diff options
| author | Richard Levitte <levitte@openssl.org> | 2003-12-18 19:26:40 +0000 |
|---|---|---|
| committer | Richard Levitte <levitte@openssl.org> | 2003-12-18 19:26:40 +0000 |
| commit | 10fdd8d5fd409843d2082ec9e0734fdd2065333e (patch) | |
| tree | 099efa32085d3e01b02c392b59d81bc8a720f4cf | |
| parent | 9c2fcb789e104053fd66aa6443dfdc1859339b80 (diff) | |
I haven't merged from 0.9.7-stable in a loooong time. It shows :-).
37 files changed, 219 insertions, 118 deletions
@@ -4,6 +4,9 @@ Changes between 0.9.7c and 0.9.7d [xx XXX XXXX] + *) Print out GeneralizedTime and UTCTime in ASN1_STRING_print_ex(). + [Peter Sylvester <Peter.Sylvester@EdelWeb.fr>] + *) Use the correct content when signing type "other". [Steve Henson] diff --git a/apps/apps.c b/apps/apps.c index e4db043003..2a7c7f25a2 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -475,7 +475,7 @@ static int ui_read(UI *ui, UI_STRING *uis) { const char *password = ((PW_CB_DATA *)UI_get0_user_data(ui))->password; - if (password[0] != '\0') + if (password && password[0] != '\0') { UI_set_result(ui, uis, password); return 1; @@ -499,7 +499,7 @@ static int ui_write(UI *ui, UI_STRING *uis) { const char *password = ((PW_CB_DATA *)UI_get0_user_data(ui))->password; - if (password[0] != '\0') + if (password && password[0] != '\0') return 1; } default: diff --git a/apps/req.c b/apps/req.c index 5f6ec3d339..a657eaa50b 100644 --- a/apps/req.c +++ b/apps/req.c @@ -824,7 +824,7 @@ loop: if ((x509ss=X509_new()) == NULL) goto end; /* Set version to V3 */ - if(!X509_set_version(x509ss, 2)) goto end; + if(extensions && !X509_set_version(x509ss, 2)) goto end; if (serial) { if (!X509_set_serialNumber(x509ss, serial)) goto end; diff --git a/apps/speed.c b/apps/speed.c index ec55b4188c..18ce5c3fb6 100644 --- a/apps/speed.c +++ b/apps/speed.c @@ -1006,6 +1006,9 @@ int MAIN(int argc, char **argv) c[D_CBC_RC5][0]=count; c[D_CBC_BF][0]=count; c[D_CBC_CAST][0]=count; + c[D_CBC_128_AES][0]=count; + c[D_CBC_192_AES][0]=count; + c[D_CBC_256_AES][0]=count; for (i=1; i<SIZE_NUM; i++) { @@ -1031,6 +1034,9 @@ int MAIN(int argc, char **argv) c[D_CBC_RC5][i]=c[D_CBC_RC5][i-1]*l0/l1; c[D_CBC_BF][i]=c[D_CBC_BF][i-1]*l0/l1; c[D_CBC_CAST][i]=c[D_CBC_CAST][i-1]*l0/l1; + c[D_CBC_128_AES][i]=c[D_CBC_128_AES][i-1]*l0/l1; + c[D_CBC_192_AES][i]=c[D_CBC_192_AES][i-1]*l0/l1; + c[D_CBC_256_AES][i]=c[D_CBC_256_AES][i-1]*l0/l1; } #ifndef OPENSSL_NO_RSA rsa_c[R_RSA_512][0]=count/2000; diff --git a/crypto/Makefile.ssl b/crypto/Makefile.ssl index e21648a320..65db1dfcd6 100644 --- a/crypto/Makefile.ssl +++ b/crypto/Makefile.ssl @@ -50,7 +50,7 @@ ALL= $(GENERAL) $(SRC) $(HEADER) top: @(cd ..; $(MAKE) DIRS=$(DIR) all) -all: buildinf.h lib subdirs shared +all: shared buildinf.h: ../Makefile.ssl ( echo "#ifndef MK1MF_BUILD"; \ @@ -96,7 +96,7 @@ lib: $(LIBOBJ) $(RANLIB) $(LIB) || echo Never mind. @touch lib -shared: +shared: buildinf.h lib subdirs if [ -n "$(SHARED_LIBS)" ]; then \ (cd ..; $(MAKE) $(SHARED_LIB)); \ fi diff --git a/crypto/asn1/a_strex.c b/crypto/asn1/a_strex.c index 8abfdfe598..bde666a6ff 100644 --- a/crypto/asn1/a_strex.c +++ b/crypto/asn1/a_strex.c @@ -285,7 +285,7 @@ const static signed char tag2nbyte[] = { -1, -1, 0, -1, /* 10-13 */ -1, -1, -1, -1, /* 15-17 */ -1, 1, 1, /* 18-20 */ - -1, 1, -1,-1, /* 21-24 */ + -1, 1, 1, 1, /* 21-24 */ -1, 1, -1, /* 25-27 */ 4, -1, 2 /* 28-30 */ }; diff --git a/crypto/bf/Makefile.ssl b/crypto/bf/Makefile.ssl index bb14a0ee82..b6124cf10f 100644 --- a/crypto/bf/Makefile.ssl +++ b/crypto/bf/Makefile.ssl @@ -22,6 +22,7 @@ BF_ENC= bf_enc.o #DES_ENC= bx86-elf.o CFLAGS= $(INCLUDES) $(CFLAG) +ASFLAGS= $(INCLUDES) $(ASFLAG) GENERAL=Makefile TEST=bftest.c diff --git a/crypto/bio/b_print.c b/crypto/bio/b_print.c index 2cfc689dd6..0fd5e4ee2a 100644 --- a/crypto/bio/b_print.c +++ b/crypto/bio/b_print.c @@ -652,8 +652,8 @@ fmtfp( (caps ? "0123456789ABCDEF" : "0123456789abcdef")[intpart % 10]; intpart = (intpart / 10); - } while (intpart && (iplace < sizeof iplace)); - if (iplace == sizeof iplace) + } while (intpart && (iplace < sizeof iconvert)); + if (iplace == sizeof iconvert) iplace--; iconvert[iplace] = 0; @@ -664,7 +664,7 @@ fmtfp( : "0123456789abcdef")[fracpart % 10]; fracpart = (fracpart / 10); } while (fplace < max); - if (fplace == sizeof fplace) + if (fplace == sizeof fconvert) fplace--; fconvert[fplace] = 0; diff --git a/crypto/bn/asm/bn-586.pl b/crypto/bn/asm/bn-586.pl index 33f6125920..c4de4a2bee 100644 --- a/crypto/bn/asm/bn-586.pl +++ b/crypto/bn/asm/bn-586.pl @@ -11,7 +11,7 @@ require "x86asm.pl"; &bn_div_words("bn_div_words"); &bn_add_words("bn_add_words"); &bn_sub_words("bn_sub_words"); -&bn_sub_part_words("bn_sub_part_words"); +#&bn_sub_part_words("bn_sub_part_words"); &asm_finish(); diff --git a/crypto/cast/Makefile.ssl b/crypto/cast/Makefile.ssl index 70c47bf8e6..d1b2bafd38 100644 --- a/crypto/cast/Makefile.ssl +++ b/crypto/cast/Makefile.ssl @@ -25,6 +25,7 @@ CAST_ENC=c_enc.o #CAST_ENC=asm/cx86bdsi.o CFLAGS= $(INCLUDES) $(CFLAG) +ASFLAGS= $(INCLUDES) $(ASFLAG) GENERAL=Makefile TEST=casttest.c diff --git a/crypto/conf/conf_mod.c b/crypto/conf/conf_mod.c index edcc08921c..8ceab6a21f 100644 --- a/crypto/conf/conf_mod.c +++ b/crypto/conf/conf_mod.c @@ -576,12 +576,12 @@ char *CONF_get1_default_config_file(void) * be used to parse comma separated lists for example. */ -int CONF_parse_list(const char *list, int sep, int nospc, +int CONF_parse_list(const char *list_, int sep, int nospc, int (*list_cb)(const char *elem, int len, void *usr), void *arg) { int ret; const char *lstart, *tmpend, *p; - lstart = list; + lstart = list_; for(;;) { diff --git a/crypto/des/Makefile.ssl b/crypto/des/Makefile.ssl index 548573f4b1..4a04955458 100644 --- a/crypto/des/Makefile.ssl +++ b/crypto/des/Makefile.ssl @@ -22,6 +22,7 @@ DES_ENC= des_enc.o fcrypt_b.o #DES_ENC= dx86-elf.o yx86-elf.o CFLAGS= $(INCLUDES) $(CFLAG) +ASFLAGS= $(INCLUDES) $(ASFLAG) GENERAL=Makefile TEST=destest.c diff --git a/crypto/engine/eng_fat.c b/crypto/engine/eng_fat.c index 0d7dae00b2..7ccf7022ee 100644 --- a/crypto/engine/eng_fat.c +++ b/crypto/engine/eng_fat.c @@ -107,14 +107,14 @@ static int int_def_cb(const char *alg, int len, void *arg) } -int ENGINE_set_default_string(ENGINE *e, const char *list) +int ENGINE_set_default_string(ENGINE *e, const char *def_list) { unsigned int flags = 0; - if (!CONF_parse_list(list, ',', 1, int_def_cb, &flags)) + if (!CONF_parse_list(def_list, ',', 1, int_def_cb, &flags)) { ENGINEerr(ENGINE_F_ENGINE_SET_DEFAULT_STRING, ENGINE_R_INVALID_STRING); - ERR_add_error_data(2, "str=",list); + ERR_add_error_data(2, "str=",def_list); return 0; } return ENGINE_set_default(e, flags); diff --git a/crypto/engine/engine.h b/crypto/engine/engine.h index 9c3ab182d3..900f75ce8d 100644 --- a/crypto/engine/engine.h +++ b/crypto/engine/engine.h @@ -513,7 +513,7 @@ ENGINE *ENGINE_get_digest_engine(int nid); * structure will have had its reference count up'd so the caller * should still free their own reference 'e'. */ int ENGINE_set_default_RSA(ENGINE *e); -int ENGINE_set_default_string(ENGINE *e, const char *list); +int ENGINE_set_default_string(ENGINE *e, const char *def_list); /* Same for the other "methods" */ int ENGINE_set_default_DSA(ENGINE *e); int ENGINE_set_default_DH(ENGINE *e); @@ -616,17 +616,20 @@ typedef int (*dynamic_bind_engine)(ENGINE *e, const char *id, const dynamic_fns *fns); #define IMPLEMENT_DYNAMIC_BIND_FN(fn) \ int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) { \ - if(!CRYPTO_set_mem_functions(fns->mem_fns.malloc_cb, \ - fns->mem_fns.realloc_cb, fns->mem_fns.free_cb)) \ - return 0; \ - CRYPTO_set_locking_callback(fns->lock_fns.lock_locking_cb); \ - CRYPTO_set_add_lock_callback(fns->lock_fns.lock_add_lock_cb); \ - CRYPTO_set_dynlock_create_callback(fns->lock_fns.dynlock_create_cb); \ - CRYPTO_set_dynlock_lock_callback(fns->lock_fns.dynlock_lock_cb); \ - CRYPTO_set_dynlock_destroy_callback(fns->lock_fns.dynlock_destroy_cb); \ - if(!CRYPTO_set_ex_data_implementation(fns->ex_data_fns)) \ - return 0; \ - if(!ERR_set_implementation(fns->err_fns)) return 0; \ + if (ERR_get_implementation() != fns->err_fns) \ + { \ + if(!CRYPTO_set_mem_functions(fns->mem_fns.malloc_cb, \ + fns->mem_fns.realloc_cb, fns->mem_fns.free_cb)) \ + return 0; \ + CRYPTO_set_locking_callback(fns->lock_fns.lock_locking_cb); \ + CRYPTO_set_add_lock_callback(fns->lock_fns.lock_add_lock_cb); \ + CRYPTO_set_dynlock_create_callback(fns->lock_fns.dynlock_create_cb); \ + CRYPTO_set_dynlock_lock_callback(fns->lock_fns.dynlock_lock_cb); \ + CRYPTO_set_dynlock_destroy_callback(fns->lock_fns.dynlock_destroy_cb); \ + if(!CRYPTO_set_ex_data_implementation(fns->ex_data_fns)) \ + return 0; \ + if(!ERR_set_implementation(fns->err_fns)) return 0; \ + } \ if(!fn(e,id)) return 0; \ return 1; } diff --git a/crypto/engine/hw_cryptodev.c b/crypto/engine/hw_cryptodev.c index b0ac5fb04a..be80890ece 100644 --- a/crypto/engine/hw_cryptodev.c +++ b/crypto/engine/hw_cryptodev.c @@ -1058,14 +1058,17 @@ ENGINE_load_cryptodev(void) if (engine == NULL) return; - if ((fd = get_dev_crypto()) < 0) + if ((fd = get_dev_crypto()) < 0) { + ENGINE_free(engine); return; + } /* * find out what asymmetric crypto algorithms we support */ if (ioctl(fd, CIOCASYMFEAT, &cryptodev_asymfeat) == -1) { close(fd); + ENGINE_free(engine); return; } close(fd); diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c index be0758a879..8ea5aa935d 100644 --- a/crypto/evp/evp_enc.c +++ b/crypto/evp/evp_enc.c @@ -148,7 +148,19 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp #endif ctx->cipher=cipher; - ctx->cipher_data=OPENSSL_malloc(ctx->cipher->ctx_size); + if (ctx->cipher->ctx_size) + { + ctx->cipher_data=OPENSSL_malloc(ctx->cipher->ctx_size); + if (!ctx->cipher_data) + { + EVPerr(EVP_F_EVP_CIPHERINIT, ERR_R_MALLOC_FAILURE); + return 0; + } + } + else + { + ctx->cipher_data = NULL; + } ctx->key_len = cipher->key_len; ctx->flags = 0; if(ctx->cipher->flags & EVP_CIPH_CTRL_INIT) diff --git a/crypto/mem.c b/crypto/mem.c index bb862db499..dd86733b77 100644 --- a/crypto/mem.c +++ b/crypto/mem.c @@ -252,7 +252,7 @@ void *CRYPTO_malloc_locked(int num, const char *file, int line) void *ret = NULL; extern unsigned char cleanse_ctr; - if (num < 0) return NULL; + if (num <= 0) return NULL; allow_customize = 0; if (malloc_debug_func != NULL) @@ -293,7 +293,7 @@ void *CRYPTO_malloc(int num, const char *file, int line) void *ret = NULL; extern unsigned char cleanse_ctr; - if (num < 0) return NULL; + if (num <= 0) return NULL; allow_customize = 0; if (malloc_debug_func != NULL) @@ -324,7 +324,7 @@ void *CRYPTO_realloc(void *str, int num, const char *file, int line) if (str == NULL) return CRYPTO_malloc(num, file, line); - if (num < 0) return NULL; + if (num <= 0) return NULL; if (realloc_debug_func != NULL) realloc_debug_func(str, NULL, num, file, line, 0); @@ -346,7 +346,7 @@ void *CRYPTO_realloc_clean(void *str, int old_len, int num, const char *file, if (str == NULL) return CRYPTO_malloc(num, file, line); - if (num < 0) return NULL; + if (num <= 0) return NULL; if (realloc_debug_func != NULL) realloc_debug_func(str, NULL, num, file, line, 0); diff --git a/crypto/rc4/Makefile.ssl b/crypto/rc4/Makefile.ssl index b210b42f8f..59c87f166a 100644 --- a/crypto/rc4/Makefile.ssl +++ b/crypto/rc4/Makefile.ssl @@ -25,6 +25,7 @@ RC4_ENC=rc4_enc.o #RC4_ENC=asm/rx86bdsi.o CFLAGS= $(INCLUDES) $(CFLAG) +ASFLAGS= $(INCLUDES) $(ASFLAG) GENERAL=Makefile TEST=rc4test.c diff --git a/crypto/rc5/Makefile.ssl b/crypto/rc5/Makefile.ssl index 3ad6655946..e7af80f0c0 100644 --- a/crypto/rc5/Makefile.ssl +++ b/crypto/rc5/Makefile.ssl @@ -22,6 +22,7 @@ RC5_ENC= rc5_enc.o #DES_ENC= r586-elf.o CFLAGS= $(INCLUDES) $(CFLAG) +ASFLAGS= $(INCLUDES) $(ASFLAG) GENERAL=Makefile TEST=rc5test.c diff --git a/crypto/ripemd/Makefile.ssl b/crypto/ripemd/Makefile.ssl index 703e99056a..b333edc522 100644 --- a/crypto/ripemd/Makefile.ssl +++ b/crypto/ripemd/Makefile.ssl @@ -20,6 +20,7 @@ AR= ar r RIP_ASM_OBJ= CFLAGS= $(INCLUDES) $(CFLAG) +ASFLAGS= $(INCLUDES) $(ASFLAG) GENERAL=Makefile TEST=rmdtest.c diff --git a/crypto/sha/Makefile.ssl b/crypto/sha/Makefile.ssl index 55dca66e40..dbd41e6065 100644 --- a/crypto/sha/Makefile.ssl +++ b/crypto/sha/Makefile.ssl @@ -20,6 +20,7 @@ AR= ar r SHA1_ASM_OBJ= CFLAGS= $(INCLUDES) $(CFLAG) +ASFLAGS= $(INCLUDES) $(ASFLAG) GENERAL=Makefile TEST=shatest.c sha1test.c diff --git a/crypto/x509/x509.h b/crypto/x509/x509.h index eaad5685a8..8d0c7e2e17 100644 --- a/crypto/x509/x509.h +++ b/crypto/x509/x509.h @@ -810,10 +810,6 @@ X509_REQ *X509_REQ_dup(X509_REQ *req); X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn); X509_NAME *X509_NAME_dup(X509_NAME *xn); X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne); -#ifndef OPENSSL_NO_RSA -RSA *RSAPublicKey_dup(RSA *rsa); -RSA *RSAPrivateKey_dup(RSA *rsa); -#endif #endif /* !SSLEAY_MACROS */ diff --git a/crypto/x509/x509type.c b/crypto/x509/x509type.c index f78c2a6b43..c25959a742 100644 --- a/crypto/x509/x509type.c +++ b/crypto/x509/x509type.c @@ -106,7 +106,7 @@ int X509_certificate_type(X509 *x, EVP_PKEY *pkey) break; } - if (EVP_PKEY_size(pk) <= 512/8) /* /8 because it's 512 bits we look + if (EVP_PKEY_size(pk) <= 1024/8)/* /8 because it's 1024 bits we look for, not bytes */ ret|=EVP_PKT_EXP; if(pkey==NULL) EVP_PKEY_free(pk); diff --git a/crypto/x509v3/v3_crld.c b/crypto/x509v3/v3_crld.c index 894a8b94d8..f90829c574 100644 --- a/crypto/x509v3/v3_crld.c +++ b/crypto/x509v3/v3_crld.c @@ -156,7 +156,7 @@ ASN1_SEQUENCE(DIST_POINT) = { IMPLEMENT_ASN1_FUNCTIONS(DIST_POINT) ASN1_ITEM_TEMPLATE(CRL_DIST_POINTS) = - ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, DIST_POINT, DIST_POINT) + ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, CRLDistributionPoints, DIST_POINT) ASN1_ITEM_TEMPLATE_END(CRL_DIST_POINTS) IMPLEMENT_ASN1_FUNCTIONS(CRL_DIST_POINTS) diff --git a/doc/crypto/BIO_f_ssl.pod b/doc/crypto/BIO_f_ssl.pod index a56ee2b92f..f0b731731f 100644 --- a/doc/crypto/BIO_f_ssl.pod +++ b/doc/crypto/BIO_f_ssl.pod @@ -287,8 +287,8 @@ a client and also echoes the request to standard output. return 0; } - BIO_puts(sbio, "HTTP/1.0 200 OK\r\nContent-type: text/html\r\n\r\n"); - BIO_puts(sbio, "<pre>\r\nConnection Established\r\nRequest headers:\r\n"); + BIO_puts(sbio, "HTTP/1.0 200 OK\r\nContent-type: text/plain\r\n\r\n"); + BIO_puts(sbio, "\r\nConnection Established\r\nRequest headers:\r\n"); BIO_puts(sbio, "--------------------------------------------------\r\n"); for(;;) { @@ -301,7 +301,7 @@ a client and also echoes the request to standard output. } BIO_puts(sbio, "--------------------------------------------------\r\n"); - BIO_puts(sbio, "</pre>\r\n"); + BIO_puts(sbio, "\r\n"); /* Since there is a buffering BIO present we had better flush it */ BIO_flush(sbio); diff --git a/doc/crypto/d2i_DSAPublicKey.pod b/doc/crypto/d2i_DSAPublicKey.pod index 6ebd30427b..22c1b50f22 100644 --- a/doc/crypto/d2i_DSAPublicKey.pod +++ b/doc/crypto/d2i_DSAPublicKey.pod @@ -9,6 +9,7 @@ and parsing functions. =head1 SYNOPSIS #include <openssl/dsa.h> + #include <openssl/x509.h> DSA * d2i_DSAPublicKey(DSA **a, const unsigned char **pp, long length); @@ -35,8 +36,8 @@ and parsing functions. d2i_DSAPublicKey() and i2d_DSAPublicKey() decode and encode the DSA public key components structure. -d2i_DSA_PUKEY() and i2d_DSA_PUKEY() decode and encode an DSA public key using a -SubjectPublicKeyInfo (certificate public key) structure. +d2i_DSA_PUBKEY() and i2d_DSA_PUBKEY() decode and encode an DSA public key using +a SubjectPublicKeyInfo (certificate public key) structure. d2i_DSAPrivateKey(), i2d_DSAPrivateKey() decode and encode the DSA private key components. diff --git a/doc/crypto/d2i_RSAPublicKey.pod b/doc/crypto/d2i_RSAPublicKey.pod index 7c71bcbf3d..279b29c873 100644 --- a/doc/crypto/d2i_RSAPublicKey.pod +++ b/doc/crypto/d2i_RSAPublicKey.pod @@ -9,6 +9,7 @@ d2i_Netscape_RSA - RSA public and private key encoding functions. =head1 SYNOPSIS #include <openssl/rsa.h> + #include <openssl/x509.h> RSA * d2i_RSAPublicKey(RSA **a, unsigned char **pp, long length); @@ -31,8 +32,8 @@ d2i_Netscape_RSA - RSA public and private key encoding functions. d2i_RSAPublicKey() and i2d_RSAPublicKey() decode and encode a PKCS#1 RSAPublicKey structure. -d2i_RSA_PUKEY() and i2d_RSA_PUKEY() decode and encode an RSA public key using a -SubjectPublicKeyInfo (certificate public key) structure. +d2i_RSA_PUBKEY() and i2d_RSA_PUBKEY() decode and encode an RSA public key using +a SubjectPublicKeyInfo (certificate public key) structure. d2i_RSAPrivateKey(), i2d_RSAPrivateKey() decode and encode a PKCS#1 RSAPrivateKey structure. diff --git a/doc/ssl/SSL_COMP_add_compression_method.pod b/doc/ssl/SSL_COMP_add_compression_method.pod index 2a98739114..42fa66b197 100644 --- a/doc/ssl/SSL_COMP_add_compression_method.pod +++ b/doc/ssl/SSL_COMP_add_compression_method.pod @@ -53,11 +53,11 @@ SSL_COMP_add_compression_method() may return the following values: =over 4 -=item 1 +=item 0 The operation succeeded. -=item 0 +=item 1 The operation failed. Check the error queue to find out the reason. diff --git a/os2/OS2-EMX.cmd b/os2/OS2-EMX.cmd index acab99ac39..5924b50b6d 100644 --- a/os2/OS2-EMX.cmd +++ b/os2/OS2-EMX.cmd @@ -64,3 +64,39 @@ echo RC5\32 cd crypto\rc5\asm perl rc5-586.pl a.out > r5-os2.asm cd ..\..\.. + +cd os2 + +if exist noname\backward_ssl.def goto nomkdir +mkdir noname +:nomkdir + +perl backwardify.pl crypto.def >backward_crypto.def +perl backwardify.pl ssl.def >backward_ssl.def +perl backwardify.pl -noname crypto.def >noname\backward_crypto.def +perl backwardify.pl -noname ssl.def >noname\backward_ssl.def + +echo Creating backward compatibility forwarder dlls: +echo crypto.dll +gcc -Zomf -Zdll -Zcrtdll -o crypto.dll backward_crypto.def 2>&1 | grep -v L4085 +echo ssl.dll +gcc -Zomf -Zdll -Zcrtdll -o ssl.dll backward_ssl.def 2>&1 | grep -v L4085 + +echo Creating smaller backward compatibility forwarder dlls: +echo These DLLs are not good for runtime resolution of symbols. +echo noname\crypto.dll +gcc -Zomf -Zdll -Zcrtdll -o noname/crypto.dll noname/backward_crypto.def 2>&1 | grep -v L4085 +echo noname\ssl.dll +gcc -Zomf -Zdll -Zcrtdll -o noname/ssl.dll noname/backward_ssl.def 2>&1 | grep -v L4085 + +echo Compressing forwarders (it is ok if lxlite is not found): +lxlite *.dll noname/*.dll + +cd .. + +echo Now run: +echo For static build: +echo make -f OS2-EMX.mak +echo For dynamic build: +echo make -f OS2-EMX-DLL.mak +echo then rename crypto.dll to cryptssl.dll, ssl.dll to open_ssl.dll diff --git a/ssl/Makefile.ssl b/ssl/Makefile.ssl index 5e428bb57f..e7b2a2947f 100644 --- a/ssl/Makefile.ssl +++ b/ssl/Makefile.ssl @@ -55,14 +55,14 @@ ALL= $(GENERAL) $(SRC) $(HEADER) top: (cd ..; $(MAKE) DIRS=$(DIR) all) -all: lib shared +all: shared lib: $(LIBOBJ) $(AR) $(LIB) $(LIBOBJ) $(RANLIB) $(LIB) || echo Never mind. @touch lib -shared: +shared: lib if [ -n "$(SHARED_LIBS)" ]; then \ (cd ..; $(MAKE) $(SHARED_LIB)); \ fi diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index e4bb5e3f8b..1316dacfe2 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -1957,7 +1957,7 @@ static int ssl3_check_cert_and_algorithm(SSL *s) if (algs & SSL_kRSA) { if (rsa == NULL - || RSA_size(rsa) > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) + || RSA_size(rsa)*8 > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) { SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_EXPORT_TMP_RSA_KEY); goto f_err; @@ -1969,7 +1969,7 @@ static int ssl3_check_cert_and_algorithm(SSL *s) if (algs & (SSL_kEDH|SSL_kDHr|SSL_kDHd)) { if (dh == NULL - || DH_size(dh) > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) + || DH_size(dh)*8 > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) { SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_EXPORT_TMP_DH_KEY); goto f_err; @@ -1357,8 +1357,8 @@ const char *SSL_alert_type_string(int value); const char *SSL_alert_desc_string_long(int value); const char *SSL_alert_desc_string(int value); -void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *list); -void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *list); +void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *name_list); +void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list); STACK_OF(X509_NAME) *SSL_get_client_CA_list(SSL *s); STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(SSL_CTX *s); int SSL_add_client_CA(SSL *ssl,X509 *x); diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index 38a458f9b8..127b86a21e 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -514,12 +514,12 @@ int ssl_verify_cert_chain(SSL *s,STACK_OF(X509) *sk) return(i); } -static void set_client_CA_list(STACK_OF(X509_NAME) **ca_list,STACK_OF(X509_NAME) *list) +static void set_client_CA_list(STACK_OF(X509_NAME) **ca_list,STACK_OF(X509_NAME) *name_list) { if (*ca_list != NULL) sk_X509_NAME_pop_free(*ca_list,X509_NAME_free); - *ca_list=list; + *ca_list=name_list; } STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) *sk) @@ -541,14 +541,14 @@ STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) *sk) return(ret); } -void SSL_set_client_CA_list(SSL *s,STACK_OF(X509_NAME) *list) +void SSL_set_client_CA_list(SSL *s,STACK_OF(X509_NAME) *name_list) { - set_client_CA_list(&(s->client_CA),list); + set_client_CA_list(&(s->client_CA),name_list); } -void SSL_CTX_set_client_CA_list(SSL_CTX *ctx,STACK_OF(X509_NAME) *list) +void SSL_CTX_set_client_CA_list(SSL_CTX *ctx,STACK_OF(X509_NAME) *name_list) { - set_client_CA_list(&(ctx->client_CA),list); + set_client_CA_list(&(ctx->client_CA),name_list); } STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(SSL_CTX *ctx) diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index 585c70e4b3..8fc0d3e1b8 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -334,10 +334,10 @@ static unsigned long ssl_cipher_get_disabled(void) } static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method, - int num_of_ciphers, unsigned long mask, CIPHER_ORDER *list, + int num_of_ciphers, unsigned long mask, CIPHER_ORDER *co_list, CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p) { - int i, list_num; + int i, co_list_num; SSL_CIPHER *c; /* @@ -348,18 +348,18 @@ static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method, */ /* Get the initial list of ciphers */ - list_num = 0; /* actual count of ciphers */ + co_list_num = 0; /* actual count of ciphers */ for (i = 0; i < num_of_ciphers; i++) { c = ssl_method->get_cipher(i); /* drop those that use any of that is not available */ if ((c != NULL) && c->valid && !(c->algorithms & mask)) { - list[list_num].cipher = c; - list[list_num].next = NULL; - list[list_num].prev = NULL; |