Changes between 0.9.1c and 0.9.2
+ *) First cut of a cleanup for apps/. First the `ssleay' program is now named
+ `openssl' and second, the shortcut symlinks for the `openssl <command>'
+ are no longer created. This way we have a single and consistent command
+ line interface `openssl <command>', similar to `cvs <command>'.
+ [Ralf S. Engelschall]
+
*) ca.c: move test for DSA keys inside #ifndef NO_DSA. Make pubkey
BIT STRING wrapper always have zero unused bits.
[Steve Henson]
#
-# SSLeay/apps/Makefile.ssl
+# apps/Makefile.ssl
#
DIR= apps
LIBCRYPTO=-L.. -lcrypto
LIBSSL=-L.. -lssl
-SSLEAY= ssleay
+PROGRAM= openssl
-SCRIPTS=CA.sh der_chop CA.pl
+SCRIPTS=CA.sh CA.pl der_chop
-EXE= $(SSLEAY)
+EXE= $(PROGRAM)
E_EXE= verify asn1pars req dgst dh enc gendh errstr ca crl \
rsa dsa dsaparam \
x509 genrsa s_server s_client speed \
s_time version pkcs7 crl2pkcs7 sess_id ciphers
-PROGS= $(SSLEAY).c
+PROGS= $(PROGRAM).c
A_OBJ=apps.o
A_SRC=apps.c
files:
perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-install: mklinks
- @for i in $(EXE) $(SCRIPTS) mklinks; \
+install:
+ @for i in $(EXE) $(SCRIPTS); \
do \
(echo installing $$i; \
cp $$i $(INSTALLTOP)/bin/$$i; \
chmod 755 $(INSTALLTOP)/bin/$$i ); \
done; \
- cp ssleay.cnf $(INSTALLTOP)/lib
- chmod 644 $(INSTALLTOP)/lib/ssleay.cnf
- cd $(INSTALLTOP)/bin; \
- /bin/sh ./mklinks; \
- /bin/rm -f ./mklinks
+ cp openssl.cnf $(INSTALLTOP)/lib; \
+ chmod 644 $(INSTALLTOP)/lib/openssl.cnf
tags:
ctags $(SRC)
$(DLIBCRYPTO):
(cd ../crypto; $(MAKE))
-$(SSLEAY): progs.h $(E_OBJ) $(SSLEAY).o $(DLIBCRYPTO) $(DLIBSSL)
- $(RM) $(SSLEAY)
- $(CC) -o $(SSLEAY) $(CFLAGS) $(SSLEAY).o $(E_OBJ) $(PEX_LIBS) $(LIBSSL) $(LIBCRYPTO) $(EX_LIBS)
+$(PROGRAM): progs.h $(E_OBJ) $(PROGRAM).o $(DLIBCRYPTO) $(DLIBSSL)
+ $(RM) $(PROGRAM)
+ $(CC) -o $(PROGRAM) $(CFLAGS) $(PROGRAM).o $(E_OBJ) $(PEX_LIBS) $(LIBSSL) $(LIBCRYPTO) $(EX_LIBS)
progs.h:
- perl ./g_ssleay.pl $(E_EXE) >progs.h
- $(RM) $(SSLEAY).o
-
-mklinks:
- perl ./g_ssleay.pl $(E_EXE) >progs.h
+ perl ./progs.pl $(E_EXE) >progs.h
+ $(RM) $(PROGRAM).o
# DO NOT DELETE THIS LINE -- make depend depends on it.
+++ /dev/null
-2.99999.3 SET.ex3 SET x509v3 extension 3
-
+++ /dev/null
-#!/usr/local/bin/perl
-
-$mkprog='mklinks';
-$rmprog='rmlinks';
-
-print "#ifndef NOPROTO\n";
-
-grep(s/^asn1pars$/asn1parse/,@ARGV);
-
-foreach (@ARGV)
- { printf "extern int %s_main(int argc,char *argv[]);\n",$_; }
-print "#else\n";
-foreach (@ARGV)
- { printf "extern int %s_main();\n",$_; }
-print "#endif\n";
-
-
-print <<'EOF';
-
-#ifdef SSLEAY_SRC
-
-#define FUNC_TYPE_GENERAL 1
-#define FUNC_TYPE_MD 2
-#define FUNC_TYPE_CIPHER 3
-
-typedef struct {
- int type;
- char *name;
- int (*func)();
- } FUNCTION;
-
-FUNCTION functions[] = {
-EOF
-
-foreach (@ARGV)
- {
- push(@files,$_);
- $str="\t{FUNC_TYPE_GENERAL,\"$_\",${_}_main},\n";
- if (($_ =~ /^s_/) || ($_ =~ /^ciphers$/))
- { print "#if !defined(NO_SOCK) && !(defined(NO_SSL2) && defined(O_SSL3))\n${str}#endif\n"; }
- elsif ( ($_ =~ /^rsa$/) || ($_ =~ /^genrsa$/) ||
- ($_ =~ /^req$/) || ($_ =~ /^ca$/) || ($_ =~ /^x509$/))
- { print "#ifndef NO_RSA\n${str}#endif\n"; }
- elsif ( ($_ =~ /^dsa$/) || ($_ =~ /^gendsa$/) || ($_ =~ /^dsaparam$/))
- { print "#ifndef NO_DSA\n${str}#endif\n"; }
- elsif ( ($_ =~ /^dh$/) || ($_ =~ /^gendh$/))
- { print "#ifndef NO_DH\n${str}#endif\n"; }
- else
- { print $str; }
- }
-
-foreach ("md2","md5","sha","sha1","mdc2","rmd160")
- {
- push(@files,$_);
- printf "\t{FUNC_TYPE_MD,\"%s\",dgst_main},\n",$_;
- }
-
-foreach (
- "base64",
- "des", "des3", "desx", "idea", "rc4", "rc2","bf","cast","rc5",
- "des-ecb", "des-ede", "des-ede3",
- "des-cbc", "des-ede-cbc","des-ede3-cbc",
- "des-cfb", "des-ede-cfb","des-ede3-cfb",
- "des-ofb", "des-ede-ofb","des-ede3-ofb",
- "idea-cbc","idea-ecb", "idea-cfb", "idea-ofb",
- "rc2-cbc", "rc2-ecb", "rc2-cfb", "rc2-ofb",
- "bf-cbc", "bf-ecb", "bf-cfb", "bf-ofb",
- "cast5-cbc","cast5-ecb", "cast5-cfb","cast5-ofb",
- "cast-cbc", "rc5-cbc", "rc5-ecb", "rc5-cfb", "rc5-ofb")
- {
- push(@files,$_);
-
- $t=sprintf("\t{FUNC_TYPE_CIPHER,\"%s\",enc_main},\n",$_);
- if ($_ =~ /des/) { $t="#ifndef NO_DES\n${t}#endif\n"; }
- elsif ($_ =~ /idea/) { $t="#ifndef NO_IDEA\n${t}#endif\n"; }
- elsif ($_ =~ /rc4/) { $t="#ifndef NO_RC4\n${t}#endif\n"; }
- elsif ($_ =~ /rc2/) { $t="#ifndef NO_RC2\n${t}#endif\n"; }
- elsif ($_ =~ /bf/) { $t="#ifndef NO_BLOWFISH\n${t}#endif\n"; }
- elsif ($_ =~ /cast/) { $t="#ifndef NO_CAST\n${t}#endif\n"; }
- elsif ($_ =~ /rc5/) { $t="#ifndef NO_RC5\n${t}#endif\n"; }
- print $t;
- }
-
-print "\t{0,NULL,NULL}\n\t};\n";
-print "#endif\n\n";
-
-open(OUT,">$mkprog") || die "unable to open '$prog':$!\n";
-print OUT "#!/bin/sh\nfor i in ";
-foreach (@files)
- { print OUT $_." "; }
-print OUT <<'EOF';
-
-do
-echo making symlink for $i
-/bin/rm -f $i
-ln -s ssleay $i
-done
-EOF
-close(OUT);
-chmod(0755,$mkprog);
-
-open(OUT,">$rmprog") || die "unable to open '$prog':$!\n";
-print OUT "#!/bin/sh\nfor i in ";
-foreach (@files)
- { print OUT $_." "; }
-print OUT <<'EOF';
-
-do
-echo removing $i
-/bin/rm -f $i
-done
-EOF
-close(OUT);
-chmod(0755,$rmprog);
+++ /dev/null
-#!/bin/sh
-for i in verify asn1parse req dgst dh enc gendh errstr ca crl rsa dsa dsaparam x509 genrsa s_server s_client speed s_time version pkcs7 crl2pkcs7 sess_id ciphers md2 md5 sha sha1 mdc2 rmd160 base64 des des3 desx idea rc4 rc2 bf cast rc5 des-ecb des-ede des-ede3 des-cbc des-ede-cbc des-ede3-cbc des-cfb des-ede-cfb des-ede3-cfb des-ofb des-ede-ofb des-ede3-ofb idea-cbc idea-ecb idea-cfb idea-ofb rc2-cbc rc2-ecb rc2-cfb rc2-ofb bf-cbc bf-ecb bf-cfb bf-ofb cast5-cbc cast5-ecb cast5-cfb cast5-ofb cast-cbc rc5-cbc rc5-ecb rc5-cfb rc5-ofb
-do
-echo making symlink for $i
-/bin/rm -f $i
-ln -s ssleay $i
-done
-/* apps/ssleay.c */
+/* apps/openssl.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
ERR_load_crypto_strings();
/* Lets load up our environment a little */
- p=getenv("SSLEAY_CONF");
+ p=getenv("OPENSSL_CONF");
+ if (p == NULL)
+ p=getenv("SSLEAY_CONF");
if (p == NULL)
{
strcpy(config_name,X509_get_default_cert_area());
strcat(config_name,"/lib/");
- strcat(config_name,SSLEAY_CONF);
+ strcat(config_name,OPENSSL_CONF);
p=config_name;
}
goto end;
}
- /* ok, lets enter the old 'SSLeay>' mode */
+ /* ok, lets enter the old 'OpenSSL>' mode */
for (;;)
{
p[0]='\0';
if (i++)
prompt=">";
- else prompt="SSLeay>";
+ else prompt="OpenSSL> ";
fputs(prompt,stdout);
fflush(stdout);
fgets(p,n,stdin);
}
else
{
- BIO_printf(bio_err,"'%s' is a bad command, valid commands are",
+ BIO_printf(bio_err,"openssl:Error: '%s' is an invalid command.\n",
argv[0]);
+ BIO_printf(bio_err, "\nStandard commands");
i=0;
- fp=functions;
tp=0;
for (fp=functions; fp->name != NULL; fp++)
{
{
i=1;
BIO_printf(bio_err,
- "Message Digest commands - see the dgst command for more details\n");
+ "\nMessage Digest commands (see the `dgst' command for more details)\n");
}
else if (tp == FUNC_TYPE_CIPHER)
{
i=1;
- BIO_printf(bio_err,"Cipher commands - see the enc command for more details\n");
+ BIO_printf(bio_err,"\nCipher commands (see the `enc' command for more details)\n");
}
}
BIO_printf(bio_err,"%-15s",fp->name);
}
- BIO_printf(bio_err,"\nquit\n");
+ BIO_printf(bio_err,"\n\n");
ret=0;
}
end:
#
-# SSLeay example configuration file.
+# OpenSSL example configuration file.
# This is mostly being used for generation of certificate requests.
#
# we can do this but it is not needed normally :-)
#1.organizationName = Second Organization Name (eg, company)
-#1.organizationName_default = CryptSoft Pty Ltd
+#1.organizationName_default = World Wide Web Pty Ltd
organizationalUnitName = Organizational Unit Name (eg, section)
#organizationalUnitName_default =
[ x509v3_extensions ]
-nsCaRevocationUrl = http://www.cryptsoft.com/ca-crl.pem
+nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem
nsComment = "This is a comment"
# under ASN.1, the 0 bit would be encoded as 80
#!/usr/local/bin/perl
-$mkprog='mklinks';
-$rmprog='rmlinks';
-
print "#ifndef NOPROTO\n";
grep(s/^asn1pars$/asn1parse/,@ARGV);
$str="\t{FUNC_TYPE_GENERAL,\"$_\",${_}_main},\n";
if (($_ =~ /^s_/) || ($_ =~ /^ciphers$/))
{ print "#if !defined(NO_SOCK) && !(defined(NO_SSL2) && defined(O_SSL3))\n${str}#endif\n"; }
- elsif ( ($_ =~ /^rsa$/) || ($_ =~ /^genrsa$/) ||
- ($_ =~ /^req$/) || ($_ =~ /^ca$/) || ($_ =~ /^x509$/))
+ elsif ( ($_ =~ /^rsa$/) || ($_ =~ /^genrsa$/) )
{ print "#ifndef NO_RSA\n${str}#endif\n"; }
elsif ( ($_ =~ /^dsa$/) || ($_ =~ /^gendsa$/) || ($_ =~ /^dsaparam$/))
{ print "#ifndef NO_DSA\n${str}#endif\n"; }
print "\t{0,NULL,NULL}\n\t};\n";
print "#endif\n\n";
-open(OUT,">$mkprog") || die "unable to open '$prog':$!\n";
-print OUT "#!/bin/sh\nfor i in ";
-foreach (@files)
- { print OUT $_." "; }
-print OUT <<'EOF';
-
-do
-echo making symlink for $i
-/bin/rm -f $i
-ln -s ssleay $i
-done
-EOF
-close(OUT);
-chmod(0755,$mkprog);
-
-open(OUT,">$rmprog") || die "unable to open '$prog':$!\n";
-print OUT "#!/bin/sh\nfor i in ";
-foreach (@files)
- { print OUT $_." "; }
-print OUT <<'EOF';
-
-do
-echo removing $i
-/bin/rm -f $i
-done
-EOF
-close(OUT);
-chmod(0755,$rmprog);
#ifndef MONOLITH
/* Lets load up our environment a little */
- p=getenv("SSLEAY_CONF");
+ p=getenv("OPENSSL_CONF");
+ if (p == NULL)
+ p=getenv("SSLEAY_CONF");
if (p == NULL)
{
strcpy(config_name,X509_get_default_cert_area());
strcat(config_name,"/lib/");
- strcat(config_name,SSLEAY_CONF);
+ strcat(config_name,OPENSSL_CONF);
p=config_name;
}
default_config_file=p;
+++ /dev/null
-#!/bin/sh
-for i in verify asn1parse req dgst dh enc gendh errstr ca crl rsa dsa dsaparam x509 genrsa s_server s_client speed s_time version pkcs7 crl2pkcs7 sess_id ciphers md2 md5 sha sha1 mdc2 rmd160 base64 des des3 desx idea rc4 rc2 bf cast rc5 des-ecb des-ede des-ede3 des-cbc des-ede-cbc des-ede3-cbc des-cfb des-ede-cfb des-ede3-cfb des-ofb des-ede-ofb des-ede3-ofb idea-cbc idea-ecb idea-cfb idea-ofb rc2-cbc rc2-ecb rc2-cfb rc2-ofb bf-cbc bf-ecb bf-cfb bf-ofb cast5-cbc cast5-ecb cast5-cfb cast5-ofb cast-cbc rc5-cbc rc5-ecb rc5-cfb rc5-ofb
-do
-echo removing $i
-/bin/rm -f $i
-done
+++ /dev/null
-/* apps/ssleay.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef DEBUG
-#undef DEBUG
-#endif
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-#include "bio.h"
-#include "crypto.h"
-#include "lhash.h"
-#include "conf.h"
-#include "x509.h"
-#include "pem.h"
-#include "ssl.h"
-#define SSLEAY /* turn off a few special case MONOLITH macros */
-#define USE_SOCKETS /* needed for the _O_BINARY defs in the MS world */
-#define SSLEAY_SRC
-#include "apps.h"
-#include "s_apps.h"
-#include "err.h"
-
-/*
-#ifdef WINDOWS
-#include "bss_file.c"
-#endif
-*/
-
-#ifndef NOPROTO
-static unsigned long MS_CALLBACK hash(FUNCTION *a);
-static int MS_CALLBACK cmp(FUNCTION *a,FUNCTION *b);
-static LHASH *prog_init(void );
-static int do_cmd(LHASH *prog,int argc,char *argv[]);
-#else
-static unsigned long MS_CALLBACK hash();
-static int MS_CALLBACK cmp();
-static LHASH *prog_init();
-static int do_cmd();
-#endif
-
-LHASH *config=NULL;
-char *default_config_file=NULL;
-
-#ifdef DEBUG
-static void sig_stop(i)
-int i;
- {
- char *a=NULL;
-
- *a='\0';
- }
-#endif
-
-/* Make sure there is only one when MONOLITH is defined */
-#ifdef MONOLITH
-BIO *bio_err=NULL;
-#endif
-
-int main(Argc,Argv)
-int Argc;
-char *Argv[];
- {
- ARGS arg;
-#define PROG_NAME_SIZE 16
- char pname[PROG_NAME_SIZE];
- FUNCTION f,*fp;
- MS_STATIC char *prompt,buf[1024],config_name[256];
- int n,i,ret=0;
- int argc;
- char **argv,*p;
- LHASH *prog=NULL;
- long errline;
-
- arg.data=NULL;
- arg.count=0;
-
- /* SSLeay_add_ssl_algorithms(); is called in apps_startup() */
- apps_startup();
-
-#if defined(DEBUG) && !defined(WINDOWS) && !defined(MSDOS)
-#ifdef SIGBUS
- signal(SIGBUS,sig_stop);
-#endif
-#ifdef SIGSEGV
- signal(SIGSEGV,sig_stop);
-#endif
-#endif
-
- if (bio_err == NULL)
- if ((bio_err=BIO_new(BIO_s_file())) != NULL)
- BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
-
- ERR_load_crypto_strings();
-
- /* Lets load up our environment a little */
- p=getenv("SSLEAY_CONF");
- if (p == NULL)
- {
- strcpy(config_name,X509_get_default_cert_area());
- strcat(config_name,"/lib/");
- strcat(config_name,SSLEAY_CONF);
- p=config_name;
- }
-
- default_config_file=p;
-
- config=CONF_load(config,p,&errline);
- if (config == NULL) ERR_clear_error();
-
- prog=prog_init();
-
- /* first check the program name */
- program_name(Argv[0],pname,PROG_NAME_SIZE);
-
- f.name=pname;
- fp=(FUNCTION *)lh_retrieve(prog,(char *)&f);
- if (fp != NULL)
- {
- Argv[0]=pname;
- ret=fp->func(Argc,Argv);
- goto end;
- }
-
- /* ok, now check that there are not arguments, if there are,
- * run with them, shifting the ssleay off the front */
- if (Argc != 1)
- {
- Argc--;
- Argv++;
- ret=do_cmd(prog,Argc,Argv);
- if (ret < 0) ret=0;
- goto end;
- }
-
- /* ok, lets enter the old 'SSLeay>' mode */
-
- for (;;)
- {
- ret=0;
- p=buf;
- n=1024;
- i=0;
- for (;;)
- {
- p[0]='\0';
- if (i++)
- prompt=">";
- else prompt="SSLeay>";
- fputs(prompt,stdout);
- fflush(stdout);
- fgets(p,n,stdin);
- if (p[0] == '\0') goto end;
- i=strlen(p);
- if (i <= 1) break;
- if (p[i-2] != '\\') break;
- i-=2;
- p+=i;
- n-=i;
- }
- if (!chopup_args(&arg,buf,&argc,&argv)) break;
-
- ret=do_cmd(prog,argc,argv);
- if (ret < 0)
- {
- ret=0;
- goto end;
- }
- if (ret != 0)
- BIO_printf(bio_err,"error in %s\n",argv[0]);
- BIO_flush(bio_err);
- }
- BIO_printf(bio_err,"bad exit\n");
- ret=1;
-end:
- if (config != NULL)
- {
- CONF_free(config);
- config=NULL;
- }
- if (prog != NULL) lh_free(prog);
- if (arg.data != NULL) Free(arg.data);
- ERR_remove_state(0);
-
- EVP_cleanup();
- ERR_free_strings();
-
- CRYPTO_mem_leaks(bio_err);
- if (bio_err != NULL)
- {
- BIO_free(bio_err);
- bio_err=NULL;
- }
- EXIT(ret);
- }
-
-static int do_cmd(prog,argc,argv)
-LHASH *prog;
-int argc;
-char *argv[];
- {
- FUNCTION f,*fp;
- int i,ret=1,tp,nl;
-
- if ((argc <= 0) || (argv[0] == NULL))
- { ret=0; goto end; }
- f.name=argv[0];
- fp=(FUNCTION *)lh_retrieve(prog,(char *)&f);
- if (fp != NULL)
- {
- ret=fp->func(argc,argv);
- }
- else if ((strcmp(argv[0],"quit") == 0) ||
- (strcmp(argv[0],"q") == 0) ||
- (strcmp(argv[0],"exit") == 0) ||
- (strcmp(argv[0],"bye") == 0))
- {
- ret= -1;
- goto end;
- }
- else
- {
- BIO_printf(bio_err,"'%s' is a bad command, valid commands are",
- argv[0]);
- i=0;
- fp=functions;
- tp=0;
- for (fp=functions; fp->name != NULL; fp++)
- {
- nl=0;
- if (((i++) % 5) == 0)
- {
- BIO_printf(bio_err,"\n");
- nl=1;
- }
- if (fp->type != tp)
- {
- tp=fp->type;
- if (!nl) BIO_printf(bio_err,"\n");
- if (tp == FUNC_TYPE_MD)
- {
- i=1;
- BIO_printf(bio_err,
- "Message Digest commands - see the dgst command for more details\n");
- }
- else if (tp == FUNC_TYPE_CIPHER)
- {
- i=1;
- BIO_printf(bio_err,"Cipher commands - see the enc command for more details\n");
- }
- }
- BIO_printf(bio_err,"%-15s",fp->name);
- }
- BIO_printf(bio_err,"\nquit\n");
- ret=0;
- }
-end:
- return(ret);
- }
-
-static LHASH *prog_init()
- {
- LHASH *ret;
- FUNCTION *f;
-
- if ((ret=lh_new(hash,cmp)) == NULL) return(NULL);
-
- for (f=functions; f->name != NULL; f++)
- lh_insert(ret,(char *)f);
- return(ret);
- }
-
-static int MS_CALLBACK cmp(a,b)
-FUNCTION *a,*b;
- {
- return(strncmp(a->name,b->name,8));
- }
-
-static unsigned long MS_CALLBACK hash(a)
-FUNCTION *a;
- {
- return(lh_strhash(a->name));
- }
-
-#undef SSLEAY
+++ /dev/null
-#
-# SSLeay example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-
-RANDFILE = $ENV::HOME/.rnd
-oid_file = $ENV::HOME/.oid
-
-####################################################################
-[ ca ]
-default_ca = CA_default # The default ca section
-
-####################################################################
-[ CA_default ]
-
-dir = ./demoCA # Where everything is kept
-certs = $dir/certs # Where the issued certs are kept
-crl_dir = $dir/crl # Where the issued crl are kept
-database = $dir/index.txt # database index file.
-new_certs_dir = $dir/newcerts # default place for new certs.
-
-certificate = $dir/cacert.pem # The CA certificate
-serial = $dir/serial # The current serial number
-crl = $dir/crl.pem # The current CRL
-private_key = $dir/private/cakey.pem# The private key
-RANDFILE = $dir/private/.rand # private random number file
-
-x509_extensions = x509v3_extensions # The extentions to add to the cert
-default_days = 365 # how long to certify for
-default_crl_days= 30 # how long before next CRL
-default_md = md5 # which md to use.
-preserve = no # keep passed DN ordering
-
-# A few difference way of specifying how similar the request should look
-# For type CA, the listed attributes must be the same, and the optional
-# and supplied fields are just that :-)
-policy = policy_match
-
-# For the CA policy
-[ policy_match ]
-countryName = match
-stateOrProvinceName = match
-organizationName = match
-organizationalUnitName = optional
-commonName = supplied
-emailAddress = optional
-
-# For the 'anything' policy
-# At this point in time, you must list all acceptable 'object'
-# types.
-[ policy_anything ]
-countryName = optional
-stateOrProvinceName = optional
-localityName = optional
-organizationName = optional
-organizationalUnitName = optional
-commonName = supplied
-emailAddress = optional
-
-####################################################################
-[ req ]
-default_bits = 1024
-default_keyfile = privkey.pem
-distinguished_name = req_distinguished_name
-attributes = req_attributes
-
-[ req_distinguished_name ]
-countryName = Country Name (2 letter code)
-countryName_default = AU
-countryName_min = 2
-countryName_max = 2
-
-stateOrProvinceName = State or Province Name (full name)
-stateOrProvinceName_default = Some-State
-
-localityName = Locality Name (eg, city)
-
-0.organizationName = Organization Name (eg, company)
-0.organizationName_default = Internet Widgits Pty Ltd
-
-# we can do this but it is not needed normally :-)
-#1.organizationName = Second Organization Name (eg, company)
-#1.organizationName_default = CryptSoft Pty Ltd
-
-organizationalUnitName = Organizational Unit Name (eg, section)
-#organizationalUnitName_default =
-
-commonName = Common Name (eg, YOUR name)
-commonName_max = 64
-
-emailAddress = Email Address
-emailAddress_max = 40
-
-SET-ex3 = SET extension number 3
-
-[ req_attributes ]
-challengePassword = A challenge password
-challengePassword_min = 4
-challengePassword_max = 20
-
-unstructuredName = An optional company name
-
-[ x509v3_extensions ]
-
-nsCaRevocationUrl = http://www.cryptsoft.com/ca-crl.pem
-nsComment = "This is a comment"
-
-# under ASN.1, the 0 bit would be encoded as 80
-nsCertType = 0x40
-
-#nsBaseUrl
-#nsRevocationUrl
-#nsRenewalUrl
-#nsCaPolicyUrl
-#nsSslServerName
-#nsCertSequence
-#nsCertExt
-#nsDataType
-
* perl obj_dat.pl < objects.h > obj_dat.h
*/
-#define NUM_NID 126
-#define NUM_SN 97
-#define NUM_LN 124
-#define NUM_OBJ 98
+#define NUM_NID 127
+#define NUM_SN 98
+#define NUM_LN 125
+#define NUM_OBJ 99
-static unsigned char lvalues[611]={
+static unsigned char lvalues[614]={
0x00, /* [ 0] OBJ_undef */
0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x08, /* [592] OBJ_rc5_cbc */
0x29,0x01,0x01,0x85,0x1A, /* [600] OBJ_rle_compression */
0x29,0x01,0x01,0x85,0x1A, /* [605] OBJ_zlib_compression */
+0x55,0x1D,0x25, /* [610] OBJ_ext_key_usage */
};
static ASN1_OBJECT nid_objs[NUM_NID]={
{"RC5-OFB","rc5-ofb",NID_rc5_ofb64,0,NULL},
{"RLE","run length compression",NID_rle_compression,5,&(lvalues[600]),0},
{"ZLIB","zlib compression",NID_zlib_compression,5,&(lvalues[605]),0},
+{"extendedKeyUsage","X509v3 Extended Key Usage",NID_ext_key_usage,3,
+ &(lvalues[610]),0},
};
static ASN1_OBJECT *sn_objs[NUM_SN]={
&(nid_objs[89]),/* "certificatePolicies" */
&(nid_objs[103]),/* "crlDistributionPoints" */
&(nid_objs[88]),/* "crlNumber" */
+&(nid_objs[126]),/* "extendedKeyUsage" */
&(nid_objs[86]),/* "issuerAltName" */
&(nid_objs[83]),/* "keyUsage" */
&(nid_objs[81]),/* "ld-ce" */
&(nid_objs[103]),/* "X509v3 CRL Distribution Points" */
&(nid_objs[88]),/* "X509v3 CRL Number" */
&(nid_objs[89]),/* "X509v3 Certificate Policies" */
+&(nid_objs[126]),/* "X509v3 Extended Key Usage" */
&(nid_objs[86]),/* "X509v3 Issuer Alternative Name" */
&(nid_objs[83]),/* "X509v3 Key Usage" */
&(nid_objs[84]),/* "X509v3 Private Key Usage Period" */
&(nid_objs[103]),/* OBJ_crl_distribution_points 2 5 29 31 */
&(nid_objs[89]),/* OBJ_certificate_policies 2 5 29 32 */
&(nid_objs[90]),/* OBJ_authority_key_identifier 2 5 29 35 */
+&(nid_objs[126]),/* OBJ_ext_key_usage 2 5 29 37 */
&(nid_objs[19]),/* OBJ_rsa 2 5 8 1 1 */
&(nid_objs[96]),/* OBJ_mdc2WithRSA 2 5 8 3 100 */
&(nid_objs[95]),/* OBJ_mdc2 2 5 8 3 101 */
-&(nid_objs[124]),/* OBJ_rle_compression 1 1 1 1 666.1 */
&(nid_objs[125]),/* OBJ_zlib_compression 1 1 1 1 666.2 */
+&(nid_objs[124]),/* OBJ_rle_compression 1 1 1 1 666.1 */
&(nid_objs[104]),/* OBJ_md5WithRSA 1 3 14 3 2 3 */
&(nid_objs[29]),/* OBJ_des_ecb 1 3 14 3 2 6 */
&(nid_objs[31]),/* OBJ_des_cbc 1 3 14 3 2 7 */
#ifndef R_OK
# define R_OK 4
#endif
-# define SSLEAY_CONF "ssleay.cnf"
+# define OPENSSL_CONF "openssl.cnf"
+# define SSLEAY_CONF OPENSSL_CONF
# define NUL_DEV "nul"
# define RFILE ".rnd"
# include <unistd.h>
# endif
-# define SSLEAY_CONF "ssleay.cnf"
+# define OPENSSL_CONF "openssl.cnf"
+# define SSLEAY_CONF OPENSSL_CONF
# define RFILE ".rnd"
# define LIST_SEPARATOR_CHAR ':'
# ifndef MONOLITH
projects / openssl.git / commitdiff