm/cx86-sol.o # solaris
-#DES_ENC= asm/dx86-out.o asm/cx86-out.o # a.out, FreeBSD
-#DES_ENC= asm/dx86bsdi.o asm/cx86bsdi.o # bsdi
+#DES_ENC= des_enc.o fcrypt_b.o # C
+#DES_ENC= asm/dx86-elf.o asm/yx86-elf.o # elf
+#DES_ENC= asm/dx86-sol.o asm/yx86-sol.o # solaris
+#DES_ENC= asm/dx86-out.o asm/yx86-out.o # a.out, FreeBSD
+#DES_ENC= asm/dx86bsdi.o asm/yx86bsdi.o # bsdi
# Set BF_ENC to bf_enc.o if you want to use the C version
#There are 4 x86 assember options.
BF_ENC= bf_enc.o
-#BF_ENC= bf_enc.o # C
+#BF_ENC= bf_enc.o
#BF_ENC= asm/bx86-elf.o # elf
-#BF_ENC= asm/bx86-sol.o # solaris
-#BF_ENC= asm/bx86-out.o # a.out, FreeBSD
-#BF_ENC= asm/bx86bsdi.o # bsdi
+#BF_ENC= asm/bx86-sol.o # solaris
+#BF_ENC= asm/bx86-out.o # a.out, FreeBSD
+#BF_ENC= asm/bx86bsdi.o # bsdi
-DIRS= crypto ssl rsaref apps test tools
+# Set CAST_ENC to c_enc.o if you want to use the C version
+#There are 4 x86 assember options.
+CAST_ENC= c_enc.o
+#CAST_ENC= c_enc.o
+#CAST_ENC= asm/cx86-elf.o # elf
+#CAST_ENC= asm/cx86-sol.o # solaris
+#CAST_ENC= asm/cx86-out.o # a.out, FreeBSD
+#CAST_ENC= asm/cx86bsdi.o # bsdi
+
+# Set RC4_ENC to rc4_enc.o if you want to use the C version
+#There are 4 x86 assember options.
+RC4_ENC= rc4_enc.o
+#RC4_ENC= rc4_enc.o
+#RC4_ENC= asm/rx86-elf.o # elf
+#RC4_ENC= asm/rx86-sol.o # solaris
+#RC4_ENC= asm/rx86-out.o # a.out, FreeBSD
+#RC4_ENC= asm/rx86bsdi.o # bsdi
+
+# Set RC5_ENC to rc5_enc.o if you want to use the C version
+#There are 4 x86 assember options.
+RC5_ENC= rc5_enc.o
+#RC5_ENC= rc5_enc.o
+#RC5_ENC= asm/r586-elf.o # elf
+#RC5_ENC= asm/r586-sol.o # solaris
+#RC5_ENC= asm/r586-out.o # a.out, FreeBSD
+#RC5_ENC= asm/r586bsdi.o # bsdi
+
+# Also need MD5_ASM defined
+MD5_ASM_OBJ=
+#MD5_ASM_OBJ= asm/mx86-elf.o # elf
+#MD5_ASM_OBJ= asm/mx86-sol.o # solaris
+#MD5_ASM_OBJ= asm/mx86-out.o # a.out, FreeBSD
+#MD5_ASM_OBJ= asm/mx86bsdi.o # bsdi
+
+# Also need SHA1_ASM defined
+SHA1_ASM_OBJ=
+#SHA1_ASM_OBJ= asm/sx86-elf.o # elf
+#SHA1_ASM_OBJ= asm/sx86-sol.o # solaris
+#SHA1_ASM_OBJ= asm/sx86-out.o # a.out, FreeBSD
+#SHA1_ASM_OBJ= asm/sx86bsdi.o # bsdi
+
+# Also need RMD160_ASM defined
+RMD160_ASM_OBJ=
+#RMD160_ASM_OBJ= asm/rm86-elf.o # elf
+#RMD160_ASM_OBJ= asm/rm86-sol.o # solaris
+#RMD160_ASM_OBJ= asm/rm86-out.o # a.out, FreeBSD
+#RMD160_ASM_OBJ= asm/rm86bsdi.o # bsdi
+
+DIRS= crypto ssl rsaref apps test tools
# dirs in crypto to build
SDIRS= \
- md sha mdc2 des rc4 rc2 idea bf bn rsa dsa dh \
+ md2 md5 sha mdc2 hmac ripemd \
+ des rc2 rc4 rc5 idea bf cast \
+ bn rsa dsa dh \
buffer bio stack lhash rand err objects \
evp pem asn1 x509 conf txt_db pkcs7
INSTALLTOP=/usr/local/ssl
MAKEFILE= Makefile.ssl
-MAKE= make -f Makefile.ssl
+MAKE= make -f Makefile.ssl
MAN1=1
MAN3=3
SHELL=/bin/sh
-TOP= .
+TOP= .
ONEDIRS=out tmp
-EDIRS= times doc bugs util include certs ms shlib mt demos
-MISC= COPYRIGHT Configure HISTORY.066 INSTALL Makefile.ssl Makefile \
- README TODO HISTORY README.066 README.080 \
+EDIRS= times doc bugs util include certs ms shlib mt demos perl dep
+MISC= COPYRIGHT Configure HISTORY.066 INSTALL Makefile.ssl Makefile \
+ README TODO HISTORY README.066 README.080 README.090 \
VERSION PROBLEMS MINFO makefile.one e_os.h \
- MICROSOFT makevms.com
-WDIRS= windows
-LIBS= libcrypto.a libssl.a
-
-GENERAL= Makefile
-BASENAME= SSLeay
-NAME= $(BASENAME)-$(VERSION)
-TARFILE= $(NAME).tar
-WTARFILE= $(NAME)-win.tar
-EX_HEADER=
-HEADER= e_os.h
+ MICROSOFT makevms.com config PATENTS
+WDIRS= windows
+LIBS= libcrypto.a libssl.a
+
+GENERAL= Makefile
+BASENAME= SSLeay
+NAME= $(BASENAME)-$(VERSION)
+TARFILE= $(NAME).tar
+WTARFILE= $(NAME)-win.tar
+EXHEADER= e_os.h
+HEADER= e_os.h
all:
@for i in $(DIRS) ;\
do \
(cd $$i; echo "making $$i..."; \
- $(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_MULW='${BN_MULW}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' SDIRS='${SDIRS}' AR='${AR}' all ); \
+ $(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_MULW='${BN_MULW}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' SDIRS='${SDIRS}' AR='${AR}' all ); \
done;
sub_all:
@for i in $(DIRS) ;\
do \
(cd $$i; echo "making $$i..."; \
- $(MAKE) CC='${CC}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_MULW='${BN_MULW}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' AR='${AR}' all ); \
+ $(MAKE) CC='${CC}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_MULW='${BN_MULW}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' all ); \
done;
clean:
- /bin/rm -f *.o core a.out fluff *.map
+ /bin/rm -f shlib/*.o *.o core a.out fluff *.map
@for i in $(DIRS) ;\
do \
(cd $$i; echo "cleaning $$i..."; \
/bin/rm -f $(TARFILE)
@for i in $(ONEDIRS) ;\
do \
- /bin/rm -f $$i/*; \
+ /bin/rm -fr $$i/*; \
done
makefile.one: files
perl util/mk1mf.pl >makefile.one; \
sh util/do_ms.sh
-files: MINFO
+files: MINFO
perl $(TOP)/util/files.pl Makefile.ssl > $(TOP)/MINFO
@for i in $(DIRS) ;\
do \
links:
/bin/rm -f Makefile;
./util/point.sh Makefile.ssl Makefile;
+ $(TOP)/util/mklink.sh include $(EXHEADER) ;
@for i in $(DIRS) ;\
do \
(cd $$i; echo "making links in $$i..."; \
$(MAKE) SDIRS='${SDIRS}' links ); \
done;
# @(cd apps; sh ./mklinks)
- sh tools/c_rehash certs
+ @( SSLEAY="`pwd`/apps/ssleay"; export SSLEAY; sh tools/c_rehash certs )
dclean:
/bin/rm -f *.bak
rehash:
@(PATH="`pwd`/apps:${PATH}"; sh tools/c_rehash certs)
-test: tests
+test: tests
tests:
(cd test; echo "testing $$i..."; \
- $(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_MULW='${BN_MULW}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' SDIRS='${SDIRS}' AR='${AR}' tests );
+ $(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_MULW='${BN_MULW}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SDIRS='${SDIRS}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' tests );
@apps/ssleay version -a
depend:
mv $(NAME) $(BASENAME) )
gzip -f $(TARFILE)
-dist:
+dist:
perl Configure dist
+ perl util/up_ver.pl ${VERSION}
@$(MAKE) dist_pem_h
@$(MAKE) SDIRS='${SDIRS}' clean
@$(MAKE) SDIRS='${SDIRS}' dclean
done
@for i in $(LIBS) ;\
do \
- ( echo installing $$i; \
+ ( echo installing $$i; \
cp $$i $(INSTALLTOP)/lib; \
sh util/ranlib.sh $(INSTALLTOP)/lib/$$i; \
chmod 644 $(INSTALLTOP)/lib/$$i ); \
--- /dev/null
+RSA Data Security holds software patents on the RSA and RC5 algorithms.
+If there ciphers are used used inside the USA (and Japan?), you must contact
+RSA Data Security for licencing conditions.
+
+The IDEA algorithm is patented by XXXX and they should be contacted if that
+algorithm is to be used.
+
+RC4 is a trademark of RSA Data Security, so use of this label should perhaps
+only me used with RSA Data Security's permission.
- SSLeay 0.8.1b 29-Jun-1998
+ SSLeay 0.9.0b 29-Jun-1998
Copyright (c) 1997, Eric Young
All rights reserved.
--- /dev/null
+10-Apr-1998
+I said the next version would go out at easter, and so it shall.
+I expect a 0.9.1 will follow with portability fixes in the next few weeks.
+
+This is a quick, meet the deadline. Look to ssl-users for comments on what
+is new etc.
+
+The state of play
+- TLSv1 - I need to do some explaining about how the methods interact.
+ The bad news is that SSLeay 0.8.x application will not roll back to
+ SSLv3, I suffed up. 0.8.x is rather pedantic about the '3.0' version
+ number. Look at the 'no-tls' options in applications in the apps directory.
+- The perl5 stuff is very rough. The SSL part does not work due to
+ reference count hassles in the BIO stuff. I just have not had time to
+ look at it. The cipher, digest and bignum stuff works though. I just
+ need to clean up the API.
+- Lots of x86 assember. I now have it for des, 3des, rc4, rc5, blowfish,
+ cast, md5, sha1 and ripemd160. It has been tested on win32, linux (elf)
+ and FreeBSD (a.out).
+- As mentioned above, cast, rc5 and ripemd160 have been added.
+- A simple HMAC set of functions.
+- EX_DATA strucutre, which can be used by applications or other libraries
+ to tack arbitarty data against strucutures that include it.
+ You will probably have to see examples to see how to use it, and I will
+ elaberate on the ssl-users mailing list
+- RSA blinding. If you fear timing attacks on RSA, you can turn on
+ blinding which defeats it.
+- From Tim Hudson, try running 'sh config' instead of 'perl Configure'.
+ I makes an educated guess as to what you are and then runs 'perl Configure'
+- The error stuff has been modified so arbitary strings can be taged
+ against an error message. It is used in a few places to elaberate on
+ parameters that caused the error.
+
+Areas of work
+- The 16bit big-num assember needs a routine added. The WIN16 and
+ WIN32 stuff is ok, but MS-DOS or 286 builds need the update.
+- Most of the bignum assember will not work. There will be a function
+ missing, bn_add_words(). I need people to send me the C compiler output
+ for platforms I don't already have. Currently, the assember is correct for
+ x86, win32, win16(386+), linux elf, FreeBSD a.out and sparc.
+- PKCS7, I have delusions of s/MIME. I need to do a BIO interface.
+- perl5, it needs finishing
+- X509v3 extension. I have some ideas, I just need to
+ implement them :-)
+- Public key methods. I need to clean up the library internally so
+ public key methods are loaded is a similar way to symetric ciphers
+ and digests. I also need to seperate out the digests from public
+ key methods. This stuff is needed to support sortware patents, smaller
+ code size and hardware tokens.
+
+Anyway, this release gets out the bug fixes and TLS, but be warned, until
+all those old SSLeay 0.8.x based server get upgraded, you will need to
+connect with SSLv3 if TLSv1 fails.
+
+eric (about to go bushwalking for the 4 day easter break :-)
+
+PS Common problems
+- For Win32 build, use /MD to specify your libraries, or build SSLeay with
+ the same flags as your application. Visual C stuffs up the malloc routines
+ if memory allocated by one memory model is freed by another. FILE pointers
+ are a major cause of these problem.
+- If you are trying to use non-blocking IO and it is not working,
+ try 'ssleay s_client -help' and see if the -nbio option is listed.
+ For unixware, it has the non-block IO define in 'differnt' header file
+ and SSLeay will silently build without non-blocking IO calls (but for
+ unixware, the special header has been included).
+- -DL_ENDIAN. For the message digests, some code needs to be turned off
+ in the C code when assember is used. For x86, this means the L_ENDIAN
+ needs to defined when x86 -DSHA1_ASM is defined. The reasons this is
+ not automagically done is because non-x86 assember could be bigendian.
+ For pure C code builds, the B_ENDIAN/L_ENDIAN flags are optional.
EXE= $(SSLEAY)
-E_EXE= verify asn1pars req dgst dh enc gendh gendsa errstr ca crl \
+E_EXE= verify asn1pars req dgst dh enc gendh errstr ca crl \
rsa dsa dsaparam \
x509 genrsa s_server s_client speed \
s_time version pkcs7 crl2pkcs7 sess_id ciphers
S_SRC= s_cb.c s_socket.c
E_OBJ= verify.o asn1pars.o req.o dgst.o dh.o enc.o gendh.o errstr.o ca.o \
- gendsa.o pkcs7.o crl2p7.o crl.o \
+ pkcs7.o crl2p7.o crl.o \
rsa.o dsa.o dsaparam.o \
x509.o genrsa.o s_server.o s_client.o speed.o \
s_time.o $(A_OBJ) $(S_OBJ) version.o sess_id.o \
# pem_mail.o
E_SRC= verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c \
- gendsa.c pkcs7.c crl2p7.c crl.c \
+ pkcs7.c crl2p7.c crl.c \
rsa.c dsa.c dsaparam.c \
x509.c genrsa.c s_server.c s_client.c speed.c \
s_time.c $(A_SRC) $(S_SRC) version.c sess_id.c \
/* apps/apps.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
#include "apps.h"
#undef NON_MAIN
-#ifdef WIN16
-#define APPS_WIN16
-#ifdef FLAT_BUILD
-#include "bss_file.c"
-#else
-#include "../crypto/bio/bss_file.c"
-#endif
+#ifdef WINDOWS
+# include "bss_file.c"
#endif
#ifndef NOPROTO
/* apps/apps.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
#ifndef HEADER_APPS_H
#define HEADER_APPS_H
-#ifdef FLAT_INC
#include "e_os.h"
-#else
-#include "../e_os.h"
-#endif
#include "buffer.h"
#include "bio.h"
#include "crypto.h"
#include "progs.h"
-#ifdef WIN16
+#ifdef NO_STDIO
BIO_METHOD *BIO_s_file();
#endif
/* apps/asn1pars.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* -i - indent the details by depth
* -offset - where in the file to start
* -length - how many bytes to use
+ * -oid file - extra oid decription file
*/
#undef PROG
long num;
BIO *in=NULL,*out=NULL,*b64=NULL;
int informat,indent=0;
- char *infile,*str=NULL,*prog;
+ char *infile=NULL,*str=NULL,*prog,*oidfile=NULL;
BUF_MEM *buf=NULL;
- infile=NULL;
informat=FORMAT_PEM;
apps_startup();
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
- BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
prog=argv[0];
argc--;
{
indent=1;
}
+ else if (strcmp(*argv,"-oid") == 0)
+ {
+ if (--argc < 1) goto bad;
+ oidfile= *(++argv);
+ }
else if (strcmp(*argv,"-offset") == 0)
{
if (--argc < 1) goto bad;
BIO_printf(bio_err," -offset arg offset into file\n");
BIO_printf(bio_err," -length arg lenth of section in file\n");
BIO_printf(bio_err," -i indent entries\n");
+ BIO_printf(bio_err," -oid file file of extra oid definitions\n");
goto end;
}
ERR_print_errors(bio_err);
goto end;
}
- BIO_set_fp(out,stdout,BIO_NOCLOSE);
+ BIO_set_fp(out,stdout,BIO_NOCLOSE|BIO_FP_TEXT);
+
+ if (oidfile != NULL)
+ {
+ if (BIO_read_filename(in,oidfile) <= 0)
+ {
+ BIO_printf(bio_err,"problems opening %s\n",oidfile);
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ OBJ_create_objects(in);
+ }
+
if (infile == NULL)
BIO_set_fp(in,stdin,BIO_NOCLOSE);
else
if (ret != 0)
ERR_print_errors(bio_err);
if (buf != NULL) BUF_MEM_free(buf);
+ OBJ_cleanup();
EXIT(ret);
}
/* apps/ca.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
#define ENV_PRIVATE_KEY "private_key"
#define ENV_RANDFILE "RANDFILE"
#define ENV_DEFAULT_DAYS "default_days"
+#define ENV_DEFAULT_STARTDATE "default_startdate"
#define ENV_DEFAULT_CRL_DAYS "default_crl_days"
#define ENV_DEFAULT_CRL_HOURS "default_crl_hours"
#define ENV_DEFAULT_MD "default_md"
" -outdir dir - Where to put output certificates\n",
" -infiles .... - The last argument, requests to process\n",
" -spkac file - File contains DN and signed public key and challenge\n",
+" -ss_cert file - File contains a self signed cert to sign\n",
" -preserveDN - Don't re-order the DN\n",
" -batch - Don't ask questions\n",
" -msie_hack - msie modifications to handle all thos universal strings\n",
static BIGNUM *load_serial(char *serialfile);
static int save_serial(char *serialfile, BIGNUM *serial);
static int certify(X509 **xret, char *infile,EVP_PKEY *pkey,X509 *x509,
- EVP_MD *dgst,STACK *policy,TXT_DB *db,BIGNUM *serial,int days,
- int batch, STACK *extensions,int verbose);
+ EVP_MD *dgst,STACK *policy,TXT_DB *db,BIGNUM *serial,char *startdate,
+ int days, int batch, STACK *extensions,int verbose);
+static int certify_cert(X509 **xret, char *infile,EVP_PKEY *pkey,X509 *x509,
+ EVP_MD *dgst,STACK *policy,TXT_DB *db,BIGNUM *serial,char *startdate,
+ int days,int batch,STACK *extensions,int verbose);
static int certify_spkac(X509 **xret, char *infile,EVP_PKEY *pkey,X509 *x509,
- EVP_MD *dgst,STACK *policy,TXT_DB *db,BIGNUM *serial,int days,
- STACK *extensions,int verbose);
+ EVP_MD *dgst,STACK *policy,TXT_DB *db,BIGNUM *serial,char *startdate,
+ int days,STACK *extensions,int verbose);
static int fix_data(int nid, int *type);
static void write_new_certificate(BIO *bp, X509 *x, int output_der);
static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, EVP_MD *dgst,
- STACK *policy, TXT_DB *db, BIGNUM *serial, int days, int batch,
- int verbose, X509_REQ *req, STACK *extensions);
+ STACK *policy, TXT_DB *db, BIGNUM *serial, char *startdate,
+ int days, int batch, int verbose, X509_REQ *req, STACK *extensions);
static int check_time_format(char *str);
#else
static STACK *load_extensions();
static BIGNUM *load_serial();
static int save_serial();
static int certify();
+static int certify_cert();
static int certify_spkac();
static void write_new_certificate();
static int do_body();
char *certfile=NULL;
char *infile=NULL;
char *spkac_file=NULL;
+ char *ss_cert_file=NULL;
EVP_PKEY *pkey=NULL;
int output_der = 0;
char *outfile=NULL;
char *serialfile=NULL;
char *extensions=NULL;
BIGNUM *serial=NULL;
+ char *startdate=NULL;
int days=0;
int batch=0;
X509 *x509=NULL;
preserve=0;
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
- BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
argc--;
argv++;
if (--argc < 1) goto bad;
section= *(++argv);
}
+ else if (strcmp(*argv,"-startdate") == 0)
+ {
+ if (--argc < 1) goto bad;
+ startdate= *(++argv);
+ }
else if (strcmp(*argv,"-days") == 0)
{
if (--argc < 1) goto bad;
req=1;
break;
}
+ else if (strcmp(*argv, "-ss_cert") == 0)
+ {
+ if (--argc < 1) goto bad;
+ ss_cert_file = *(++argv);
+ req=1;
+ }
else if (strcmp(*argv, "-spkac") == 0)
{
if (--argc < 1) goto bad;
}
if (verbose)
{
- BIO_set_fp(out,stdout,BIO_NOCLOSE); /* cannot fail */
+ BIO_set_fp(out,stdout,BIO_NOCLOSE|BIO_FP_TEXT); /* cannot fail */
TXT_DB_write(out,db);
BIO_printf(bio_err,"%d entries loaded from the database\n",
db->data->num);
}
}
else
- BIO_set_fp(Sout,stdout,BIO_NOCLOSE);
+ BIO_set_fp(Sout,stdout,BIO_NOCLOSE|BIO_FP_TEXT);
}
if (req)
goto err;
}
+ if (startdate == NULL)
+ {
+ startdate=(char *)CONF_get_string(conf,section,
+ ENV_DEFAULT_STARTDATE);
+ if (startdate == NULL)
+ startdate="today";
+ else
+ {
+ if (!ASN1_UTCTIME_set_string(NULL,startdate))
+ {
+ BIO_printf(bio_err,"start date is invalid, it should be YYMMDDHHMMSS\n");
+ goto err;
+ }
+ }
+ }
+
if (days == 0)
{
days=(int)CONF_get_number(conf,section,
{
total++;
j=certify_spkac(&x,spkac_file,pkey,x509,dgst,attribs,db,
- serial,days,extensions_sk,verbose);
+ serial,startdate,days,extensions_sk,verbose);
if (j < 0) goto err;
if (j > 0)
{
}
}
}
+ if (ss_cert_file != NULL)
+ {
+ total++;
+ j=certify_cert(&x,ss_cert_file,pkey,x509,dgst,attribs,
+ db,serial,startdate,days,batch,
+ extensions_sk,verbose);
+ if (j < 0) goto err;
+ if (j > 0)
+ {
+ total_done++;
+ BIO_printf(bio_err,"\n");
+ if (!BN_add_word(serial,1)) goto err;
+ if (!sk_push(cert_sk,(char *)x))
+ {
+ BIO_printf(bio_err,"Malloc failure\n");
+ goto err;
+ }
+ }
+ }
if (infile != NULL)
{
total++;
j=certify(&x,infile,pkey,x509,dgst,attribs,db,
- serial,days,batch,extensions_sk,verbose);
+ serial,startdate,days,batch,
+ extensions_sk,verbose);
if (j < 0) goto err;
if (j > 0)
{
{
total++;
j=certify(&x,argv[i],pkey,x509,dgst,attribs,db,
- serial,days,batch,extensions_sk,verbose);
+ serial,startdate,days,batch,
+ extensions_sk,verbose);
if (j < 0) goto err;
if (j > 0)
{
{
for (k=0; k<j; k++)
{
- sprintf((char *)n,"%02X",*(p++));
+ sprintf((char *)n,"%02X",(unsigned char)*(p++));
n+=2;
}
}
if (ci->issuer == NULL) goto err;
X509_gmtime_adj(ci->lastUpdate,0);
+ if (ci->nextUpdate == NULL)
+ ci->nextUpdate=ASN1_UTCTIME_new();
X509_gmtime_adj(ci->nextUpdate,(crldays*24+crlhours)*60*60);
for (i=0; i<sk_num(db->data); i++)
return(ret);
}
-static int certify(xret,infile,pkey,x509,dgst,policy,db,serial,days,
+static int certify(xret,infile,pkey,x509,dgst,policy,db,serial,startdate,days,
batch,extensions,verbose)
X509 **xret;
char *infile;
STACK *policy;
TXT_DB *db;
BIGNUM *serial;
+char *startdate;
int days;
int batch;
STACK *extensions;
BIO_printf(bio_err,"Check that the request matches the signature\n");
- if ( (req->req_info == NULL) ||
- (req->req_info->pubkey == NULL) ||
- (req->req_info->pubkey->public_key == NULL) ||
- (req->req_info->pubkey->public_key->data == NULL))
- {
- BIO_printf(bio_err,"The certificate request appears to corrupted\n");
- BIO_printf(bio_err,"It does not contain a public key\n");
- goto err;
- }
if ((pktmp=X509_REQ_get_pubkey(req)) == NULL)
{
BIO_printf(bio_err,"error unpacking public key\n");
else
BIO_printf(bio_err,"Signature ok\n");
- ok=do_body(xret,pkey,x509,dgst,policy,db,serial,days,batch,verbose,req,
- extensions);
+ ok=do_body(xret,pkey,x509,dgst,policy,db,serial,startdate,
+ days,batch,verbose,req,extensions);
err:
if (req != NULL) X509_REQ_free(req);
return(ok);
}
-static int do_body(xret,pkey,x509,dgst,policy,db,serial,days,batch,verbose,req,
- extensions)
+static int certify_cert(xret,infile,pkey,x509,dgst,policy,db,serial,startdate,
+ days, batch,extensions,verbose)
X509 **xret;
+char *infile;
EVP_PKEY *pkey;
X509 *x509;
EVP_MD *dgst;
STACK *policy;
TXT_DB *db;
BIGNUM *serial;
+char *startdate;
+int days;
+int batch;
+STACK *extensions;
+int verbose;
+ {
+ X509 *req=NULL;
+ X509_REQ *rreq=NULL;
+ BIO *in=NULL;
+ EVP_PKEY *pktmp=NULL;
+ int ok= -1,i;
+
+ in=BIO_new(BIO_s_file());
+
+ if (BIO_read_filename(in,infile) <= 0)
+ {
+ perror(infile);
+ goto err;
+ }
+ if ((req=PEM_read_bio_X509(in,NULL,NULL)) == NULL)
+ {
+ BIO_printf(bio_err,"Error reading self signed certificate in %s\n",infile);
+ goto err;
+ }
+ if (verbose)
+ X509_print(bio_err,req);
+
+ BIO_printf(bio_err,"Check that the request matches the signature\n");
+
+ if ((pktmp=X509_get_pubkey(req)) == NULL)
+ {
+ BIO_printf(bio_err,"error unpacking public key\n");
+ goto err;
+ }
+ i=X509_verify(req,pktmp);
+ if (i < 0)
+ {
+ ok=0;
+ BIO_printf(bio_err,"Signature verification problems....\n");
+ goto err;
+ }
+ if (i == 0)
+ {
+ ok=0;
+ BIO_printf(bio_err,"Signature did not match the certificate request\n");
+ goto err;
+ }
+ else
+ BIO_printf(bio_err,"Signature ok\n");
+
+ if ((rreq=X509_to_X509_REQ(req,NULL,EVP_md5())) == NULL)
+ goto err;
+
+ ok=do_body(xret,pkey,x509,dgst,policy,db,serial,startdate,days,
+ batch,verbose,rreq,extensions);
+
+err:
+ if (rreq != NULL) X509_REQ_free(rreq);
+ if (req != NULL) X509_free(req);
+ if (in != NULL) BIO_free(in);
+ return(ok);
+ }
+
+static int do_body(xret,pkey,x509,dgst,policy,db,serial,startdate,days,
+ batch,verbose,req, extensions)
+X509 **xret;
+EVP_PKEY *pkey;
+X509 *x509;
+EVP_MD *dgst;
+STACK *policy;
+TXT_DB *db;
+BIGNUM *serial;
+char *startdate;
int days;
int batch;
int verbose;
STACK *extensions;
{
X509_NAME *name=NULL,*CAname=NULL,*subject=NULL;
- ASN1_UTCTIME *tm;
+ ASN1_UTCTIME *tm,*tmptm;
ASN1_STRING *str,*str2;
ASN1_OBJECT *obj;
X509 *ret=NULL;
char *row[DB_NUMBER],**rrow,**irow=NULL;
char buf[25],*pbuf;
+ tmptm=ASN1_UTCTIME_new();
+ if (tmptm == NULL)
+ {
+ BIO_printf(bio_err,"malloc error\n");
+ return(0);
+ }
+
for (i=0; i<DB_NUMBER; i++)
row[i]=NULL;
goto err;
BIO_printf(bio_err,"Certificate is to be certified until ");
- X509_gmtime_adj(X509_get_notBefore(ret),0);
- X509_gmtime_adj(X509_get_notAfter(ret),(long)60*60*24*days);
+ if (strcmp(startdate,"today") == 0)
+ {
+ X509_gmtime_adj(X509_get_notBefore(ret),0);
+ X509_gmtime_adj(X509_get_notAfter(ret),(long)60*60*24*days);
+ }
+ else
+ {
+ /*XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX*/
+ ASN1_UTCTIME_set_string(X509_get_notBefore(ret),startdate);
+ }
ASN1_UTCTIME_print(bio_err,X509_get_notAfter(ret));
BIO_printf(bio_err," (%d days)\n",days);
BIO_puts(bp,"\n");
}
-static int certify_spkac(xret,infile,pkey,x509,dgst,policy,db,serial,days,
- extensions,verbose)
+static int certify_spkac(xret,infile,pkey,x509,dgst,policy,db,serial,
+ startdate,days,extensions,verbose)
X509 **xret;
char *infile;
EVP_PKEY *pkey;
STACK *policy;
TXT_DB *db;
BIGNUM *serial;
+char *startdate;
int days;
STACK *extensions;
int verbose;
BIO_printf(bio_err,"Signature ok\n");
X509_REQ_set_pubkey(req,pktmp);
- ok=do_body(xret,pkey,x509,dgst,policy,db,serial,days,1,verbose,req,
- extensions);
+ ok=do_body(xret,pkey,x509,dgst,policy,db,serial,startdate,
+ days,1,verbose,req,extensions);
err:
if (req != NULL) X509_REQ_free(req);
if (parms != NULL) CONF_free(parms);
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIBoDCCAUoCAQAwDQYJKoZIhvcNAQEEBQAwYzELMAkGA1UEBhMCQVUxEzARBgNV
+BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMSMwIQYD
+VQQDExpTZXJ2ZXIgdGVzdCBjZXJ0ICg1MTIgYml0KTAeFw05NzA5MDkwMzQxMjZa
+Fw05NzEwMDkwMzQxMjZaMF4xCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0
+YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxFzAVBgNVBAMT
+DkVyaWMgdGhlIFlvdW5nMFEwCQYFKw4DAgwFAANEAAJBALVEqPODnpI4rShlY8S7
+tB713JNvabvn6Gned7zylwLLiXQAo/PAT6mfdWPTyCX9RlId/Aroh1ou893BA32Q
+sggwDQYJKoZIhvcNAQEEBQADQQCU5SSgapJSdRXJoX+CpCvFy+JVh9HpSjCpSNKO
+19raHv98hKAUJuP9HyM+SUsffO6mAIgitUaqW8/wDMePhEC3
+-----END CERTIFICATE-----
/* apps/ciphers.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
-#ifdef WIN16
+#ifdef NO_STDIO
#define APPS_WIN16
#endif
#include "apps.h"
/* apps/crl.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
BIO *out=NULL;
int informat,outformat;
char *infile=NULL,*outfile=NULL;
- char *str=NULL;
int hash=0,issuer=0,lastupdate=0,nextupdate=0,noout=0;
char **pp,buf[256];
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
- BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
if (bio_out == NULL)
if ((bio_out=BIO_new(BIO_s_file())) != NULL)
if (issuer == i)
{
X509_NAME_oneline(x->crl->issuer,buf,256);
- fprintf(stdout,"issuer= %s\n",str);
+ fprintf(stdout,"issuer= %s\n",buf);
}
if (hash == i)
if (nextupdate == i)
{
fprintf(stdout,"nextUpdate=");
- ASN1_UTCTIME_print(bio_out,x->crl->nextUpdate);
+ if (x->crl->nextUpdate != NULL)
+ ASN1_UTCTIME_print(bio_out,x->crl->nextUpdate);
+ else
+ fprintf(stdout,"NONE");
fprintf(stdout,"\n");
}
}
else if (outformat == FORMAT_TEXT)
{
X509_REVOKED *r;
+ STACK *sk;
- while ((r=(X509_REVOKED *)sk_pop(x->crl->revoked)) != NULL)
+ sk=sk_dup(x->crl->revoked);
+ while ((r=(X509_REVOKED *)sk_pop(sk)) != NULL)
{
fprintf(stdout,"revoked: serialNumber=");
i2a_ASN1_INTEGER(out,r->serialNumber);
ASN1_UTCTIME_print(bio_out,r->revocationDate);
fprintf(stdout,"\n");
}
+ sk_free(sk);
i=1;
}
else
/* apps/crl2p7.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
- BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
infile=NULL;
outfile=NULL;
/* apps/dgst.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
}
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
- BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
/* first check the program name */
program_name(argv[0],pname,PROG_NAME_SIZE);
BIO_printf(bio_err,"unknown option '%s'\n",*argv);
BIO_printf(bio_err,"options are\n");
BIO_printf(bio_err,"-c to output the digest with separating colons\n");
- BIO_printf(bio_err,"-c to output debug info\n");
- BIO_printf(bio_err,"-%3s to use the %s message digest alogorithm (default)\n",
+ BIO_printf(bio_err,"-d to output debug info\n");
+ BIO_printf(bio_err,"-%3s to use the %s message digest algorithm (default)\n",
LN_md5,LN_md5);
- BIO_printf(bio_err,"-%3s to use the %s message digest alogorithm\n",
+ BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
LN_md2,LN_md2);
- BIO_printf(bio_err,"-%3s to use the %s message digest alogorithm\n",
+ BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
LN_sha1,LN_sha1);
- BIO_printf(bio_err,"-%3s to use the %s message digest alogorithm\n",
+ BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
LN_sha,LN_sha);
- BIO_printf(bio_err,"-%3s to use the %s message digest alogorithm\n",
+ BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
LN_mdc2,LN_mdc2);
err=1;
goto end;
/* apps/dh.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
- BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
infile=NULL;
outfile=NULL;
/* apps/dsa.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
- BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
infile=NULL;
outfile=NULL;
--- /dev/null
+-----BEGIN DSA PARAMETERS-----
+MIGcAkEA+ZiKEvZmc9MtnaFZh4NiZ3oZS4J1PHvPrm9MXj5ntVheDPkdmBDTncya
+GAJcMjwsyB/GvLDGd6yGCw/8eF+09wIVAK3VagOxGd/Q4Af5NbxR5FB7CXEjAkA2
+t/q7HgVLi0KeKvcDG8BRl3wuy7bCvpjgtWiJc/tpvcuzeuAayH89UofjAGueKjXD
+ADiRffvSdhrNw5dkqdql
+-----END DSA PARAMETERS-----
/* apps/dsaparam.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
*/
#ifndef NOPROTO
-static void MS_CALLBACK dsa_cb(int p, int n);
+static void MS_CALLBACK dsa_cb(int p, int n, char *arg);
#else
static void MS_CALLBACK dsa_cb();
#endif
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
- BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
infile=NULL;
outfile=NULL;
BIO_printf(bio_err,"Generating DSA parameters, %d bit long prime\n",num);
BIO_printf(bio_err,"This could take some time\n");
- dsa=DSA_generate_parameters(num,NULL,0,NULL,NULL,dsa_cb);
+ dsa=DSA_generate_parameters(num,NULL,0,NULL,NULL,
+ dsa_cb,(char *)bio_err);
}
else if (informat == FORMAT_ASN1)
dsa=d2i_DSAparams_bio(in,NULL);
EXIT(ret);
}
-static void MS_CALLBACK dsa_cb(p, n)
+static void MS_CALLBACK dsa_cb(p, n, arg)
int p;
int n;
+char *arg;
{
char c='*';
if (p == 1) c='+';
if (p == 2) c='*';
if (p == 3) c='\n';
- BIO_write(bio_err,&c,1);
- BIO_flush(bio_err);
+ BIO_write((BIO *)arg,&c,1);
+ BIO_flush((BIO *)arg);
#ifdef LINT
p=n;
#endif
/* apps/eay.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
/* apps/enc.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
char *str=NULL;
char *hkey=NULL,*hiv=NULL;
int enc=1,printkey=0,i,base64=0;
- int debug=0;
+ int debug=0,olb64=0;
EVP_CIPHER *cipher=NULL,*c;
char *inf=NULL,*outf=NULL;
BIO *in=NULL,*out=NULL,*b64=NULL,*benc=NULL,*rbio=NULL,*wbio=NULL;
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
- BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
/* first check the program name */
program_name(argv[0],pname,PROG_NAME_SIZE);
debug=1;
else if (strcmp(*argv,"-P") == 0)
printkey=2;
+ else if (strcmp(*argv,"-A") == 0)
+ olb64=1;
else if (strcmp(*argv,"-a") == 0)
base64=1;
else if (strcmp(*argv,"-base64") == 0)
LN_bf_ecb, LN_bf_cbc,
LN_bf_cfb64, LN_bf_ofb64);
BIO_printf(bio_err," -%-4s (%s)\n","bf", LN_bf_cbc);
+#endif
+#ifndef NO_BLOWFISH
+ BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s",
+ LN_cast5_ecb, LN_cast5_cbc,
+ LN_cast5_cfb64, LN_cast5_ofb64);
+ BIO_printf(bio_err," -%-4s (%s)\n","cast", LN_cast5_cbc);
+#endif
+#ifndef NO_BLOWFISH
+ BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s",
+ LN_rc5_ecb, LN_rc5_cbc,
+ LN_rc5_cfb64, LN_rc5_ofb64);
+ BIO_printf(bio_err," -%-4s (%s)\n","rc5", LN_rc5_cbc);
#endif
goto end;
}
BIO_set_callback(b64,BIO_debug_callback);
BIO_set_callback_arg(b64,bio_err);
}
+ if (olb64)
+ BIO_set_flags(b64,BIO_FLAGS_BASE64_NO_NL);
if (enc)
wbio=BIO_push(b64,wbio);
else
/* apps/errstr.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
- BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
SSL_load_error_strings();
--- /dev/null
+2.99999.3 SET.ex3 SET x509v3 extension 3
+
foreach (
"base64",
- "des", "des3", "desx", "idea", "rc4", "rc2","bf",
+ "des", "des3", "desx", "idea", "rc4", "rc2","bf","cast","rc5",
"des-ecb", "des-ede", "des-ede3",
"des-cbc", "des-ede-cbc","des-ede3-cbc",
"des-cfb", "des-ede-cfb","des-ede3-cfb",
"des-ofb", "des-ede-ofb","des-ede3-ofb",
"idea-cbc","idea-ecb", "idea-cfb", "idea-ofb",
"rc2-cbc", "rc2-ecb", "rc2-cfb", "rc2-ofb",
- "bf-cbc", "bf-ecb", "bf-cfb", "bf-ofb")
+ "bf-cbc", "bf-ecb", "bf-cfb", "bf-ofb",
+ "cast5-cbc","cast5-ecb", "cast5-cfb","cast5-ofb",
+ "cast-cbc", "rc5-cbc", "rc5-ecb", "rc5-cfb", "rc5-ofb")
{
push(@files,$_);
elsif ($_ =~ /rc4/) { $t="#ifndef NO_RC4\n${t}#endif\n"; }
elsif ($_ =~ /rc2/) { $t="#ifndef NO_RC2\n${t}#endif\n"; }
elsif ($_ =~ /bf/) { $t="#ifndef NO_BLOWFISH\n${t}#endif\n"; }
+ elsif ($_ =~ /cast/) { $t="#ifndef NO_CAST\n${t}#endif\n"; }
+ elsif ($_ =~ /rc5/) { $t="#ifndef NO_RC5\n${t}#endif\n"; }
print $t;
}
/* apps/gendh.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
#define PROG gendh_main
#ifndef NOPROTO
-static void MS_CALLBACK dh_cb(int p, int n);
+static void MS_CALLBACK dh_cb(int p, int n, char *arg);
static long dh_load_rand(char *names);
#else
static void MS_CALLBACK dh_cb();
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
- BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
argv++;
argc--;
BIO_printf(bio_err,"Generating DH parameters, %d bit long strong prime, generator of %d\n",num,g);
BIO_printf(bio_err,"This is going to take a long time\n");
- dh=DH_generate_parameters(num,g,dh_cb);
+ dh=DH_generate_parameters(num,g,dh_cb,(char *)bio_err);
if (dh == NULL) goto end;
EXIT(ret);
}
-static void MS_CALLBACK dh_cb(p, n)
+static void MS_CALLBACK dh_cb(p,n,arg)
int p;
int n;
+char *arg;
{
char c='*';
if (p == 1) c='+';
if (p == 2) c='*';
if (p == 3) c='\n';
- BIO_write(bio_err,&c,1);
- BIO_flush(bio_err);
+ BIO_write((BIO *)arg,&c,1);
+ BIO_flush((BIO *)arg);
#ifdef LINT
p=n;
#endif
/* apps/gendsa.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
- BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
argv++;
argc--;
}
in=BIO_new(BIO_s_file());
- if (!(BIO_read_filename(in,"r")))
+ if (!(BIO_read_filename(in,"dsaparams")))
{
perror(dsaparams);
goto end;
/* apps/genrsa.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
#define PROG genrsa_main
#ifndef NOPROTO
-static void MS_CALLBACK genrsa_cb(int p, int n);
+static void MS_CALLBACK genrsa_cb(int p, int n, char *arg);
static long gr_load_rand(char *names);
#else
static void MS_CALLBACK genrsa_cb();
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
- BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
if ((out=BIO_new(BIO_s_file())) == NULL)
{
BIO_printf(bio_err,"unable to creat BIO for output\n");
BIO_printf(bio_err,"Generating RSA private key, %d bit long modulus\n",
num);
- rsa=RSA_generate_key(num,f4,genrsa_cb);
+ rsa=RSA_generate_key(num,f4,genrsa_cb,(char *)bio_err);
if (randfile == NULL)
BIO_printf(bio_err,"unable to write 'random state'\n");
EXIT(ret);
}
-static void MS_CALLBACK genrsa_cb(p, n)
+static void MS_CALLBACK genrsa_cb(p, n, arg)
int p;
int n;
+char *arg;
{
char c='*';
if (p == 1) c='+';
if (p == 2) c='*';
if (p == 3) c='\n';
- BIO_write(bio_err,&c,1);
- BIO_flush(bio_err);
+ BIO_write((BIO *)arg,&c,1);
+ BIO_flush((BIO *)arg);
#ifdef LINT
p=n;
#endif
#!/bin/sh
-for i in verify asn1parse req dgst dh enc gendh gendsa errstr ca crl rsa dsa dsaparam x509 genrsa s_server s_client speed s_time version pkcs7 crl2pkcs7 sess_id ciphers md2 md5 sha sha1 mdc2 base64 des des3 desx idea rc4 rc2 bf des-ecb des-ede des-ede3 des-cbc des-ede-cbc des-ede3-cbc des-cfb des-ede-cfb des-ede3-cfb des-ofb des-ede-ofb des-ede3-ofb idea-cbc idea-ecb idea-cfb idea-ofb rc2-cbc rc2-ecb rc2-cfb rc2-ofb bf-cbc bf-ecb bf-cfb bf-ofb
+for i in verify asn1parse req dgst dh enc gendh errstr ca crl rsa dsa dsaparam x509 genrsa s_server s_client speed s_time version pkcs7 crl2pkcs7 sess_id ciphers md2 md5 sha sha1 mdc2 base64 des des3 desx idea rc4 rc2 bf cast rc5 des-ecb des-ede des-ede3 des-cbc des-ede-cbc des-ede3-cbc des-cfb des-ede-cfb des-ede3-cfb des-ofb des-ede-ofb des-ede3-ofb idea-cbc idea-ecb idea-cfb idea-ofb rc2-cbc rc2-ecb rc2-cfb rc2-ofb bf-cbc bf-ecb bf-cfb bf-ofb cast5-cbc cast5-ecb cast5-cfb cast5-ofb cast-cbc rc5-cbc rc5-ecb rc5-cfb rc5-ofb
do
echo making symlink for $i
/bin/rm -f $i
/* apps/ssleay.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* [including the GNU Public Licence.]
*/
-#define DEBUG
+#ifndef DEBUG
+#undef DEBUG
+#endif
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
-#ifdef WIN16
-#define APPS_WIN16
-#endif
#include "bio.h"
#include "crypto.h"
#include "lhash.h"
#include "s_apps.h"
#include "err.h"
+/*
+#ifdef WINDOWS
+#include "bss_file.c"
+#endif
+*/
#ifndef NOPROTO
static unsigned long MS_CALLBACK hash(FUNCTION *a);
static int MS_CALLBACK cmp(FUNCTION *a,FUNCTION *b);
static LHASH *prog_init(void );
static int do_cmd(LHASH *prog,int argc,char *argv[]);
-static void sig_stop(int i);
#else
static unsigned long MS_CALLBACK hash();
static int MS_CALLBACK cmp();
static LHASH *prog_init();
static int do_cmd();
-static void sig_stop();
#endif
LHASH *config=NULL;
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
- BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
}
if (ret != 0)
BIO_printf(bio_err,"error in %s\n",argv[0]);
+ BIO_flush(bio_err);
}
BIO_printf(bio_err,"bad exit\n");
ret=1;
/* apps/pem_mail.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
/* apps/pkcs7.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
{
PKCS7 *p7=NULL;
int i,badops=0;
+#if !defined(NO_DES) || !defined(NO_IDEA)
EVP_CIPHER *enc=NULL;
+#endif
BIO *in=NULL,*out=NULL;
int informat,outformat;
char *infile,*outfile,*prog,buf[256];
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
- BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
infile=NULL;
outfile=NULL;
-----BEGIN DSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
-DEK-Info: DES-EDE3-CBC,2221AF3DAA41AB24
+DEK-Info: DES-EDE3-CBC,1BF8E9CE60B9941C
-IOx3ubYOV2SETDSWiuG4bsioEl7jA2CulYKAJvIfy8z5GI+08NwptNOUqbMhDV1s
-156KhUvBvG48uz9mxcOyHjZRD0HNixGNMXDaFJSajINFoGtmYZRc20DEoY6buzsi
-E76GK95cJHsjJsdNrdggIJRTaiLayLzsMFVDrKhmaJVTKlBpcdnFM4BEKSyD2H5N
-OllrfK6GgmlH+WVXU9AlXoy5Jm0YXT7i5bPCB5eDDL/GkTISFHZsnEYpHCrMARsw
-5V15dYEwFc6NA/psBGk1qS2CHVIOYNcfCfndR90+UCos+rMBkcQDfvxI95+L8dbS
-ONJJrUqiCHV/zYSE+aXZN001mJJLvHOW65YbgdwSOfiowcv7HPbFrGdwOOJvSEx2
-d571YvqfsaDojwR5KLgfFDSwVBwzo/mfcFeVrT9Q8LwPL4/dwwoElWTmYbSaW0uZ
-Ov73xRUbVGa5LTJoGbFVMvjpmEO2qtBsx7vq9AT8v8gDzYSuEafyC7d0h85EIfTJ
-wPlIN3xKTiqFpp/eFCkdKqNn826NoC1TgQuoCBIrJ8gZsIr1l8R+iAuGxKGPASoF
-cyqnpcqGgaaTrxnk9cX4dQ==
+JuhgIvVRrxCRedTTC9ABlIByMsq6IcpqyDZwOPS4rxTtVWvjj1BMHtoCebK7CKMZ
+dLsvztfSkdAYmTGK62C73RwlmnMxB4JXhTLaoAX2eL9iylojTWRg+/0Y4rbIKmUe
+hrmwrHld7vnfE9XHL8OoaFp6aJ8BB9B8HIfdJMnrNcTWJSGS6gYPTWPdm7ZCykEV
+2fFEX6IqWjBjaRm36Esj5mHLRVhBbi2n/jy5IhZeqjEsQ8adYGUulzPSe5xc2JZa
++OO4ch/RRqWTFP59eNPfdke3UE7uNlUhPnYDAOXhSdMJBzI+T9RQXU2y/tMOrYYK
+3+jNQcQ9q1Xy1s5dz/BOvw==
-----END DSA PRIVATE KEY-----
extern int dh_main(int argc,char *argv[]);
extern int enc_main(int argc,char *argv[]);
extern int gendh_main(int argc,char *argv[]);
-extern int gendsa_main(int argc,char *argv[]);
extern int errstr_main(int argc,char *argv[]);
extern int ca_main(int argc,char *argv[]);
extern int crl_main(int argc,char *argv[]);
extern int dh_main();
extern int enc_main();
extern int gendh_main();
-extern int gendsa_main();
extern int errstr_main();
extern int ca_main();
extern int crl_main();
{FUNC_TYPE_GENERAL,"enc",enc_main},
#ifndef NO_DH
{FUNC_TYPE_GENERAL,"gendh",gendh_main},
-#endif
-#ifndef NO_DSA
- {FUNC_TYPE_GENERAL,"gendsa",gendsa_main},
#endif
{FUNC_TYPE_GENERAL,"errstr",errstr_main},
#ifndef NO_RSA
#ifndef NO_BLOWFISH
{FUNC_TYPE_CIPHER,"bf",enc_main},
#endif
+#ifndef NO_CAST
+ {FUNC_TYPE_CIPHER,"cast",enc_main},
+#endif
+#ifndef NO_RC5
+ {FUNC_TYPE_CIPHER,"rc5",enc_main},
+#endif
#ifndef NO_DES
{FUNC_TYPE_CIPHER,"des-ecb",enc_main},
#endif
#endif
#ifndef NO_BLOWFISH
{FUNC_TYPE_CIPHER,"bf-ofb",enc_main},
+#endif
+#ifndef NO_CAST
+ {FUNC_TYPE_CIPHER,"cast5-cbc",enc_main},
+#endif
+#ifndef NO_CAST
+ {FUNC_TYPE_CIPHER,"cast5-ecb",enc_main},
+#endif
+#ifndef NO_CAST
+ {FUNC_TYPE_CIPHER,"cast5-cfb",enc_main},
+#endif
+#ifndef NO_CAST
+ {FUNC_TYPE_CIPHER,"cast5-ofb",enc_main},
+#endif
+#ifndef NO_CAST
+ {FUNC_TYPE_CIPHER,"cast-cbc",enc_main},
+#endif
+#ifndef NO_RC5
+ {FUNC_TYPE_CIPHER,"rc5-cbc",enc_main},
+#endif
+#ifndef NO_RC5
+ {FUNC_TYPE_CIPHER,"rc5-ecb",enc_main},
+#endif
+#ifndef NO_RC5
+ {FUNC_TYPE_CIPHER,"rc5-cfb",enc_main},
+#endif
+#ifndef NO_RC5
+ {FUNC_TYPE_CIPHER,"rc5-ofb",enc_main},
#endif
{0,NULL,NULL}
};
foreach (
"base64",
- "des", "des3", "desx", "idea", "rc4", "rc2","bf",
+ "des", "des3", "desx", "idea", "rc4", "rc2","bf","cast","rc5",
"des-ecb", "des-ede", "des-ede3",
"des-cbc", "des-ede-cbc","des-ede3-cbc",
"des-cfb", "des-ede-cfb","des-ede3-cfb",
"des-ofb", "des-ede-ofb","des-ede3-ofb",
"idea-cbc","idea-ecb", "idea-cfb", "idea-ofb",
"rc2-cbc", "rc2-ecb", "rc2-cfb", "rc2-ofb",
- "bf-cbc", "bf-ecb", "bf-cfb", "bf-ofb")
+ "bf-cbc", "bf-ecb", "bf-cfb", "bf-ofb",
+ "cast5-cbc","cast5-ecb", "cast5-cfb","cast5-ofb",
+ "cast-cbc", "rc5-cbc", "rc5-ecb", "rc5-cfb", "rc5-ofb")
{
push(@files,$_);
elsif ($_ =~ /rc4/) { $t="#ifndef NO_RC4\n${t}#endif\n"; }
elsif ($_ =~ /rc2/) { $t="#ifndef NO_RC2\n${t}#endif\n"; }
elsif ($_ =~ /bf/) { $t="#ifndef NO_BLOWFISH\n${t}#endif\n"; }
+ elsif ($_ =~ /cast/) { $t="#ifndef NO_CAST\n${t}#endif\n"; }
+ elsif ($_ =~ /rc5/) { $t="#ifndef NO_RC5\n${t}#endif\n"; }
print $t;
}
/* apps/req.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
#include <stdlib.h>
#include <time.h>
#include <string.h>
-#ifdef WIN16
+#ifdef NO_STDIO
#define APPS_WIN16
#endif
#include "apps.h"
char *value, int nid,int min,int max);
static int add_DN_object(X509_NAME *n, char *text, char *def, char *value,
int nid,int min,int max);
-static void MS_CALLBACK req_cb(int p,int n);
+static void MS_CALLBACK req_cb(int p,int n,char *arg);
static int req_fix_data(int nid,int *type,int len,int min,int max);
#else
static int make_REQ();
int argc;
char **argv;
{
+#ifndef NO_DSA
DSA *dsa_params=NULL;
+#endif
int ex=1,x509=0,days=30;
X509 *x509ss=NULL;
X509_REQ *req=NULL;
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
- BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
infile=NULL;
outfile=NULL;
p+=4;
newkey= atoi(p);
}
- else if (strncmp("dsa:",p,4) == 0)
+ else
+#ifndef NO_DSA
+ if (strncmp("dsa:",p,4) == 0)
{
X509 *xtmp=NULL;
EVP_PKEY *dtmp;
BIO_printf(bio_err,"unable to load DSA parameters from file\n");
goto end;
}
+
+ /* This will 'disapear'
+ * when we free xtmp */
dtmp=X509_get_pubkey(xtmp);
if (dtmp->type == EVP_PKEY_DSA)
dsa_params=DSAparams_dup(dtmp->pkey.dsa);
BIO_printf(bio_err,"Certificate does not contain DSA parameters\n");
goto end;
}
-
}
BIO_free(in);
newkey=BN_num_bits(dsa_params->p);
in=NULL;
}
- else if (strncmp("dh:",p,4) == 0)
+ else
+#endif
+#ifndef NO_DH
+ if (strncmp("dh:",p,4) == 0)
{
pkey_type=TYPE_DH;
p+=3;
}
else
+#endif
pkey_type=TYPE_RSA;
newreq=1;
if (pkey_type == TYPE_RSA)
{
if (!EVP_PKEY_assign_RSA(pkey,
- RSA_generate_key(newkey,0x10001,req_cb)))
+ RSA_generate_key(newkey,0x10001,
+ req_cb,(char *)bio_err)))
goto end;
}
else
if (newreq || x509)
{
+#ifndef NO_DSA
if (pkey->type == EVP_PKEY_DSA)
digest=EVP_dss1();
+#endif
if (pkey == NULL)
{
if (pkey != NULL) EVP_PKEY_free(pkey);
if (req != NULL) X509_REQ_free(req);
if (x509ss != NULL) X509_free(x509ss);
+#ifndef NO_DSA
if (dsa_params != NULL) DSA_free(dsa_params);
+#endif
EXIT(ex);
}
int attribs;
{
int ret=0,i,j;
- unsigned char *p;
+ unsigned char *p,*q;
X509_REQ_INFO *ri;
char buf[100];
int nid,min,max;
if ((int)sk_num(sk) <= i) break;
v=(CONF_VALUE *)sk_value(sk,i);
- p=NULL;
+ p=q=NULL;
type=v->name;
+ /* Allow for raw OIDs */
+ /* [n.mm.ooo.ppp] */
for (j=0; type[j] != '\0'; j++)
{
if ( (type[j] == ':') ||
(type[j] == ',') ||
(type[j] == '.'))
- p= (unsigned char *)&(type[j+1]);
+ p=(unsigned char *)&(type[j+1]);
+ if (type[j] == '[')
+ {
+ p=(unsigned char *)&(type[j+1]);
+ for (j++; type[j] != '\0'; j++)
+ if (type[j] == ']')
+ {
+ q=(unsigned char *)&(type[j]);
+ break;
+ }
+ break;
+ }
}
if (p != NULL)
type=(char *)p;
if ((nid=OBJ_txt2nid(type)) == NID_undef)
- goto start;
+ {
+ /* Add a new one if possible */
+ if ((p != NULL) && (q != NULL) && (*q == ']'))
+ {
+ *q='\0';
+ nid=OBJ_create((char *)p,NULL,NULL);
+ *q=']';
+ if (nid == NID_undef) goto start;
+ }
+ else
+ goto start;
+ }
sprintf(buf,"%s_default",v->name);
if ((def=CONF_get_string(req_conf,tmp,buf)) == NULL)
return(0);
}
-static void MS_CALLBACK req_cb(p, n)
+static void MS_CALLBACK req_cb(p,n,arg)
int p;
int n;
+char *arg;
{
char c='*';
if (p == 1) c='+';
if (p == 2) c='*';
if (p == 3) c='\n';
- BIO_write(bio_err,&c,1);
- BIO_flush(bio_err);
+ BIO_write((BIO *)arg,&c,1);
+ BIO_flush((BIO *)arg);
#ifdef LINT
p=n;
#endif
--- /dev/null
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBlzCCAVcCAQAwXjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
+ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEXMBUGA1UEAxMORXJp
+YyB0aGUgWW91bmcwge8wgaYGBSsOAwIMMIGcAkEA+ZiKEvZmc9MtnaFZh4NiZ3oZ
+S4J1PHvPrm9MXj5ntVheDPkdmBDTncyaGAJcMjwsyB/GvLDGd6yGCw/8eF+09wIV
+AK3VagOxGd/Q4Af5NbxR5FB7CXEjAkA2t/q7HgVLi0KeKvcDG8BRl3wuy7bCvpjg
+tWiJc/tpvcuzeuAayH89UofjAGueKjXDADiRffvSdhrNw5dkqdqlA0QAAkEAtUSo
+84OekjitKGVjxLu0HvXck29pu+foad53vPKXAsuJdACj88BPqZ91Y9PIJf1GUh38
+CuiHWi7z3cEDfZCyCKAAMAkGBSsOAwIbBQADLwAwLAIUTg8amKVBE9oqC5B75dDQ
+Chy3LdQCFHKodGEj3LjuTzdm/RTe2KZL9Uzf
+-----END CERTIFICATE REQUEST-----
#!/bin/sh
-for i in verify asn1parse req dgst dh enc gendh gendsa errstr ca crl rsa dsa dsaparam x509 genrsa s_server s_client speed s_time version pkcs7 crl2pkcs7 sess_id ciphers md2 md5 sha sha1 mdc2 base64 des des3 desx idea rc4 rc2 bf des-ecb des-ede des-ede3 des-cbc des-ede-cbc des-ede3-cbc des-cfb des-ede-cfb des-ede3-cfb des-ofb des-ede-ofb des-ede3-ofb idea-cbc idea-ecb idea-cfb idea-ofb rc2-cbc rc2-ecb rc2-cfb rc2-ofb bf-cbc bf-ecb bf-cfb bf-ofb
+for i in verify asn1parse req dgst dh enc gendh errstr ca crl rsa dsa dsaparam x509 genrsa s_server s_client speed s_time version pkcs7 crl2pkcs7 sess_id ciphers md2 md5 sha sha1 mdc2 base64 des des3 desx idea rc4 rc2 bf cast rc5 des-ecb des-ede des-ede3 des-cbc des-ede-cbc des-ede3-cbc des-cfb des-ede-cfb des-ede3-cfb des-ofb des-ede-ofb des-ede3-ofb idea-cbc idea-ecb idea-cfb idea-ofb rc2-cbc rc2-ecb rc2-cfb rc2-ofb bf-cbc bf-ecb bf-cfb bf-ofb cast5-cbc cast5-ecb cast5-cfb cast5-ofb cast-cbc rc5-cbc rc5-ecb rc5-cfb rc5-ofb
do
echo removing $i
/bin/rm -f $i
/* apps/rsa.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
- BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
infile=NULL;
outfile=NULL;
/* apps/s_apps.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
int nbio_sock_error(int sock);
int spawn(int argc, char **argv, int *in, int *out);
int init_server(int *sock, int port);
+int init_server_long(int *sock, int port,char *ip);
int should_retry(int i);
-int sock_err(void );
-int socket_ioctl(int, long,unsigned long *);
void sock_cleanup(void );
int extract_port(char *str, short *port_ptr);
int extract_host_port(char *str,char **host_ptr,unsigned char *ip,short *p);
int spawn();
int init_server();
int should_retry();
-int sock_err();
-int socket_ioctl();
void sock_cleanup();
int extract_port();
int extract_host_port();
/* apps/s_cb.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
int verify_depth=0;
int verify_error=X509_V_OK;
-/* should be X509 * but we can just have them as char *. */
int MS_CALLBACK verify_callback(ok, ctx)
int ok;
X509_STORE_CTX *ctx;
if (SSL_CTX_use_certificate_file(ctx,cert_file,
SSL_FILETYPE_PEM) <= 0)
{
- BIO_printf(bio_err,"unable to set certificate file\n");
+ BIO_printf(bio_err,"unable to get certificate from '%s'\n",cert_file);
ERR_print_errors(bio_err);
return(0);
}
if (SSL_CTX_use_PrivateKey_file(ctx,key_file,
SSL_FILETYPE_PEM) <= 0)
{
- BIO_printf(bio_err,"unable to set public key file\n");
+ BIO_printf(bio_err,"unable to get private key from '%s'\n",key_file);
ERR_print_errors(bio_err);
return(0);
}
/* apps/s_client.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
#include <stdlib.h>
#include <string.h>
#define USE_SOCKETS
-#ifdef WIN16
+#ifdef NO_STDIO
#define APPS_WIN16
#endif
#include "apps.h"
BIO_printf(bio_err," -quiet - no s_client output\n");
BIO_printf(bio_err," -ssl2 - just use SSLv2\n");
BIO_printf(bio_err," -ssl3 - just use SSLv3\n");
+ BIO_printf(bio_err," -tls1 - just use TLSv1\n");
+ BIO_printf(bio_err," -no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n");
BIO_printf(bio_err," -bugs - Switch on all SSL implementation bug workarounds\n");
BIO_printf(bio_err," -cipher - prefered cipher to use, use the 'ssleay ciphers'\n");
BIO_printf(bio_err," command to se what is available\n");
int argc;
char **argv;
{
+ int off=0;
SSL *con=NULL,*con2=NULL;
int s,k,width,state=0;
char *cbuf=NULL,*sbuf=NULL;
#endif
apps_startup();
+ c_Pause=0;
c_quiet=0;
c_debug=0;
#ifndef NO_SSL3
else if (strcmp(*argv,"-ssl3") == 0)
meth=SSLv3_client_method();
+#endif
+#ifndef NO_TLS1
+ else if (strcmp(*argv,"-tls1") == 0)
+ meth=TLSv1_client_method();
#endif
else if (strcmp(*argv,"-bugs") == 0)
bugs=1;
if (--argc < 1) goto bad;
CAfile= *(++argv);
}
+ else if (strcmp(*argv,"-no_tls1") == 0)
+ off|=SSL_OP_NO_TLSv1;
+ else if (strcmp(*argv,"-no_ssl3") == 0)
+ off|=SSL_OP_NO_SSLv3;
+ else if (strcmp(*argv,"-no_ssl2") == 0)
+ off|=SSL_OP_NO_SSLv2;
else if (strcmp(*argv,"-cipher") == 0)
{
if (--argc < 1) goto bad;
goto end;
}
- if (bugs) SSL_CTX_set_options(ctx,SSL_OP_ALL);
+ if (bugs)
+ SSL_CTX_set_options(ctx,SSL_OP_ALL|off);
+ else
+ SSL_CTX_set_options(ctx,off);
if (state) SSL_CTX_set_info_callback(ctx,apps_ssl_info_callback);
if (cipher != NULL)
if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) ||
(!SSL_CTX_set_default_verify_paths(ctx)))
{
- BIO_printf(bio_err,"error seting default verify locations\n");
+ /* BIO_printf(bio_err,"error seting default verify locations\n"); */
ERR_print_errors(bio_err);
- goto end;
+ /* goto end; */
}
SSL_load_error_strings();
con=(SSL *)SSL_new(ctx);
+/* SSL_set_cipher_list(con,"RC4-MD5"); */
re_start:
if (init_client(&s,host,port) == 0)
{
- BIO_printf(bio_err,"connect:errno=%d\n",errno);
+ BIO_printf(bio_err,"connect:errno=%d\n",get_last_socket_error());
SHUTDOWN(s);
goto end;
}
{
unsigned long l=1;
BIO_printf(bio_c_out,"turning on non blocking io\n");
- socket_ioctl(s,FIONBIO,&l);
+ if (BIO_socket_ioctl(s,FIONBIO,&l) < 0)
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
}
#endif
if (c_Pause & 0x01) con->debug=1;
FD_ZERO(&readfds);
FD_ZERO(&writefds);
- if (SSL_in_init(con))
+ if (SSL_in_init(con) && !SSL_total_renegotiations(con))
{
in_init=1;
tty_on=0;
/* printf("mode tty(%d %d%d) ssl(%d%d)\n",
tty_on,read_tty,write_tty,read_ssl,write_ssl);*/
-/* printf("pending=%d\n",SSL_pending(con)); */
i=select(width,&readfds,&writefds,NULL,NULL);
if ( i < 0)
{
- BIO_printf(bio_err,"bad select %d\n",sock_err());
+ BIO_printf(bio_err,"bad select %d\n",
+ get_last_socket_error());
goto shut;
/* goto end; */
}
if ((k != 0) || (cbuf_len != 0))
{
BIO_printf(bio_err,"write:errno=%d\n",
- errno);
+ get_last_socket_error());
goto shut;
}
else
#endif
else if (FD_ISSET(SSL_get_fd(con),&readfds))
{
- k=SSL_read(con,sbuf,BUFSIZZ);
+#ifdef RENEG
+{ static int iiii; if (++iiii == 52) { SSL_renegotiate(con); iiii=0; } }
+#endif
+ k=SSL_read(con,sbuf,1024 /* BUFSIZZ */ );
switch (SSL_get_error(con,k))
{
BIO_printf(bio_c_out,"read X BLOCK\n");
break;
case SSL_ERROR_SYSCALL:
- BIO_printf(bio_err,"read:errno=%d\n",errno);
+ BIO_printf(bio_err,"read:errno=%d\n",get_last_socket_error());
goto shut;
case SSL_ERROR_ZERO_RETURN:
BIO_printf(bio_c_out,"closed\n");
SSL *s;
int full;
{
- X509 *peer;
+ X509 *peer=NULL;
char *p;
static char *space=" ";
char buf[BUFSIZ];
X509_NAME_oneline(X509_get_issuer_name(peer),
buf,BUFSIZ);
BIO_printf(bio,"issuer=%s\n",buf);
- X509_free(peer);
}
else
BIO_printf(bio,"no peer certificate available\n");
{
if (*p == ':')
{
- BIO_write(bio,space,15-j);
+ BIO_write(bio,space,15-j%25);
i++;
j=0;
BIO_write(bio,((i%3)?" ":"\n"),1);
BIO_printf(bio,"%s, Cipher is %s\n",
SSL_CIPHER_get_version(c),
SSL_CIPHER_get_name(c));
+ if (peer != NULL)
+ BIO_printf(bio,"Server public key is %d bit\n",
+ EVP_PKEY_bits(X509_get_pubkey(peer)));
SSL_SESSION_print(bio,SSL_get_session(s));
BIO_printf(bio,"---\n");
+ if (peer != NULL)
+ X509_free(peer);
}
/* apps/s_server.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
#include <string.h>
#include <sys/types.h>
#include <sys/stat.h>
-#ifdef WIN16
+#ifdef NO_STDIO
#define APPS_WIN16
#endif
#include "lhash.h"
static void sv_usage(void);
static int init_ssl_connection(SSL *s);
static void print_stats(BIO *bp,SSL_CTX *ctx);
+#ifndef NO_DH
static DH *load_dh_param(void );
static DH *get_dh512(void);
+#endif
+/* static void s_server_init(void);*/
#else
static RSA MS_CALLBACK *tmp_rsa_cb();
static int sv_body();
static void sv_usage();
static int init_ssl_connection();
static void print_stats();
+#ifndef NO_DH
static DH *load_dh_param();
static DH *get_dh512();
#endif
+/* static void s_server_init(); */
+#endif
#ifndef S_ISDIR
#define S_ISDIR(a) (((a) & _S_IFMT) == _S_IFDIR)
#endif
+#ifndef NO_DH
static unsigned char dh512_p[]={
0xDA,0x58,0x3C,0x16,0xD9,0x85,0x22,0x89,0xD0,0xE4,0xAF,0x75,
0x6F,0x4C,0xCA,0x92,0xDD,0x4B,0xE5,0x33,0xB8,0x04,0xFB,0x0F,
{
DH *dh=NULL;
-#ifndef NO_DH
if ((dh=DH_new()) == NULL) return(NULL);
dh->p=BN_bin2bn(dh512_p,sizeof(dh512_p),NULL);
dh->g=BN_bin2bn(dh512_g,sizeof(dh512_g),NULL);
if ((dh->p == NULL) || (dh->g == NULL))
return(NULL);
-#endif
return(dh);
}
+#endif
/* static int load_CA(SSL_CTX *ctx, char *file);*/
extern int verify_depth;
static char *cipher=NULL;
-int verify=SSL_VERIFY_NONE;
-char *s_cert_file=TEST_CERT,*s_key_file=NULL;
+static int s_server_verify=SSL_VERIFY_NONE;
+static char *s_cert_file=TEST_CERT,*s_key_file=NULL;
+static char *s_dcert_file=NULL,*s_dkey_file=NULL;
#ifdef FIONBIO
static int s_nbio=0;
#endif
static int s_debug=0;
static int s_quiet=0;
+#if 0
+static void s_server_init()
+ {
+ cipher=NULL;
+ s_server_verify=SSL_VERIFY_NONE;
+ s_dcert_file=NULL;
+ s_dkey_file=NULL;
+ s_cert_file=TEST_CERT;
+ s_key_file=NULL;
+#ifdef FIONBIO
+ s_nbio=0;
+#endif
+ s_nbio_test=0;
+ ctx=NULL;
+ www=0;
+
+ bio_s_out=NULL;
+ s_debug=0;
+ s_quiet=0;
+ }
+#endif
+
static void sv_usage()
{
BIO_printf(bio_err,"usage: s_server [args ...]\n");
BIO_printf(bio_err,"\n");
- BIO_printf(bio_err," -accpet arg - port to accept on (default is %d\n",PORT);
+ BIO_printf(bio_err," -accept arg - port to accept on (default is %d\n",PORT);
BIO_printf(bio_err," -verify arg - turn on peer certificate verification\n");
BIO_printf(bio_err," -Verify arg - turn on peer certificate verification, must have a cert.\n");
BIO_printf(bio_err," -cert arg - certificate file to use, PEM format assumed\n");
BIO_printf(bio_err," -no_tmp_rsa - Do not generate a tmp RSA key\n");
BIO_printf(bio_err," -ssl2 - Just talk SSLv2\n");
BIO_printf(bio_err," -ssl3 - Just talk SSLv3\n");
+ BIO_printf(bio_err," -tls1 - Just talk TLSv1\n");
+ BIO_printf(bio_err," -no_ssl2 - Just disable SSLv2\n");
+ BIO_printf(bio_err," -no_ssl3 - Just disable SSLv3\n");
+ BIO_printf(bio_err," -no_tls1 - Just disable TLSv1\n");
BIO_printf(bio_err," -bugs - Turn on SSL bug compatability\n");
BIO_printf(bio_err," -www - Respond to a 'GET /' with a status page\n");
BIO_printf(bio_err," -WWW - Returns requested page from to a 'GET <path> HTTP/1.0'\n");
}
-static int local_argc;
+static int local_argc=0;
static char **local_argv;
-static int hack;
+static int hack=0;
int MAIN(argc, argv)
int argc;
char *CApath=NULL,*CAfile=NULL;
int badop=0,bugs=0;
int ret=1;
+ int off=0;
int no_tmp_rsa=0,nocert=0;
int state=0;
SSL_METHOD *meth=NULL;
+#ifndef NO_DH
DH *dh=NULL;
+#endif
#if !defined(NO_SSL2) && !defined(NO_SSL3)
meth=SSLv23_server_method();
}
else if (strcmp(*argv,"-verify") == 0)
{
- verify=SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE;
+ s_server_verify=SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE;
if (--argc < 1) goto bad;
verify_depth=atoi(*(++argv));
BIO_printf(bio_err,"verify depth is %d\n",verify_depth);
}
else if (strcmp(*argv,"-Verify") == 0)
{
- verify=SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT|
+ s_server_verify=SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT|
SSL_VERIFY_CLIENT_ONCE;
if (--argc < 1) goto bad;
verify_depth=atoi(*(++argv));
if (--argc < 1) goto bad;
s_key_file= *(++argv);
}
+ else if (strcmp(*argv,"-dcert") == 0)
+ {
+ if (--argc < 1) goto bad;
+ s_dcert_file= *(++argv);
+ }
+ else if (strcmp(*argv,"-dkey") == 0)
+ {
+ if (--argc < 1) goto bad;
+ s_dkey_file= *(++argv);
+ }
else if (strcmp(*argv,"-nocert") == 0)
{
nocert=1;
{ www=1; }
else if (strcmp(*argv,"-WWW") == 0)
{ www=2; }
+ else if (strcmp(*argv,"-no_ssl2") == 0)
+ { off|=SSL_OP_NO_SSLv2; }
+ else if (strcmp(*argv,"-no_ssl3") == 0)
+ { off|=SSL_OP_NO_SSLv3; }
+ else if (strcmp(*argv,"-no_tls1") == 0)
+ { off|=SSL_OP_NO_TLSv1; }
#ifndef NO_SSL2
else if (strcmp(*argv,"-ssl2") == 0)
{ meth=SSLv2_server_method(); }
#ifndef NO_SSL3
else if (strcmp(*argv,"-ssl3") == 0)
{ meth=SSLv3_server_method(); }
+#endif
+#ifndef NO_TLS1
+ else if (strcmp(*argv,"-tls1") == 0)
+ { meth=TLSv1_server_method(); }
#endif
else
{
{
s_cert_file=NULL;
s_key_file=NULL;
+ s_dcert_file=NULL;
+ s_dkey_file=NULL;
}
SSL_load_error_strings();
goto end;
}
+ SSL_CTX_set_quiet_shutdown(ctx,1);
if (bugs) SSL_CTX_set_options(ctx,SSL_OP_ALL);
if (hack) SSL_CTX_set_options(ctx,SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG);
+ SSL_CTX_set_options(ctx,off);
if (hack) SSL_CTX_set_options(ctx,SSL_OP_NON_EXPORT_FIRST);
if (state) SSL_CTX_set_info_callback(ctx,apps_ssl_info_callback);
+ SSL_CTX_sess_set_cache_size(ctx,128);
+
#if 0
if (cipher == NULL) cipher=getenv("SSL_CIPHER");
#endif
if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) ||
(!SSL_CTX_set_default_verify_paths(ctx)))
{
- BIO_printf(bio_err,"X509_load_verify_locations\n");
+ /* BIO_printf(bio_err,"X509_load_verify_locations\n"); */
ERR_print_errors(bio_err);
- goto end;
+ /* goto end; */
}
#ifndef NO_DH
if (!set_cert_stuff(ctx,s_cert_file,s_key_file))
goto end;
+ if (s_dcert_file != NULL)
+ {
+ if (!set_cert_stuff(ctx,s_dcert_file,s_dkey_file))
+ goto end;
+ }
#if 1
SSL_CTX_set_tmp_rsa_callback(ctx,tmp_rsa_cb);
if (cipher != NULL)
SSL_CTX_set_cipher_list(ctx,cipher);
- SSL_CTX_set_verify(ctx,verify,verify_callback);
+ SSL_CTX_set_verify(ctx,s_server_verify,verify_callback);
SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(s_cert_file));
SSL_CTX_sess_number(ssl_ctx));
BIO_printf(bio,"%4d client connects (SSL_connect())\n",
SSL_CTX_sess_connect(ssl_ctx));
+ BIO_printf(bio,"%4d client renegotiates (SSL_connect())\n",
+ SSL_CTX_sess_connect_renegotiate(ssl_ctx));
BIO_printf(bio,"%4d client connects that finished\n",