obligation to set up the dynamic locking callbacks.)
[Sander Temme <sander@temme.net>]
- *) Update Configure code and WIN32 build scripts to support experimental
- code. This is surrounded by OPENSSL_EXPERIMENTAL_FOO and not compiled
- in by default. Using the configuration option "enable-experimental-foo"
- enables it. Use this option for JPAKE.
- [Steve Henson]
-
*) Use correct exit code if there is an error in dgst command.
[Steve Henson; problem pointed out by Roland Dirlewanger]
my $threads=0;
my $no_shared=0; # but "no-shared" is default
my $zlib=1; # but "no-zlib" is default
-my $jpake=1; # but "no-jpake" is default
my $no_krb5=0; # but "no-krb5" is implied unless "--with-krb5-..." is used
my $no_rfc3779=1; # but "no-rfc3779" is default
my $no_asm=0;
my %disabled = ( # "what" => "comment"
"gmp" => "default",
- #"experimental-jpake" => "default",
"mdc2" => "default",
"rc5" => "default",
"rfc3779" => "default",
{ $no_threads = 1; }
elsif (/^shared$/)
{ $no_shared = 1; }
- elsif (/^experimental-jpake$/)
- { $jpake = 0; push @skip, "jpake"}
elsif (/^zlib$/)
{ $zlib = 0; }
elsif (/^static-engine$/)
$openssl_thread_defines .= $thread_defines;
}
-if ($jpake)
- {
- $openssl_other_defines .= "#define OPENSSL_EXPERIMENTAL_JPAKE\n";
- }
-
if ($zlib)
{
$cflags = "-DZLIB $cflags";
#include <openssl/rsa.h>
#endif
#include <openssl/bn.h>
-#ifdef OPENSSL_EXPERIMENTAL_JPAKE
+#ifndef OPENSSL_NO_JPAKE
#include <openssl/jpake.h>
#endif
BIO_free(out);
}
-#if defined(OPENSSL_EXPERIMENTAL_JPAKE) && !defined(OPENSSL_NO_PSK)
+#if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK)
static JPAKE_CTX *jpake_init(const char *us, const char *them,
const char *secret)
int pkey_ctrl_string(EVP_PKEY_CTX *ctx, char *value);
int init_gen_str(BIO *err, EVP_PKEY_CTX **pctx,
const char *algname, ENGINE *e, int do_param);
-#ifdef OPENSSL_EXPERIMENTAL_JPAKE
+#ifndef OPENSSL_NO_PSK
extern char *psk_key;
+#endif
+#ifndef OPENSSL_NO_JPAKE
void jpake_client_auth(BIO *out, BIO *conn, const char *secret);
void jpake_server_auth(BIO *out, BIO *conn, const char *secret);
#endif
#ifndef OPENSSL_NO_PSK
BIO_printf(bio_err," -psk_identity arg - PSK identity\n");
BIO_printf(bio_err," -psk arg - PSK in hex (without 0x)\n");
-# ifdef OPENSSL_EXPERIMENTAL_JPAKE
+# ifndef OPENSSL_NO_JPAKE
BIO_printf(bio_err," -jpake arg - JPAKE secret to use\n");
# endif
#endif
int peerlen = sizeof(peer);
int enable_timeouts = 0 ;
long socket_mtu = 0;
-#ifdef OPENSSL_EXPERIMENTAL_JPAKE
+#ifndef OPENSSL_NO_JPAKE
char *jpake_secret = NULL;
#endif
/* meth=TLSv1_client_method(); */
}
#endif
-#ifdef OPENSSL_EXPERIMENTAL_JPAKE
+#ifndef OPENSSL_NO_JPAKE
else if (strcmp(*argv,"-jpake") == 0)
{
if (--argc < 1) goto bad;
goto end;
}
-#if defined(OPENSSL_EXPERIMENTAL_JPAKE) && !defined(OPENSSL_NO_PSK)
+#if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK)
if (jpake_secret)
{
if (psk_key)
#endif
#ifndef OPENSSL_NO_PSK
+#ifdef OPENSSL_NO_JPAKE
+ if (psk_key != NULL)
+#else
if (psk_key != NULL || jpake_secret)
+#endif
{
if (c_debug)
BIO_printf(bio_c_out, "PSK key given or JPAKE in use, setting client callback\n");
#endif
}
#endif
-#ifdef OPENSSL_EXPERIMENTAL_JPAKE
+#ifndef OPENSSL_NO_JPAKE
if (jpake_secret)
jpake_client_auth(bio_c_out, sbio, jpake_secret);
#endif
#ifndef OPENSSL_NO_PSK
BIO_printf(bio_err," -psk_hint arg - PSK identity hint to use\n");
BIO_printf(bio_err," -psk arg - PSK in hex (without 0x)\n");
-# ifdef OPENSSL_EXPERIMENTAL_JPAKE
+# ifndef OPENSSL_NO_JPAKE
BIO_printf(bio_err," -jpake arg - JPAKE secret to use\n");
# endif
#endif
int MAIN(int, char **);
-#ifdef OPENSSL_EXPERIMENTAL_JPAKE
+#ifndef OPENSSL_NO_JPAKE
static char *jpake_secret = NULL;
#endif
}
#endif
-#if defined(OPENSSL_EXPERIMENTAL_JPAKE) && !defined(OPENSSL_NO_PSK)
+#if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK)
else if (strcmp(*argv,"-jpake") == 0)
{
if (--argc < 1) goto bad;
goto end;
}
-#if defined(OPENSSL_EXPERIMENTAL_JPAKE) && !defined(OPENSSL_NO_PSK)
+#if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK)
if (jpake_secret)
{
if (psk_key)
#endif
#ifndef OPENSSL_NO_PSK
+#ifdef OPENSSL_NO_JPAKE
+ if (psk_key != NULL)
+#else
if (psk_key != NULL || jpake_secret)
+#endif
{
if (s_debug)
BIO_printf(bio_s_out, "PSK key given or JPAKE in use, setting server callback\n");
test=BIO_new(BIO_f_nbio_test());
sbio=BIO_push(test,sbio);
}
-#ifdef OPENSSL_EXPERIMENTAL_JPAKE
+#ifndef OPENSSL_NO_JPAKE
if(jpake_secret)
jpake_server_auth(bio_s_out, sbio, jpake_secret);
#endif
#ifndef OPENSSL_NO_CMS
#include <openssl/cms.h>
#endif
-#ifdef OPENSSL_EXPERIMENTAL_JPAKE
+#ifndef OPENSSL_NO_JPAKE
#include <openssl/jpake.h>
#endif
#ifndef OPENSSL_NO_CMS
ERR_load_CMS_strings();
#endif
-#ifdef OPENSSL_EXPERIMENTAL_JPAKE
+#ifndef OPENSSL_NO_JPAKE
ERR_load_JPAKE_strings();
#endif
#endif
#include <openssl/opensslconf.h>
+#ifdef OPENSSL_NO_JPAKE
+#error JPAKE is disabled.
+#endif
+
#ifdef __cplusplus
extern "C" {
#endif
-#ifndef OPENSSL_EXPERIMENTAL_JPAKE
+
+#include <openssl/opensslconf.h>
+#ifdef OPENSSL_NO_JPAKE
#include <stdio.h>
$cflags.=" -DOPENSSL_NO_ECDH" if $no_ecdh;
$cflags.=" -DOPENSSL_NO_ENGINE" if $no_engine;
$cflags.=" -DOPENSSL_NO_HW" if $no_hw;
-$cflags.=" -DOPENSSL_EXPERIMENTAL_JPAKE" if $jpake;
+$cflags.=" -DOPENSSL_NO_JPAKE" if $no_jpake;
$cflags.= " -DZLIB" if $zlib_opt;
$cflags.= " -DZLIB_SHARED" if $zlib_opt == 2;
return("") if $no_dh && $dir =~ /\/dh/;
return("") if $no_ec && $dir =~ /\/ec/;
return("") if $no_cms && $dir =~ /\/cms/;
- return("") if !$jpake && $dir =~ /\/jpake/;
+ return("") if $no_jpake && $dir =~ /\/jpake/;
if ($no_des && $dir =~ /\/des/)
{
if ($val =~ /read_pwd/)
"no-ssl3" => \$no_ssl3,
"no-tlsext" => \$no_tlsext,
"no-cms" => \$no_cms,
+ "no-jpake" => \$no_jpake,
"no-err" => \$no_err,
"no-sock" => \$no_sock,
"no-krb5" => \$no_krb5,
"no-shared" => 0,
"no-zlib" => 0,
"no-zlib-dynamic" => 0,
- "no-experimental-jpake" => 0,
- "enable-experimental-jpake" => \$jpake,
);
if (exists $valid_options{$_})
my $safe_stack_def = 0;
my @known_platforms = ( "__FreeBSD__", "PERL5", "NeXT",
- "EXPORT_VAR_AS_FUNCTION", "ZLIB",
- "OPENSSL_EXPERIMENTAL_JPAKE" );
+ "EXPORT_VAR_AS_FUNCTION", "ZLIB" );
my @known_ossl_platforms = ( "VMS", "WIN16", "WIN32", "WINNT", "OS2" );
my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",
"CAST", "MD2", "MD4", "MD5", "SHA", "SHA0", "SHA1",
"CMS",
# CryptoAPI Engine
"CAPIENG",
+ # JPAKE
+ "JPAKE",
# Deprecated functions
"DEPRECATED" );
my $no_ec; my $no_ecdsa; my $no_ecdh; my $no_engine; my $no_hw;
my $no_fp_api; my $no_static_engine=1; my $no_gmp; my $no_deprecated;
my $no_rfc3779; my $no_psk; my $no_tlsext; my $no_cms; my $no_capieng;
+my $no_jpake;
my $zlib;
$zlib = 1;
}
- if ($_ eq "enable-experimental-jpake") {
- $jpake = 1;
- }
-
$do_ssl=1 if $_ eq "ssleay";
if ($_ eq "ssl") {
$do_ssl=1;
elsif (/^no-tlsext$/) { $no_tlsext=1; }
elsif (/^no-cms$/) { $no_cms=1; }
elsif (/^no-capieng$/) { $no_capieng=1; }
+ elsif (/^no-jpake$/) { $no_jpake=1; }
}
$tag{$tag[$tag_i]}=2;
print STDERR "DEBUG: $file: chaged tag $1 = 2\n" if $debug;
}
- if ($tag[$tag_i] eq "OPENSSL_EXPERIMENTAL_".$1) {
- $tag{$tag[$tag_i]}=-2;
- print STDERR "DEBUG: $file: chaged tag $1 = -2\n" if $debug;
- }
$tag_i--;
}
} elsif (/^\#\s*endif/) {
print STDERR "DEBUG: \$t=\"$t\"\n" if $debug;
if ($tag{$t}==2) {
$tag{$t}=-1;
- } elsif ($tag{$t}==-2) {
- $tag{$t}=1;
} else {
$tag{$t}=0;
}
return 1;
}
if ($keyword eq "ZLIB" && $zlib) { return 1; }
- if ($keyword eq "OPENSSL_EXPERIMENTAL_JPAKE" && $jpake) {
-
-
- return 1;
- }
return 0;
} else {
# algorithms
if ($keyword eq "PSK" && $no_psk) { return 0; }
if ($keyword eq "CMS" && $no_cms) { return 0; }
if ($keyword eq "CAPIENG" && $no_capieng) { return 0; }
+ if ($keyword eq "JPAKE" && $no_jpake) { return 0; }
if ($keyword eq "DEPRECATED" && $no_deprecated) { return 0; }
# Nothing recognise as true
projects / openssl.git / commitdiff