diff options
| -rwxr-xr-x | Configure | 5 | ||||
| -rw-r--r-- | crypto/asn1/x_x509.c | 4 | ||||
| -rw-r--r-- | crypto/x509/x509_vfy.c | 2 | ||||
| -rw-r--r-- | crypto/x509v3/ext_dat.h | 2 | ||||
| -rw-r--r-- | crypto/x509v3/v3_addr.c | 3 | ||||
| -rw-r--r-- | crypto/x509v3/v3_asid.c | 3 | ||||
| -rw-r--r-- | crypto/x509v3/v3_purp.c | 4 | ||||
| -rw-r--r-- | include/openssl/x509.h | 2 | ||||
| -rw-r--r-- | include/openssl/x509v3.h | 2 | ||||
| -rwxr-xr-x | makevms.com | 1 | ||||
| -rwxr-xr-x | util/libeay.num | 134 | ||||
| -rwxr-xr-x | util/mkdef.pl | 6 |
12 files changed, 97 insertions, 71 deletions
@@ -769,7 +769,7 @@ my $no_threads=0; my $threads=0; my $no_shared=0; # but "no-shared" is default my $zlib=1; # but "no-zlib" is default -my $no_rfc3779=1; # but "no-rfc3779" is default +my $no_rfc3779=0; my $no_asm=0; my $no_dso=0; my $no_gmp=0; @@ -806,7 +806,6 @@ my %disabled = ( # "what" => "comment" [or special keyword "experimental "jpake" => "experimental", "md2" => "default", "rc5" => "default", - "rfc3779" => "default", "sctp" => "default", "shared" => "default", "ssl-trace" => "default", @@ -819,7 +818,7 @@ my @experimental = (); # This is what $depflags will look like with the above defaults # (we need this to see if we should advise the user to run "make depend"): -my $default_depflags = " -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_EC_NISTP_64_GCC_128 -DOPENSSL_NO_GMP -DOPENSSL_NO_JPAKE -DOPENSSL_NO_MD2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SCTP -DOPENSSL_NO_SSL_TRACE -DOPENSSL_NO_STORE -DOPENSSL_NO_UNIT_TEST"; +my $default_depflags = " -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_EC_NISTP_64_GCC_128 -DOPENSSL_NO_GMP -DOPENSSL_NO_JPAKE -DOPENSSL_NO_MD2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_SCTP -DOPENSSL_NO_SSL_TRACE -DOPENSSL_NO_STORE -DOPENSSL_NO_UNIT_TEST"; # Explicit "no-..." options will be collected in %disabled along with the defaults. # To remove something from %disabled, use "enable-foo" (unless it's experimental). diff --git a/crypto/asn1/x_x509.c b/crypto/asn1/x_x509.c index 17bbb913f6..6e7850cc05 100644 --- a/crypto/asn1/x_x509.c +++ b/crypto/asn1/x_x509.c @@ -95,8 +95,10 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, ret->ex_pathlen = -1; ret->skid = NULL; ret->akid = NULL; +#ifndef OPENSSL_NO_RFC3779 ret->rfc3779_addr = NULL; ret->rfc3779_asid = NULL; +#endif ret->aux = NULL; ret->crldp = NULL; CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data); @@ -116,8 +118,10 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, policy_cache_free(ret->policy_cache); GENERAL_NAMES_free(ret->altname); NAME_CONSTRAINTS_free(ret->nc); +#ifndef OPENSSL_NO_RFC3779 sk_IPAddressFamily_pop_free(ret->rfc3779_addr, IPAddressFamily_free); ASIdentifiers_free(ret->rfc3779_asid); +#endif OPENSSL_free(ret->name); break; diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c index bc48b8a334..6169db1e1c 100644 --- a/crypto/x509/x509_vfy.c +++ b/crypto/x509/x509_vfy.c @@ -485,6 +485,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx) if (!ok) goto end; +#ifndef OPENSSL_NO_RFC3779 /* RFC 3779 path validation, now that CRL check has been done */ ok = v3_asid_validate_path(ctx); if (!ok) @@ -492,6 +493,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx) ok = v3_addr_validate_path(ctx); if (!ok) goto end; +#endif /* If we get this far evaluate policies */ if (!bad_chain && (ctx->param->flags & X509_V_FLAG_POLICY_CHECK)) diff --git a/crypto/x509v3/ext_dat.h b/crypto/x509v3/ext_dat.h index d43c86c65f..9c3529b1ce 100644 --- a/crypto/x509v3/ext_dat.h +++ b/crypto/x509v3/ext_dat.h @@ -103,8 +103,10 @@ static const X509V3_EXT_METHOD *standard_exts[] = { #endif &v3_sxnet, &v3_info, +#ifndef OPENSSL_NO_RFC3779 &v3_addr, &v3_asid, +#endif #ifndef OPENSSL_NO_OCSP &v3_ocsp_nonce, &v3_ocsp_crlid, diff --git a/crypto/x509v3/v3_addr.c b/crypto/x509v3/v3_addr.c index 5c22c6d882..c1c38a0c88 100644 --- a/crypto/x509v3/v3_addr.c +++ b/crypto/x509v3/v3_addr.c @@ -69,6 +69,7 @@ #include <openssl/buffer.h> #include <openssl/x509v3.h> +#ifndef OPENSSL_NO_RFC3779 /* * OpenSSL ASN.1 template translation of RFC 3779 2.2.3. @@ -1339,3 +1340,5 @@ int v3_addr_validate_resource_set(STACK_OF(X509) *chain, return 0; return v3_addr_validate_path_internal(NULL, chain, ext); } + +#endif /* OPENSSL_NO_RFC3779 */ diff --git a/crypto/x509v3/v3_asid.c b/crypto/x509v3/v3_asid.c index f390c2d019..d40279a5d0 100644 --- a/crypto/x509v3/v3_asid.c +++ b/crypto/x509v3/v3_asid.c @@ -69,6 +69,7 @@ #include <openssl/x509.h> #include <openssl/bn.h> +#ifndef OPENSSL_NO_RFC3779 /* * OpenSSL ASN.1 template translation of RFC 3779 3.2.3. @@ -893,3 +894,5 @@ int v3_asid_validate_resource_set(STACK_OF(X509) *chain, return 0; return v3_asid_validate_path_internal(NULL, chain, ext); } + +#endif /* OPENSSL_NO_RFC3779 */ diff --git a/crypto/x509v3/v3_purp.c b/crypto/x509v3/v3_purp.c index b03c323dfc..61d97726dc 100644 --- a/crypto/x509v3/v3_purp.c +++ b/crypto/x509v3/v3_purp.c @@ -322,8 +322,10 @@ int X509_supported_extension(X509_EXTENSION *ex) NID_basic_constraints, /* 87 */ NID_certificate_policies, /* 89 */ NID_ext_key_usage, /* 126 */ +#ifndef OPENSSL_NO_RFC3779 NID_sbgp_ipAddrBlock, /* 290 */ NID_sbgp_autonomousSysNum, /* 291 */ +#endif NID_policy_constraints, /* 401 */ NID_proxyCertInfo, /* 663 */ NID_name_constraints, /* 666 */ @@ -503,9 +505,11 @@ static void x509v3_cache_extensions(X509 *x) x->ex_flags |= EXFLAG_INVALID; setup_crldp(x); +#ifndef OPENSSL_NO_RFC3779 x->rfc3779_addr = X509_get_ext_d2i(x, NID_sbgp_ipAddrBlock, NULL, NULL); x->rfc3779_asid = X509_get_ext_d2i(x, NID_sbgp_autonomousSysNum, NULL, NULL); +#endif for (i = 0; i < X509_get_ext_count(x); i++) { ex = X509_get_ext(x, i); if (OBJ_obj2nid(X509_EXTENSION_get_object(ex)) diff --git a/include/openssl/x509.h b/include/openssl/x509.h index 708a695876..02138cbc47 100644 --- a/include/openssl/x509.h +++ b/include/openssl/x509.h @@ -201,8 +201,10 @@ struct x509_st { STACK_OF(DIST_POINT) *crldp; STACK_OF(GENERAL_NAME) *altname; NAME_CONSTRAINTS *nc; +#ifndef OPENSSL_NO_RFC3779 STACK_OF(IPAddressFamily) *rfc3779_addr; struct ASIdentifiers_st *rfc3779_asid; +# endif unsigned char sha1_hash[SHA_DIGEST_LENGTH]; X509_CERT_AUX *aux; } /* X509 */ ; diff --git a/include/openssl/x509v3.h b/include/openssl/x509v3.h index 19fcb39883..280b9c143e 100644 --- a/include/openssl/x509v3.h +++ b/include/openssl/x509v3.h @@ -756,6 +756,7 @@ int X509V3_NAME_from_section(X509_NAME *nm, STACK_OF(CONF_VALUE) *dn_sk, void X509_POLICY_NODE_print(BIO *out, X509_POLICY_NODE *node, int indent); DECLARE_STACK_OF(X509_POLICY_NODE) +#ifndef OPENSSL_NO_RFC3779 typedef struct ASRange_st { ASN1_INTEGER *min, *max; } ASRange; @@ -898,6 +899,7 @@ int v3_asid_validate_resource_set(STACK_OF(X509) *chain, int v3_addr_validate_resource_set(STACK_OF(X509) *chain, IPAddrBlocks *ext, int allow_inheritance); +#endif /* OPENSSL_NO_RFC3779 */ /* BEGIN ERROR CODES */ /* * The following lines are auto generated by the script mkerr.pl. Any changes diff --git a/makevms.com b/makevms.com index c1c3060b67..35c44ecb39 100755 --- a/makevms.com +++ b/makevms.com @@ -292,6 +292,7 @@ $ CONFIG_LOGICALS := AES,- RC2,- RC4,- RC5,- + RFC3779,- RMD160,- RSA,- SCTP,- diff --git a/util/libeay.num b/util/libeay.num index fd8375da67..d7d4049fa6 100755 --- a/util/libeay.num +++ b/util/libeay.num @@ -3412,106 +3412,106 @@ EVP_camellia_256_cfb8 3810 EXIST::FUNCTION:CAMELLIA EVP_camellia_256_ecb 3811 EXIST::FUNCTION:CAMELLIA EVP_camellia_256_ofb 3812 EXIST::FUNCTION:CAMELLIA a2i_ipadd 3813 EXIST::FUNCTION: -ASIdentifiers_free 3814 EXIST::FUNCTION: -i2d_ASIdOrRange 3815 EXIST::FUNCTION: +ASIdentifiers_free 3814 EXIST::FUNCTION:RFC3779 +i2d_ASIdOrRange 3815 EXIST::FUNCTION:RFC3779 EVP_CIPHER_block_size 3816 EXIST::FUNCTION: -v3_asid_is_canonical 3817 EXIST::FUNCTION: -IPAddressChoice_free 3818 EXIST::FUNCTION: +v3_asid_is_canonical 3817 EXIST::FUNCTION:RFC3779 +IPAddressChoice_free 3818 EXIST::FUNCTION:RFC3779 EVP_CIPHER_CTX_set_app_data 3819 EXIST::FUNCTION: BIO_set_callback_arg 3820 EXIST::FUNCTION: -v3_addr_add_prefix 3821 EXIST::FUNCTION: -IPAddressOrRange_it 3822 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -IPAddressOrRange_it 3822 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +v3_addr_add_prefix 3821 EXIST::FUNCTION:RFC3779 +IPAddressOrRange_it 3822 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779 +IPAddressOrRange_it 3822 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779 BIO_set_flags 3823 EXIST::FUNCTION: -ASIdentifiers_it 3824 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -ASIdentifiers_it 3824 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -v3_addr_get_range 3825 EXIST::FUNCTION: +ASIdentifiers_it 3824 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779 +ASIdentifiers_it 3824 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779 +v3_addr_get_range 3825 EXIST::FUNCTION:RFC3779 BIO_method_type 3826 EXIST::FUNCTION: -v3_addr_inherits 3827 EXIST::FUNCTION: -IPAddressChoice_it 3828 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -IPAddressChoice_it 3828 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +v3_addr_inherits 3827 EXIST::FUNCTION:RFC3779 +IPAddressChoice_it 3828 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779 +IPAddressChoice_it 3828 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779 AES_ige_encrypt 3829 EXIST::FUNCTION:AES -v3_addr_add_range 3830 EXIST::FUNCTION: +v3_addr_add_range 3830 EXIST::FUNCTION:RFC3779 EVP_CIPHER_CTX_nid 3831 EXIST::FUNCTION: -d2i_ASRange 3832 EXIST::FUNCTION: -v3_addr_add_inherit 3833 EXIST::FUNCTION: -v3_asid_add_id_or_range 3834 EXIST::FUNCTION: -v3_addr_validate_resource_set 3835 EXIST::FUNCTION: +d2i_ASRange 3832 EXIST::FUNCTION:RFC3779 +v3_addr_add_inherit 3833 EXIST::FUNCTION:RFC3779 +v3_asid_add_id_or_range 3834 EXIST::FUNCTION:RFC3779 +v3_addr_validate_resource_set 3835 EXIST::FUNCTION:RFC3779 EVP_CIPHER_iv_length 3836 EXIST::FUNCTION: EVP_MD_type 3837 EXIST::FUNCTION: -v3_asid_canonize 3838 EXIST::FUNCTION: -IPAddressRange_free 3839 EXIST::FUNCTION: -v3_asid_add_inherit 3840 EXIST::FUNCTION: +v3_asid_canonize 3838 EXIST::FUNCTION:RFC3779 +IPAddressRange_free 3839 EXIST::FUNCTION:RFC3779 +v3_asid_add_inherit 3840 EXIST::FUNCTION:RFC3779 EVP_CIPHER_CTX_key_length 3841 EXIST::FUNCTION: -IPAddressRange_new 3842 EXIST::FUNCTION: -ASIdOrRange_new 3843 EXIST::FUNCTION: +IPAddressRange_new 3842 EXIST::FUNCTION:RFC3779 +ASIdOrRange_new 3843 EXIST::FUNCTION:RFC3779 EVP_MD_size 3844 EXIST::FUNCTION: EVP_MD_CTX_test_flags 3845 EXIST::FUNCTION: BIO_clear_flags 3846 EXIST::FUNCTION: -i2d_ASRange 3847 EXIST::FUNCTION: -IPAddressRange_it 3848 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -IPAddressRange_it 3848 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -IPAddressChoice_new 3849 EXIST::FUNCTION: -ASIdentifierChoice_new 3850 EXIST::FUNCTION: -ASRange_free 3851 EXIST::FUNCTION: +i2d_ASRange 3847 EXIST::FUNCTION:RFC3779 +IPAddressRange_it 3848 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779 +IPAddressRange_it 3848 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779 +IPAddressChoice_new 3849 EXIST::FUNCTION:RFC3779 +ASIdentifierChoice_new 3850 EXIST::FUNCTION:RFC3779 +ASRange_free 3851 EXIST::FUNCTION:RFC3779 EVP_MD_pkey_type 3852 EXIST::FUNCTION: EVP_MD_CTX_clear_flags 3853 EXIST::FUNCTION: -IPAddressFamily_free 3854 EXIST::FUNCTION: -i2d_IPAddressFamily 3855 EXIST::FUNCTION: -IPAddressOrRange_new 3856 EXIST::FUNCTION: +IPAddressFamily_free 3854 EXIST::FUNCTION:RFC3779 +i2d_IPAddressFamily 3855 EXIST::FUNCTION:RFC3779 +IPAddressOrRange_new 3856 EXIST::FUNCTION:RFC3779 EVP_CIPHER_flags 3857 EXIST::FUNCTION: -v3_asid_validate_resource_set 3858 EXIST::FUNCTION: -d2i_IPAddressRange 3859 EXIST::FUNCTION: +v3_asid_validate_resource_set 3858 EXIST::FUNCTION:RFC3779 +d2i_IPAddressRange 3859 EXIST::FUNCTION:RFC3779 AES_bi_ige_encrypt 3860 EXIST::FUNCTION:AES BIO_get_callback 3861 EXIST::FUNCTION: -IPAddressOrRange_free 3862 EXIST::FUNCTION: -v3_addr_subset 3863 EXIST::FUNCTION: -d2i_IPAddressFamily 3864 EXIST::FUNCTION: -v3_asid_subset 3865 EXIST::FUNCTION: +IPAddressOrRange_free 3862 EXIST::FUNCTION:RFC3779 +v3_addr_subset 3863 EXIST::FUNCTION:RFC3779 +d2i_IPAddressFamily 3864 EXIST::FUNCTION:RFC3779 +v3_asid_subset 3865 EXIST::FUNCTION:RFC3779 BIO_test_flags 3866 EXIST::FUNCTION: -i2d_ASIdentifierChoice 3867 EXIST::FUNCTION: -ASRange_it 3868 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -ASRange_it 3868 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -d2i_ASIdentifiers 3869 EXIST::FUNCTION: -ASRange_new 3870 EXIST::FUNCTION: -d2i_IPAddressChoice 3871 EXIST::FUNCTION: -v3_addr_get_afi 3872 EXIST::FUNCTION: +i2d_ASIdentifierChoice 3867 EXIST::FUNCTION:RFC3779 +ASRange_it 3868 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779 +ASRange_it 3868 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779 +d2i_ASIdentifiers 3869 EXIST::FUNCTION:RFC3779 +ASRange_new 3870 EXIST::FUNCTION:RFC3779 +d2i_IPAddressChoice 3871 EXIST::FUNCTION:RFC3779 +v3_addr_get_afi 3872 EXIST::FUNCTION:RFC3779 EVP_CIPHER_key_length 3873 EXIST::FUNCTION: EVP_Cipher 3874 EXIST::FUNCTION: -i2d_IPAddressOrRange 3875 EXIST::FUNCTION: -ASIdOrRange_it 3876 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -ASIdOrRange_it 3876 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +i2d_IPAddressOrRange 3875 EXIST::FUNCTION:RFC3779 +ASIdOrRange_it 3876 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779 +ASIdOrRange_it 3876 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779 EVP_CIPHER_nid 3877 EXIST::FUNCTION: -i2d_IPAddressChoice 3878 EXIST::FUNCTION: +i2d_IPAddressChoice 3878 EXIST::FUNCTION:RFC3779 EVP_CIPHER_CTX_block_size 3879 EXIST::FUNCTION: -ASIdentifiers_new 3880 EXIST::FUNCTION: -v3_addr_validate_path 3881 EXIST::FUNCTION: -IPAddressFamily_new 3882 EXIST::FUNCTION: +ASIdentifiers_new 3880 EXIST::FUNCTION:RFC3779 +v3_addr_validate_path 3881 EXIST::FUNCTION:RFC3779 +IPAddressFamily_new 3882 EXIST::FUNCTION:RFC3779 EVP_MD_CTX_set_flags 3883 EXIST::FUNCTION: -v3_addr_is_canonical 3884 EXIST::FUNCTION: -i2d_IPAddressRange 3885 EXIST::FUNCTION: -IPAddressFamily_it 3886 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -IPAddressFamily_it 3886 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -v3_asid_inherits 3887 EXIST::FUNCTION: +v3_addr_is_canonical 3884 EXIST::FUNCTION:RFC3779 +i2d_IPAddressRange 3885 EXIST::FUNCTION:RFC3779 +IPAddressFamily_it 3886 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779 +IPAddressFamily_it 3886 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779 +v3_asid_inherits 3887 EXIST::FUNCTION:RFC3779 EVP_CIPHER_CTX_cipher 3888 EXIST::FUNCTION: EVP_CIPHER_CTX_get_app_data 3889 EXIST::FUNCTION: EVP_MD_block_size 3890 EXIST::FUNCTION: EVP_CIPHER_CTX_flags 3891 EXIST::FUNCTION: -v3_asid_validate_path 3892 EXIST::FUNCTION: -d2i_IPAddressOrRange 3893 EXIST::FUNCTION: -v3_addr_canonize 3894 EXIST::FUNCTION: -ASIdentifierChoice_it 3895 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -ASIdentifierChoice_it 3895 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +v3_asid_validate_path 3892 EXIST::FUNCTION:RFC3779 +d2i_IPAddressOrRange 3893 EXIST::FUNCTION:RFC3779 +v3_addr_canonize 3894 EXIST::FUNCTION:RFC3779 +ASIdentifierChoice_it 3895 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779 +ASIdentifierChoice_it 3895 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779 EVP_MD_CTX_md 3896 EXIST::FUNCTION: -d2i_ASIdentifierChoice 3897 EXIST::FUNCTION: +d2i_ASIdentifierChoice 3897 EXIST::FUNCTION:RFC3779 BIO_method_name 3898 EXIST::FUNCTION: EVP_CIPHER_CTX_iv_length 3899 EXIST::FUNCTION: -ASIdOrRange_free 3900 EXIST::FUNCTION: -ASIdentifierChoice_free 3901 EXIST::FUNCTION: +ASIdOrRange_free 3900 EXIST::FUNCTION:RFC3779 +ASIdentifierChoice_free 3901 EXIST::FUNCTION:RFC3779 BIO_get_callback_arg 3902 EXIST::FUNCTION: BIO_set_callback 3903 EXIST::FUNCTION: -d2i_ASIdOrRange 3904 EXIST::FUNCTION: -i2d_ASIdentifiers 3905 EXIST::FUNCTION: +d2i_ASIdOrRange 3904 EXIST::FUNCTION:RFC3779 +i2d_ASIdentifiers 3905 EXIST::FUNCTION:RFC3779 CRYPTO_memcmp 3906 EXIST::FUNCTION: BN_consttime_swap 3907 EXIST::FUNCTION: SEED_decrypt 3908 EXIST::FUNCTION:SEED diff --git a/util/mkdef.pl b/util/mkdef.pl index b21d03b36e..26fa20916f 100755 --- a/util/mkdef.pl +++ b/util/mkdef.pl @@ -80,6 +80,8 @@ my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF", "FP_API", "STDIO", "SOCK", "DGRAM", # Engines "STATIC_ENGINE", "ENGINE", "HW", "GMP", + # RFC3779 + "RFC3779", # TLS "PSK", "SRP", "HEARTBEATS", # CMS @@ -124,7 +126,7 @@ my $no_md2; my $no_md4; my $no_md5; my $no_sha; my $no_ripemd; my $no_mdc2; my $no_rsa; my $no_dsa; my $no_dh; my $no_aes; my $no_ec; my $no_ecdsa; my $no_ecdh; my $no_engine; my $no_hw; my $no_fp_api; my $no_static_engine=1; my $no_gmp; my $no_deprecated; -my $no_psk; my $no_cms; my $no_capieng; +my $no_rfc3779; my $no_psk; my $no_cms; my $no_capieng; my $no_jpake; my $no_srp; my $no_ec2m; my $no_nistp_gcc; my $no_nextprotoneg; my $no_sctp; my $no_srtp; my $no_ssl_trace; my $no_unit_test; my $no_ssl3_method; my $no_ocb; @@ -213,6 +215,7 @@ foreach (@ARGV, split(/ /, $options)) elsif (/^no-engine$/) { $no_engine=1; } elsif (/^no-hw$/) { $no_hw=1; } elsif (/^no-gmp$/) { $no_gmp=1; } + elsif (/^no-rfc3779$/) { $no_rfc3779=1; } elsif (/^no-cms$/) { $no_cms=1; } elsif (/^no-ec2m$/) { $no_ec2m=1; } elsif (/^no-ec-nistp224-64-gcc-128$/) { $no_nistp_gcc=1; } @@ -1197,6 +1200,7 @@ sub is_valid if ($keyword eq "FP_API" && $no_fp_api) { return 0; } if ($keyword eq "STATIC_ENGINE" && $no_static_engine) { return 0; } if ($keyword eq "GMP" && $no_gmp) { return 0; } + if ($keyword eq "RFC3779" && $no_rfc3779) { return 0; } if ($keyword eq "PSK" && $no_psk) { return 0; } if ($keyword eq "CMS" && $no_cms) { return 0; } if ($keyword eq "EC_NISTP_64_GCC_128" && $no_nistp_gcc) |