diff options
| author | Matt Caswell <matt@openssl.org> | 2015-05-12 12:14:13 +0100 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2015-05-13 15:08:10 +0100 |
| commit | e36827f6d10ed64abb1b374b6f11b79225d04205 (patch) | |
| tree | 43f81b81c0ba112dd6e5d231ec50e5c1e9806a18 | |
| parent | 60b3d36df3625fad66b53ccc32dc31818cf3048e (diff) | |
Remove remaining Kerberos references
Following on from the removal of libcrypto and libssl support for Kerberos
this commit removes all remaining references to Kerberos.
Reviewed-by: Rich Salz <rsalz@openssl.org>
| -rwxr-xr-x | Configure | 103 | ||||
| -rw-r--r-- | INSTALL.VMS | 2 | ||||
| -rw-r--r-- | Makefile.org | 8 | ||||
| -rwxr-xr-x | config | 21 | ||||
| -rw-r--r-- | crypto/crypto-lib.com | 3 | ||||
| -rwxr-xr-x | crypto/install-crypto.com | 3 | ||||
| -rw-r--r-- | doc/standards.txt | 3 | ||||
| -rw-r--r-- | include/openssl/safestack.h | 50 | ||||
| -rw-r--r-- | include/openssl/store.h | 3 | ||||
| -rwxr-xr-x | makevms.com | 9 | ||||
| -rw-r--r-- | test/Makefile | 11 | ||||
| -rwxr-xr-x | util/clean-depend.pl | 2 | ||||
| -rwxr-xr-x | util/domd | 4 | ||||
| -rw-r--r-- | util/indent.pro | 31 | ||||
| -rwxr-xr-x | util/libeay.num | 132 | ||||
| -rwxr-xr-x | util/mk1mf.pl | 25 | ||||
| -rwxr-xr-x | util/mkdef.pl | 7 | ||||
| -rwxr-xr-x | util/mkfiles.pl | 1 |
18 files changed, 113 insertions, 305 deletions
@@ -14,7 +14,7 @@ use File::Spec::Functions; # see INSTALL for instructions. -my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [experimental-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-krb5] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--test-sanity] [--config=FILE] os/compiler[:flags]\n"; +my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [experimental-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--test-sanity] [--config=FILE] os/compiler[:flags]\n"; # Options: # @@ -30,18 +30,6 @@ my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [experimenta # default). This needn't be set in advance, you can # just as well use "make INSTALL_PREFIX=/whatever install". # -# --with-krb5-dir Declare where Kerberos 5 lives. The libraries are expected -# to live in the subdirectory lib/ and the header files in -# include/. A value is required. -# --with-krb5-lib Declare where the Kerberos 5 libraries live. A value is -# required. -# (Default: KRB5_DIR/lib) -# --with-krb5-include Declare where the Kerberos 5 header files live. A -# value is required. -# (Default: KRB5_DIR/include) -# --with-krb5-flavor Declare what flavor of Kerberos 5 is used. Currently -# supported values are "MIT" and "Heimdal". A value is required. -# # --test-sanity Make a number of sanity checks on the data in this file. # This is a debugging tool for OpenSSL developers. # @@ -59,7 +47,6 @@ my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [experimenta # no-asm do not use assembler # no-dso do not compile in any native shared-library methods. This # will ensure that all methods just return NULL. -# no-krb5 do not compile in any KRB5 library or code. # [no-]zlib [don't] compile support for zlib compression. # zlib-dynamic Like "zlib", but the zlib library is expected to be a shared # library and will be loaded in run-time by the OpenSSL library. @@ -782,7 +769,6 @@ my $no_threads=0; my $threads=0; my $no_shared=0; # but "no-shared" is default my $zlib=1; # but "no-zlib" is default -my $no_krb5=0; # but "no-krb5" is implied unless "--with-krb5-..." is used my $no_rfc3779=1; # but "no-rfc3779" is default my $no_asm=0; my $no_dso=0; @@ -856,7 +842,6 @@ my $openssl_thread_defines; my $openssl_sys_defines=""; my $openssl_other_defines; my $libs; -my $libkrb5=""; my $target; my $options; my $make_depend=0; @@ -1005,10 +990,6 @@ PROCESS_ARGS: { $install_prefix=$1; } - elsif (/^--with-krb5-(dir|lib|include|flavor)=(.*)$/) - { - $withargs{"krb5-".$1}=$2; - } elsif (/^--with-zlib-lib=(.*)$/) { $withargs{"zlib-lib"}=$1; @@ -1076,11 +1057,6 @@ if ($processor eq "386") $disabled{"sse2"} = "forced"; } -if (!defined($withargs{"krb5-flavor"}) || $withargs{"krb5-flavor"} eq "") - { - $disabled{"krb5"} = "krb5-flavor not specified"; - } - if (!defined($disabled{"zlib-dynamic"})) { # "zlib-dynamic" was specifically enabled, so enable "zlib" @@ -1223,19 +1199,14 @@ foreach (sort (keys %disabled)) $openssl_algorithm_defines .= "#define OPENSSL_NO_$ALGO\n"; print " OPENSSL_NO_$ALGO"; - if (/^krb5$/) - { $no_krb5 = 1; } - else - { - push @skip, $algo; - # fix-up crypto/directory name(s) - $skip[$#skip]="whrlpool" if $algo eq "whirlpool"; - $skip[$#skip]="ripemd" if $algo eq "rmd160"; + push @skip, $algo; + # fix-up crypto/directory name(s) + $skip[$#skip]="whrlpool" if $algo eq "whirlpool"; + $skip[$#skip]="ripemd" if $algo eq "rmd160"; - print " (skip dir)"; + print " (skip dir)"; - $depflags .= " -DOPENSSL_NO_$ALGO"; - } + $depflags .= " -DOPENSSL_NO_$ALGO"; } } @@ -1354,62 +1325,6 @@ my $no_user_cflags=0; if ($flags ne "") { $cflags="$flags$cflags"; } else { $no_user_cflags=1; } -# Kerberos settings. The flavor must be provided from outside, either through -# the script "config" or manually. -if (!$no_krb5) - { - my ($lresolv, $lpath, $lext); - if ($withargs{"krb5-flavor"} =~ /^[Hh]eimdal$/) - { - die "Sorry, Heimdal is currently not supported\n"; - } - ##### HACK to force use of Heimdal. - ##### WARNING: Since we don't really have adequate support for Heimdal, - ##### using this will break the build. You'll have to make - ##### changes to the source, and if you do, please send - ##### patches to openssl-dev@openssl.org - if ($withargs{"krb5-flavor"} =~ /^force-[Hh]eimdal$/) - { - warn "Heimdal isn't really supported. Your build WILL break\n"; - warn "If you fix the problems, please send a patch to openssl-dev\@openssl.org\n"; - $withargs{"krb5-dir"} = "/usr/heimdal" - if $withargs{"krb5-dir"} eq ""; - $withargs{"krb5-lib"} = "-L".$withargs{"krb5-dir"}. - "/lib -lgssapi -lkrb5 -lcom_err" - if $withargs{"krb5-lib"} eq "" && !$IsMK1MF; - $cflags="-DKRB5_HEIMDAL $cflags"; - } - if ($withargs{"krb5-flavor"} =~ /^[Mm][Ii][Tt]/) - { - $withargs{"krb5-dir"} = "/usr/kerberos" - if $withargs{"krb5-dir"} eq ""; - $withargs{"krb5-lib"} = "-L".$withargs{"krb5-dir"}. - "/lib -lgssapi_krb5 -lkrb5 -lcom_err -lk5crypto" - if $withargs{"krb5-lib"} eq "" && !$IsMK1MF; - $cflags="-DKRB5_MIT $cflags"; - $withargs{"krb5-flavor"} =~ s/^[Mm][Ii][Tt][._-]*//; - if ($withargs{"krb5-flavor"} =~ /^1[._-]*[01]/) - { - $cflags="-DKRB5_MIT_OLD11 $cflags"; - } - } - LRESOLV: - foreach $lpath ("/lib", "/usr/lib") - { - foreach $lext ("a", "so") - { - $lresolv = "$lpath/libresolv.$lext"; - last LRESOLV if (-r "$lresolv"); - $lresolv = ""; - } - } - $withargs{"krb5-lib"} .= " -lresolv" - if ("$lresolv" ne ""); - $withargs{"krb5-include"} = "-I".$withargs{"krb5-dir"}."/include" - if $withargs{"krb5-include"} eq "" && - $withargs{"krb5-dir"} ne ""; - } - # The DSO code currently always implements all functions so that no # applications will have to worry about that from a compilation point # of view. However, the "method"s may return zero unless that platform @@ -1827,8 +1742,6 @@ while (<IN>) s/^PROCESSOR=.*/PROCESSOR= $processor/; s/^ARFLAGS=.*/ARFLAGS= $arflags/; s/^PERL=.*/PERL= $perl/; - s/^KRB5_INCLUDES=.*/KRB5_INCLUDES=$withargs{"krb5-include"}/; - s/^LIBKRB5=.*/LIBKRB5=$withargs{"krb5-lib"}/; s/^LIBZLIB=.*/LIBZLIB=$withargs{"zlib-lib"}/; s/^ZLIB_INCLUDE=.*/ZLIB_INCLUDE=$withargs{"zlib-include"}/; s/^FIPSLIBDIR=.*/FIPSLIBDIR=$fipslibdir/; @@ -1887,8 +1800,6 @@ print "PROCESSOR =$processor\n"; print "RANLIB =$ranlib\n"; print "ARFLAGS =$arflags\n"; print "PERL =$perl\n"; -print "KRB5_INCLUDES =",$withargs{"krb5-include"},"\n" - if $withargs{"krb5-include"} ne ""; my $des_ptr=0; my $des_risc1=0; diff --git a/INSTALL.VMS b/INSTALL.VMS index 132b2e7173..084b279da8 100644 --- a/INSTALL.VMS +++ b/INSTALL.VMS @@ -134,7 +134,7 @@ Currently, the logical names supported are: disabling it is supported. Supported algorithms to do this with are: AES, BF, CAMELLIA, CAST, CMS, COMP, DES, DGRAM, DH, DSA, EC, EC2M, ECDH, ECDSA, ENGINE, - ERR, GOST, HEARTBEATS, HMAC, IDEA, KRB5, MD2, MD4, + ERR, GOST, HEARTBEATS, HMAC, IDEA, MD2, MD4, MD5, OCB, OCSP, PSK, RC2, RC4, RC5, RMD160, RSA, SCTP, SEED, SOCK, SRP, SRTP, TLSEXT, WHIRLPOOL. So, for example, having the logical name OPENSSL_NO_RSA with diff --git a/Makefile.org b/Makefile.org index 6e32d5beb6..69baf489cb 100644 --- a/Makefile.org +++ b/Makefile.org @@ -219,7 +219,6 @@ BUILDENV= PLATFORM='$(PLATFORM)' PROCESSOR='$(PROCESSOR)' \ DEPFLAG='-DOPENSSL_NO_DEPRECATED $(DEPFLAG)' \ MAKEDEPPROG='$(MAKEDEPPROG)' \ SHARED_LDFLAGS='$(SHARED_LDFLAGS)' \ - KRB5_INCLUDES='$(KRB5_INCLUDES)' LIBKRB5='$(LIBKRB5)' \ ZLIB_INCLUDE='$(ZLIB_INCLUDE)' LIBZLIB='$(LIBZLIB)' \ EXE_EXT='$(EXE_EXT)' SHARED_LIBS='$(SHARED_LIBS)' \ SHLIB_EXT='$(SHLIB_EXT)' SHLIB_TARGET='$(SHLIB_TARGET)' \ @@ -340,9 +339,6 @@ build-shared: do_$(SHLIB_TARGET) link-shared do_$(SHLIB_TARGET): @ set -e; libs='-L. $(SHLIBDEPS)'; for i in $(SHLIBDIRS); do \ - if [ "$$i" = "ssl" -a -n "$(LIBKRB5)" ]; then \ - libs="$(LIBKRB5) $$libs"; \ - fi; \ $(CLEARENV) && $(MAKE) -f Makefile.shared -e $(BUILDENV) \ LIBNAME=$$i LIBVERSION=$(SHLIB_MAJOR).$(SHLIB_MINOR) \ LIBCOMPATVERSIONS=";$(SHLIB_VERSION_HISTORY)" \ @@ -363,7 +359,7 @@ libcrypto.pc: Makefile echo 'Requires: '; \ echo 'Libs: -L$${libdir} -lcrypto'; \ echo 'Libs.private: $(EX_LIBS)'; \ - echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libcrypto.pc + echo 'Cflags: -I$${includedir}' ) > libcrypto.pc libssl.pc: Makefile @ ( echo 'prefix=$(INSTALLTOP)'; \ @@ -377,7 +373,7 @@ libssl.pc: Makefile echo 'Requires.private: libcrypto'; \ echo 'Libs: -L$${libdir} -lssl'; \ echo 'Libs.private: $(EX_LIBS)'; \ - echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libssl.pc + echo 'Cflags: -I$${includedir}' ) > libssl.pc openssl.pc: Makefile @ ( echo 'prefix=$(INSTALLTOP)'; \ @@ -873,27 +873,6 @@ do fi done -# Discover Kerberos 5 (since it's still a prototype, we don't -# do any guesses yet, that's why this section is commented away. -#if [ -d /usr/kerberos ]; then -# krb5_dir=/usr/kerberos -# if [ \( -f $krb5_dir/lib/libgssapi_krb5.a -o -f $krb5_dir/lib/libgssapi_krb5.so* \)\ -# -a \( -f $krb5_dir/lib/libkrb5.a -o -f $krb5_dir/lib/libkrb5.so* \)\ -# -a \( -f $krb5_dir/lib/libcom_err.a -o -f $krb5_dir/lib/libcom_err.so* \)\ -# -a \( -f $krb5_dir/lib/libk5crypto.a -o -f $krb5_dir/lib/libk5crypto.so* \)\ -# -a \( -f $krb5_dir/include/krb5.h \) ]; then -# options="$options --with-krb5-flavor=MIT" -# fi -#elif [ -d /usr/heimdal ]; then -# krb5_dir=/usr/heimdal -# if [ \( -f $krb5_dir/lib/libgssapi.a -o -f $krb5_dir/lib/libgssapi.so* \)\ -# -a \( -f $krb5_dir/lib/libkrb5.a -o -f $krb5_dir/lib/libkrb5.so* \)\ -# -a \( -f $krb5_dir/lib/libcom_err.a -o -f $krb5_dir/lib/libcom_err.so* \)\ -# -a \( -f $krb5_dir/include/krb5.h \) ]; then -# options="$options --with-krb5-flavor=Heimdal" -# fi -#fi - if [ -z "$OUT" ]; then OUT="$CC" fi diff --git a/crypto/crypto-lib.com b/crypto/crypto-lib.com index 02f874190c..5a2694dcfa 100644 --- a/crypto/crypto-lib.com +++ b/crypto/crypto-lib.com @@ -127,7 +127,7 @@ $ ENCRYPT_TYPES = "Basic,"+ - "DES,AES,RC2,RC4,RC5,IDEA,BF,CAST,CAMELLIA,SEED,MODES,"+ - "BN,EC,RSA,DSA,ECDSA,DH,ECDH,DSO,ENGINE,"+ - "BUFFER,BIO,STACK,LHASH,RAND,ERR,"+ - - "EVP,ASN1,PEM,X509,X509V3,CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP,UI,KRB5,"+ - + "EVP,ASN1,PEM,X509,X509V3,CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP,UI,"+ - "CMS,PQUEUE,TS,JPAKE,SRP,STORE,CMAC" $ ENDIF $! @@ -343,7 +343,6 @@ $ LIB_COMP = "comp_lib,comp_err,"+ - $ LIB_OCSP = "ocsp_asn,ocsp_ext,ocsp_ht,ocsp_lib,ocsp_cl,"+ - "ocsp_srv,ocsp_prn,ocsp_vfy,ocsp_err,v3_ocsp" $ LIB_UI = "ui_err,ui_lib,ui_openssl,ui_util" -$ LIB_KRB5 = "krb5_asn" $ LIB_CMS = "cms_lib,cms_asn1,cms_att,cms_io,cms_smime,cms_err,"+ - "cms_sd,cms_dd,cms_cd,cms_env,cms_enc,cms_ess,"+ - "cms_pwri,cms_kari" diff --git a/crypto/install-crypto.com b/crypto/install-crypto.com index 7734f945a8..5b011f6c02 100755 --- a/crypto/install-crypto.com +++ b/crypto/install-crypto.com @@ -80,7 +80,7 @@ $ sdirs := , - bn, ec, rsa, dsa, ecdsa, dh, ecdh, dso, engine, - buffer, bio, stack, lhash, rand, err, - evp, asn1, pem, x509, x509v3, conf, txt_db, pkcs7, pkcs12, comp, ocsp, - - ui, krb5, - + ui, - cms, pqueue, ts, jpake, srp, store, cmac $! $ exheader_ := crypto.h, opensslv.h, ebcdic.h, symhacks.h, ossl_typ.h @@ -132,7 +132,6 @@ $ exheader_pkcs12 := pkcs12.h $ exheader_comp := comp.h $ exheader_ocsp := ocsp.h $ exheader_ui := ui.h -$ exheader_krb5 := krb5_asn.h $ exheader_cms := cms.h $ exheader_pqueue := pqueue.h $ exheader_ts := ts.h diff --git a/doc/standards.txt b/doc/standards.txt index 691fafedde..d28b167d4a 100644 --- a/doc/standards.txt +++ b/doc/standards.txt @@ -34,9 +34,6 @@ PKCS#12: Personal Information Exchange Syntax Standard, version 1.0. 2560 X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP -2712 Addition of Kerberos Cipher Suites to Transport Layer Security - (TLS) - 2898 PKCS #5: Password-Based Cryptography Specification Version 2.0 2986 PKCS #10: Certification Request Syntax Specification Version 1.7 diff --git a/include/openssl/safestack.h b/include/openssl/safestack.h index 388f4094ce..9e10c108cb 100644 --- a/include/openssl/safestack.h +++ b/include/openssl/safestack.h @@ -2068,6 +2068,31 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_BLOCK, void) # define sk_void_sort(st) SKM_sk_sort(void, (st)) # define sk_void_is_sorted(st) SKM_sk_is_sorted(void, (st)) +# define sk_OPENSSL_PSTRING_new(cmp) ((STACK_OF(OPENSSL_PSTRING) *)sk_new(CHECKED_SK_CMP_FUNC(OPENSSL_STRING, cmp))) +# define sk_OPENSSL_PSTRING_new_null() ((STACK_OF(OPENSSL_PSTRING) *)sk_new_null()) +# define sk_OPENSSL_PSTRING_push(st, val) sk_push(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val)) +# define sk_OPENSSL_PSTRING_find(st, val) sk_find(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val)) +# define sk_OPENSSL_PSTRING_value(st, i) ((OPENSSL_PSTRING)sk_value(CHECKED_STACK_OF(OPENSSL_PSTRING, st), i)) +# define sk_OPENSSL_PSTRING_num(st) SKM_sk_num(OPENSSL_PSTRING, st) +# define sk_OPENSSL_PSTRING_pop_free(st, free_func) sk_pop_free(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_SK_FREE_FUNC(OPENSSL_STRING, free_func)) +# define sk_OPENSSL_PSTRING_deep_copy(st, copy_func, free_func) ((STACK_OF(OPENSSL_PSTRING) *)sk_deep_copy(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_SK_COPY_FUNC(OPENSSL_STRING, copy_func), CHECKED_SK_FREE_FUNC(OPENSSL_STRING, free_func))) +# define sk_OPENSSL_PSTRING_insert(st, val, i) sk_insert(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val), i) +# define sk_OPENSSL_PSTRING_free(st) SKM_sk_free(OPENSSL_PSTRING, st) +# define sk_OPENSSL_PSTRING_set(st, i, val) sk_set(CHECKED_STACK_OF(OPENSSL_PSTRING, st), i, CHECKED_PTR_OF(OPENSSL_STRING, val)) +# define sk_OPENSSL_PSTRING_zero(st) SKM_sk_zero(OPENSSL_PSTRING, (st)) +# define sk_OPENSSL_PSTRING_unshift(st, val) sk_unshift(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val)) +# define sk_OPENSSL_PSTRING_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_CONST_PTR_OF(OPENSSL_STRING, val)) +# define sk_OPENSSL_PSTRING_delete(st, i) SKM_sk_delete(OPENSSL_PSTRING, (st), (i)) +# define sk_OPENSSL_PSTRING_delete_ptr(st, ptr) (OPENSSL_PSTRING *)sk_delete_ptr(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, ptr)) +# define sk_OPENSSL_PSTRING_set_cmp_func(st, cmp) \ + ((int (*)(const OPENSSL_STRING * const *,const OPENSSL_STRING * const *)) \ + sk_set_cmp_func(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_SK_CMP_FUNC(OPENSSL_STRING, cmp))) +# define sk_OPENSSL_PSTRING_dup(st) SKM_sk_dup(OPENSSL_PSTRING, st) +# define sk_OPENSSL_PSTRING_shift(st) SKM_sk_shift(OPENSSL_PSTRING, (st)) +# define sk_OPENSSL_PSTRING_pop(st) (OPENSSL_STRING *)sk_pop(CHECKED_STACK_OF(OPENSSL_PSTRING, st)) +# define sk_OPENSSL_PSTRING_sort(st) SKM_sk_sort(OPENSSL_PSTRING, (st)) +# define sk_OPENSSL_PSTRING_is_sorted(st) SKM_sk_is_sorted(OPENSSL_PSTRING, (st)) + # define sk_OPENSSL_STRING_new(cmp) ((STACK_OF(OPENSSL_STRING) *)sk_new(CHECKED_SK_CMP_FUNC(char, cmp))) # define sk_OPENSSL_STRING_new_null() ((STACK_OF(OPENSSL_STRING) *)sk_new_null()) # define sk_OPENSSL_STRING_push(st, val) sk_push(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, val)) @@ -2118,31 +2143,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_BLOCK, void) # define sk_OPENSSL_BLOCK_sort(st) SKM_sk_sort(OPENSSL_BLOCK, (st)) # define sk_OPENSSL_BLOCK_is_sorted(st) SKM_sk_is_sorted(OPENSSL_BLOCK, (st)) -# define sk_OPENSSL_PSTRING_new(cmp) ((STACK_OF(OPENSSL_PSTRING) *)sk_new(CHECKED_SK_CMP_FUNC(OPENSSL_STRING, cmp))) -# define sk_OPENSSL_PSTRING_new_null() ((STACK_OF(OPENSSL_PSTRING) *)sk_new_null()) -# define sk_OPENSSL_PSTRING_push(st, val) sk_push(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val)) -# define sk_OPENSSL_PSTRING_find(st, val) sk_find(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val)) -# define sk_OPENSSL_PSTRING_value(st, i) ((OPENSSL_PSTRING)sk_value(CHECKED_STACK_OF(OPENSSL_PSTRING, st), i)) -# define sk_OPENSSL_PSTRING_num(st) SKM_sk_num(OPENSSL_PSTRING, st) -# define sk_OPENSSL_PSTRING_pop_free(st, free_func) sk_pop_free(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_SK_FREE_FUNC(OPENSSL_STRING, free_func)) -# define sk_OPENSSL_PSTRING_deep_copy(st, copy_func, free_func) ((STACK_OF(OPENSSL_PSTRING) *)sk_deep_copy(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_SK_COPY_FUNC(OPENSSL_STRING, copy_func), CHECKED_SK_FREE_FUNC(OPENSSL_STRING, free_func))) -# define sk_OPENSSL_PSTRING_insert(st, val, i) sk_insert(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val), i) -# define sk_OPENSSL_PSTRING_free(st) SKM_sk_free(OPENSSL_PSTRING, st) -# define sk_OPENSSL_PSTRING_set(st, i, val) sk_set(CHECKED_STACK_OF(OPENSSL_PSTRING, st), i, CHECKED_PTR_OF(OPENSSL_STRING, val)) -# define sk_OPENSSL_PSTRING_zero(st) SKM_sk_zero(OPENSSL_PSTRING, (st)) -# define sk_OPENSSL_PSTRING_unshift(st, val) sk_unshift(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val)) -# define sk_OPENSSL_PSTRING_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_CONST_PTR_OF(OPENSSL_STRING, val)) -# define sk_OPENSSL_PSTRING_delete(st, i) SKM_sk_delete(OPENSSL_PSTRING, (st), (i)) -# define sk_OPENSSL_PSTRING_delete_ptr(st, ptr) (OPENSSL_PSTRING *)sk_delete_ptr(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, ptr)) -# define sk_OPENSSL_PSTRING_set_cmp_func(st, cmp) \ - ((int (*)(const OPENSSL_STRING * const *,const OPENSSL_STRING * const *)) \ - sk_set_cmp_func(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_SK_CMP_FUNC(OPENSSL_STRING, cmp))) -# define sk_OPENSSL_PSTRING_dup(st) SKM_sk_dup(OPENSSL_PSTRING, st) -# define sk_OPENSSL_PSTRING_shift(st) SKM_sk_shift(OPENSSL_PSTRING, (st)) -# define sk_OPENSSL_PSTRING_pop(st) (OPENSSL_STRING *)sk_pop(CHECKED_STACK_OF(OPENSSL_PSTRING, st)) -# define sk_OPENSSL_PSTRING_sort(st) SKM_sk_sort(OPENSSL_PSTRING, (st)) -# define sk_OPENSSL_PSTRING_is_sorted(st) SKM_sk_is_sorted(OPENSSL_PSTRING, (st)) - # define lh_ADDED_OBJ_new() LHM_lh_new(ADDED_OBJ,added_obj) # define lh_ADDED_OBJ_insert(lh,inst) LHM_lh_insert(ADDED_OBJ,lh,inst) # define lh_ADDED_OBJ_retrieve(lh,inst) LHM_lh_retrieve(ADDED_OBJ,lh,inst) diff --git a/include/openssl/store.h b/include/openssl/store.h index cd07b26d4b..b732eefa52 100644 --- a/include/openssl/store.h +++ b/include/openssl/store.h @@ -180,8 +180,7 @@ typedef enum STORE_params { STORE_PARAM_KEY_PARAMETERS = 0x03, /* ??? */ STORE_PARAM_KEY_NO_PARAMETERS = 0x04, /* N/A */ STORE_PARAM_AUTH_PASSPHRASE = 0x05, /* char * */ - STORE_PARAM_AUTH_KRB5_TICKET = 0x06, /* void * */ - STORE_PARAM_TYPE_NUM = 0x06 /* The amount of known parameter types */ + STORE_PARAM_TYPE_NUM = 0x05 /* The amount of known parameter types */ } STORE_PARAM_TYPES; /* * Parameter value sizes. -1 means unknown, anything else is the required diff --git a/makevms.com b/makevms.com index fc7c0a44de..37efdc8041 100755 --- a/makevms.com +++ b/makevms.com @@ -249,7 +249,7 @@ $ SDIRS := - des,aes,rc2,rc4,rc5,idea,bf,cast,camellia,seed,modes,- bn,ec,rsa,dsa,ecdsa,dh,ecdh,dso,engine,- buffer,bio,stack,lhash,rand,err,- - evp,asn1,pem,x509,x509v3,conf,txt_db,pkcs7,pkcs12,comp,ocsp,ui,krb5,- + evp,asn1,pem,x509,x509v3,conf,txt_db,pkcs7,pkcs12,comp,ocsp,ui,- cms,pqueue,ts,jpake,srp,store,cmac $ $! One of the best way to figure out what the list should be is to do @@ -281,7 +281,6 @@ $ CONFIG_LOGICALS := AES,- HMAC,- IDEA,- JPAKE,- - KRB5,- MD2,- MD4,- MD5,- @@ -339,7 +338,6 @@ $ CONFIG_DISABLE_RULES := RIJNDAEL/AES;- DH/GOST;- TLSEXT/SRP,HEARTBEAT;- /STATIC_ENGINE;- - /KRB5;- /DEPRECATED;- /EC_NISTP_64_GCC_128;- /GMP;- @@ -774,7 +772,7 @@ $ HEADER_SDIRS := , - BN, EC, RSA, DSA, ECDSA, DH, ECDH, DSO, ENGINE, - BUFFER, BIO, STACK, LHASH, RAND, ERR, - EVP, ASN1, PEM, X509, X509V3, CONF, TXT_DB, PKCS7, PKCS12, - - COMP, OCSP, UI, KRB5, - + COMP, OCSP, UI, - CMS, PQUEUE, TS, JPAKE, SRP, STORE, CMAC $! $ EXHEADER_ := crypto.h, opensslv.h, ebcdic.h, symhacks.h, ossl_typ.h @@ -826,7 +824,6 @@ $ EXHEADER_PKCS12 := pkcs12.h $ EXHEADER_COMP := comp.h $ EXHEADER_OCSP := ocsp.h $ EXHEADER_UI := ui.h -$ EXHEADER_KRB5 := krb5_asn.h $ EXHEADER_CMS := cms.h $ EXHEADER_PQUEUE := pqueue.h $ EXHEADER_TS := ts.h @@ -850,7 +847,7 @@ $! $! Copy All The ".H" Files From The [.SSL] Directory. $! $! (keep these in the same order as ssl/Makefile) -$ EXHEADER := ssl.h, ssl2.h, ssl3.h, ssl23.h, tls1.h, dtls1.h, kssl.h, srtp.h +$ EXHEADER := ssl.h, ssl2.h, ssl3.h, ssl23.h, tls1.h, dtls1.h, srtp.h $ copy sys$disk:[.ssl]'exheader' sys$disk:[.include.openssl] $! $! Purge the [.include.openssl] header files. diff --git a/test/Makefile b/test/Makefile index 695bb3273f..4c1d9d0393 100644 --- a/test/Makefile +++ b/test/Makefile @@ -5,13 +5,10 @@ DIR= test TOP= .. CC= cc -INCLUDES= -I$(TOP) -I../include -I../crypto/include $(KRB5_INCLUDES) -I$(TOP)/fips +INCLUDES= -I$(TOP) -I../include -I../crypto/include -I$(TOP)/fips CFLAG= -g MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) PERL= perl -# KRB5 stuff -KRB5_INCLUDES= -LIBKRB5= PEX_LIBS= EX_LIBS= #-lnsl -lsocket @@ -419,14 +416,14 @@ $(DLIBCRYPTO): BUILD_CMD=shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \ shlib_target="$(SHLIB_TARGET)"; \ fi; \ - LIBRARIES="$(LIBSSL) $(LIBCRYPTO) $(LIBKRB5)"; \ + LIBRARIES="$(LIBSSL) $(LIBCRYPTO)"; \ $(MAKE) -f $(TOP)/Makefile.shared -e \ APPNAME=$$target$(EXE_EXT) OBJECTS="$$target.o $$testutil" \ LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \ link_app.$${shlib_target} BUILD_CMD_STATIC=shlib_target=; \ - LIBRARIES="$(DLIBSSL) $(DLIBCRYPTO) $(LIBKRB5)"; \ + LIBRARIES="$(DLIBSSL) $(DLIBCRYPTO)"; \ $(MAKE) -f $(TOP)/Makefile.shared -e \ APPNAME=$$target$(EXE_EXT) OBJECTS="$$target.o $$testutil" \ LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \ @@ -478,7 +475,7 @@ FIPS_BUILD_CMD=shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \ FIPS_CRYPTO_BUILD_CMD=shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \ shlib_target="$(SHLIB_TARGET)"; \ fi; \ - LIBRARIES="$(LIBSSL) $(LIBCRYPTO) $(LIBKRB5)"; \ + LIBRARIES="$(LIBSSL) $(LIBCRYPTO)"; \ if [ -z "$(SHARED_LIBS)" -a -n "$(FIPSCANLIB)" ] ; then \ FIPSLD_CC="$(CC)"; CC=$(TOP)/fips/fipsld; export CC FIPSLD_CC; \ fi; \ diff --git a/util/clean-depend.pl b/util/clean-depend.pl index d3525b0ed0..04d86b6d09 100755 --- a/util/clean-depend.pl +++ b/util/clean-depend.pl @@ -23,8 +23,6 @@ while(<STDIN>) { @deps=grep(!/^\//,@deps); @deps=grep(!/^\\$/,@deps); @deps=grep(!/^$origfile$/,@deps); -# pull out the kludged kerberos header (if present). - @deps=grep(!/^[.\/]+\/krb5.h/,@deps); push @{$files{$thisfile}},@deps; } @@ -12,8 +12,6 @@ fi if [ "$MAKEDEPEND" = "" ]; then MAKEDEPEND=makedepend; fi cp Makefile Makefile.save -# fake the presence of Kerberos -touch $TOP/krb5.h if expr "$MAKEDEPEND" : '.*cc' > /dev/null; then args="" while [ $# -gt 0 ]; do @@ -32,7 +30,5 @@ else RC=$? fi mv Makefile.new Makefile -# unfake the presence of Kerberos -rm $TOP/krb5.h exit $RC diff --git a/util/indent.pro b/util/indent.pro index 2a7c1b7b44..5a6d452924 100644 --- a/util/indent.pro +++ b/util/indent.pro @@ -305,14 +305,6 @@ -T JPAKE_STEP_PART -T JPAKE_ZKP -T KEY_TABLE_TYPE --T KRB5_APREQBODY --T KRB5_AUTHDATA --T KRB5_AUTHENTBODY --T KRB5_CHECKSUM --T KRB5_ENCDATA --T KRB5_ENCKEY --T KRB5_PRINCNAME --T KRB5_TKTBODY -T LHASH -T LHASH_COMP_FN_TYPE -T LHASH_DOALL_ARG_FN_TYPE @@ -650,9 +642,6 @@ -T STACK_OF_GENERAL_SUBTREE_ -T STACK_OF_IPAddressFamily_ -T STACK_OF_IPAddressOrRange_ --T STACK_OF_KRB5_APREQBODY_ --T STACK_OF_KRB5_AUTHENTBODY_ --T STACK_OF_KRB5_TKTBODY_ -T STACK_OF_MEM_OBJECT_DATA_ -T STACK_OF_MIME_HEADER_ -T STACK_OF_MIME_PARAM_ @@ -719,26 +708,6 @@ -T clock_t -T custom_ext_methods -T hm_fragment --T krb5_auth_context --T krb5_authdata --T KRB5_CALLCONV --T krb5_ccache --T krb5_context --T krb5_creds --T krb5_data --T krb5_deltat --T krb5_flags --T krb5_int32 --T krb5_keyblock --T krb5_keytab --T krb5_keytab_entry --T krb5_octet --T krb5_principal --T krb5_principal_data --T krb5_rcache --T krb5_ticket --T krb5_ticket_times --T krb5_timestamp -T record_pqueue -T ssl_ctx_st -T ssl_flag_tbl diff --git a/util/libeay.num b/util/libeay.num index b3dcd5d978..d41686fea4 100755 --- a/util/libeay.num +++ b/util/libeay.num @@ -1950,8 +1950,8 @@ ASN1_UTF8STRING_it 2527 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTI ENGINE_unregister_ciphers 2528 EXIST::FUNCTION:ENGINE ENGINE_get_ciphers 2529 EXIST::FUNCTION:ENGINE d2i_OCSP_BASICRESP 2530 EXIST::FUNCTION: -KRB5_CHECKSUM_it 2531 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -KRB5_CHECKSUM_it 2531 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +KRB5_CHECKSUM_it 2531 NOEXIST::FUNCTION: +KRB5_CHECKSUM_it 2531 NOEXIST::FUNCTION: EC_POINT_add 2532 EXIST::FUNCTION:EC ASN1_item_ex_i2d 2533 EXIST::FUNCTION: OCSP_CERTID_it 2534 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: @@ -1982,8 +1982,8 @@ OCSP_SIGNATURE_it 2554 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTI X509_CRL_it 2555 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: X509_CRL_it 2555 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: OCSP_BASICRESP_add_ext 2556 EXIST::FUNCTION: -KRB5_ENCKEY_it 2557 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -KRB5_ENCKEY_it 2557 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +KRB5_ENCKEY_it 2557 NOEXIST::FUNCTION: +KRB5_ENCKEY_it 2557 NOEXIST::FUNCTION: UI_method_set_closer 2558 EXIST::FUNCTION: X509_STORE_set_purpose 2559 EXIST::FUNCTION: i2d_ASN1_GENERALSTRING 2560 EXIST::FUNCTION: @@ -1996,11 +1996,11 @@ _ossl_old_des_random_key 2566 NOEXIST::FUNCTION: ASN1_T61STRING_it 2567 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: ASN1_T61STRING_it 2567 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: EC_GROUP_method_of 2568 EXIST::FUNCTION:EC -i2d_KRB5_APREQ 2569 EXIST::FUNCTION: +i2d_KRB5_APREQ 2569 NOEXIST::FUNCTION: _ossl_old_des_encrypt 2570 NOEXIST::FUNCTION: ASN1_PRINTABLE_new 2571 EXIST::FUNCTION: HMAC_Init_ex 2572 EXIST::FUNCTION: -d2i_KRB5_AUTHENT 2573 EXIST::FUNCTION: +d2i_KRB5_AUTHENT 2573 NOEXIST::FUNCTION: OCSP_archive_cutoff_new 2574 EXIST::FUNCTION: EC_POINT_set_Jprojective_coordinates_GFp 2575 EXIST:!VMS:FUNCTION:EC EC_POINT_set_Jproj_coords_GFp 2575 EXIST:VMS:FUNCTION:EC @@ -2017,11 +2017,11 @@ ENGINE_register_DH 2584 EXIST::FUNCTION:ENGINE UI_construct_prompt 2585 EXIST::FUNCTION: X509_STORE_set_trust 2586 EXIST::FUNCTION: UI_dup_input_string 2587 EXIST::FUNCTION: -d2i_KRB5_APREQ 2588 EXIST::FUNCTION: +d2i_KRB5_APREQ 2588 NOEXIST::FUNCTION: EVP_MD_CTX_copy_ex 2589 EXIST::FUNCTION: OCSP_request_is_signed 2590 EXIST::FUNCTION: i2d_OCSP_REQINFO 2591 EXIST::FUNCTION: -KRB5_ENCKEY_free 2592 EXIST::FUNCTION: +KRB5_ENCKEY_free 2592 NOEXIST::FUNCTION: OCSP_resp_get0 2593 EXIST::FUNCTION: GENERAL_NAME_it 2594 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: GENERAL_NAME_it 2594 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: @@ -2059,10 +2059,10 @@ ENGINE_register_ciphers 2620 EXIST::FUNCTION:ENGINE BN_mod_lshift_quick 2621 EXIST::FUNCTION: DSO_set_filename 2622 EXIST::FUNCTION: ASN1_item_free 2623 EXIST::FUNCTION: -KRB5_TKTBODY_free 2624 EXIST::FUNCTION: +KRB5_TKTBODY_free 2624 NOEXIST::FUNCTION: AUTHORITY_KEYID_it 2625 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: AUTHORITY_KEYID_it 2625 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -KRB5_APREQBODY_new 2626 EXIST::FUNCTION: +KRB5_APREQBODY_new 2626 NOEXIST::FUNCTION: X509V3_EXT_REQ_add_nconf 2627 EXIST::FUNCTION: ENGINE_ctrl_cmd_string 2628 EXIST::FUNCTION:ENGINE i2d_OCSP_RESPDATA 2629 EXIST::FUNCTION: @@ -2071,7 +2071,7 @@ EXTENDED_KEY_USAGE_free 2631 EXIST::FUNCTION: PKCS7_ATTR_SIGN_it 2632 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: PKCS7_ATTR_SIGN_it 2632 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: UI_add_error_string 2633 EXIST::FUNCTION: -KRB5_CHECKSUM_free 2634 EXIST::FUNCTION: +KRB5_CHECKSUM_free 2634 NOEXIST::FUNCTION: OCSP_REQUEST_get_ext 2635 EXIST::FUNCTION: ENGINE_load_ubsec 2636 EXIST::FUNCTION:ENGINE,STATIC_ENGINE ENGINE_register_all_digests 2637 EXIST::FUNCTION:ENGINE @@ -2085,7 +2085,7 @@ X509_REVOKED_it 2642 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIA X509_REVOKED_it 2642 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: ASN1_STRING_encode 2643 NOEXIST::FUNCTION: EVP_aes_128_ecb 2644 EXIST::FUNCTION:AES -KRB5_AUTHENT_free 2645 EXIST::FUNCTION: +KRB5_AUTHENT_free 2645 NOEXIST::FUNCTION: OCSP_BASICRESP_get_ext_by_critical 2646 EXIST:!VMS:FUNCTION: OCSP_BASICRESP_get_ext_by_crit 2646 EXIST:VMS:FUNCTION: OCSP_cert_status_str 2647 EXIST::FUNCTION: @@ -2113,7 +2113,7 @@ ENGINE_unregister_DSA 2665 EXIST::FUNCTION:ENGINE _ossl_old_des_key_sched 2666 NOEXIST::FUNCTION: X509_EXTENSION_it 2667 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: X509_EXTENSION_it 2667 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -i2d_KRB5_AUTHENT 2668 EXIST::FUNCTION: +i2d_KRB5_AUTHENT 2668 NOEXIST::FUNCTION: SXNETID_it 2669 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: SXNETID_it 2669 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: d2i_OCSP_SINGLERESP 2670 EXIST::FUNCTION: @@ -2123,7 +2123,7 @@ _ossl_old_des_ofb64_encrypt 2673 NOEXIST::FUNCTION: d2i_EXTENDED_KEY_USAGE 2674 EXIST::FUNCTION: ERR_print_errors_cb 2675 EXIST::FUNCTION: ENGINE_set_ciphers 2676 EXIST::FUNCTION:ENGINE -d2i_KRB5_APREQBODY 2677 EXIST::FUNCTION: |