summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rwxr-xr-xConfigure103
-rw-r--r--INSTALL.VMS2
-rw-r--r--Makefile.org8
-rwxr-xr-xconfig21
-rw-r--r--crypto/crypto-lib.com3
-rwxr-xr-xcrypto/install-crypto.com3
-rw-r--r--doc/standards.txt3
-rw-r--r--include/openssl/safestack.h50
-rw-r--r--include/openssl/store.h3
-rwxr-xr-xmakevms.com9
-rw-r--r--test/Makefile11
-rwxr-xr-xutil/clean-depend.pl2
-rwxr-xr-xutil/domd4
-rw-r--r--util/indent.pro31
-rwxr-xr-xutil/libeay.num132
-rwxr-xr-xutil/mk1mf.pl25
-rwxr-xr-xutil/mkdef.pl7
-rwxr-xr-xutil/mkfiles.pl1
18 files changed, 113 insertions, 305 deletions
diff --git a/Configure b/Configure
index b9e0f50564..f0a8accaa4 100755
--- a/Configure
+++ b/Configure
@@ -14,7 +14,7 @@ use File::Spec::Functions;
# see INSTALL for instructions.
-my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [experimental-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-krb5] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--test-sanity] [--config=FILE] os/compiler[:flags]\n";
+my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [experimental-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--test-sanity] [--config=FILE] os/compiler[:flags]\n";
# Options:
#
@@ -30,18 +30,6 @@ my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [experimenta
# default). This needn't be set in advance, you can
# just as well use "make INSTALL_PREFIX=/whatever install".
#
-# --with-krb5-dir Declare where Kerberos 5 lives. The libraries are expected
-# to live in the subdirectory lib/ and the header files in
-# include/. A value is required.
-# --with-krb5-lib Declare where the Kerberos 5 libraries live. A value is
-# required.
-# (Default: KRB5_DIR/lib)
-# --with-krb5-include Declare where the Kerberos 5 header files live. A
-# value is required.
-# (Default: KRB5_DIR/include)
-# --with-krb5-flavor Declare what flavor of Kerberos 5 is used. Currently
-# supported values are "MIT" and "Heimdal". A value is required.
-#
# --test-sanity Make a number of sanity checks on the data in this file.
# This is a debugging tool for OpenSSL developers.
#
@@ -59,7 +47,6 @@ my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [experimenta
# no-asm do not use assembler
# no-dso do not compile in any native shared-library methods. This
# will ensure that all methods just return NULL.
-# no-krb5 do not compile in any KRB5 library or code.
# [no-]zlib [don't] compile support for zlib compression.
# zlib-dynamic Like "zlib", but the zlib library is expected to be a shared
# library and will be loaded in run-time by the OpenSSL library.
@@ -782,7 +769,6 @@ my $no_threads=0;
my $threads=0;
my $no_shared=0; # but "no-shared" is default
my $zlib=1; # but "no-zlib" is default
-my $no_krb5=0; # but "no-krb5" is implied unless "--with-krb5-..." is used
my $no_rfc3779=1; # but "no-rfc3779" is default
my $no_asm=0;
my $no_dso=0;
@@ -856,7 +842,6 @@ my $openssl_thread_defines;
my $openssl_sys_defines="";
my $openssl_other_defines;
my $libs;
-my $libkrb5="";
my $target;
my $options;
my $make_depend=0;
@@ -1005,10 +990,6 @@ PROCESS_ARGS:
{
$install_prefix=$1;
}
- elsif (/^--with-krb5-(dir|lib|include|flavor)=(.*)$/)
- {
- $withargs{"krb5-".$1}=$2;
- }
elsif (/^--with-zlib-lib=(.*)$/)
{
$withargs{"zlib-lib"}=$1;
@@ -1076,11 +1057,6 @@ if ($processor eq "386")
$disabled{"sse2"} = "forced";
}
-if (!defined($withargs{"krb5-flavor"}) || $withargs{"krb5-flavor"} eq "")
- {
- $disabled{"krb5"} = "krb5-flavor not specified";
- }
-
if (!defined($disabled{"zlib-dynamic"}))
{
# "zlib-dynamic" was specifically enabled, so enable "zlib"
@@ -1223,19 +1199,14 @@ foreach (sort (keys %disabled))
$openssl_algorithm_defines .= "#define OPENSSL_NO_$ALGO\n";
print " OPENSSL_NO_$ALGO";
- if (/^krb5$/)
- { $no_krb5 = 1; }
- else
- {
- push @skip, $algo;
- # fix-up crypto/directory name(s)
- $skip[$#skip]="whrlpool" if $algo eq "whirlpool";
- $skip[$#skip]="ripemd" if $algo eq "rmd160";
+ push @skip, $algo;
+ # fix-up crypto/directory name(s)
+ $skip[$#skip]="whrlpool" if $algo eq "whirlpool";
+ $skip[$#skip]="ripemd" if $algo eq "rmd160";
- print " (skip dir)";
+ print " (skip dir)";
- $depflags .= " -DOPENSSL_NO_$ALGO";
- }
+ $depflags .= " -DOPENSSL_NO_$ALGO";
}
}
@@ -1354,62 +1325,6 @@ my $no_user_cflags=0;
if ($flags ne "") { $cflags="$flags$cflags"; }
else { $no_user_cflags=1; }
-# Kerberos settings. The flavor must be provided from outside, either through
-# the script "config" or manually.
-if (!$no_krb5)
- {
- my ($lresolv, $lpath, $lext);
- if ($withargs{"krb5-flavor"} =~ /^[Hh]eimdal$/)
- {
- die "Sorry, Heimdal is currently not supported\n";
- }
- ##### HACK to force use of Heimdal.
- ##### WARNING: Since we don't really have adequate support for Heimdal,
- ##### using this will break the build. You'll have to make
- ##### changes to the source, and if you do, please send
- ##### patches to openssl-dev@openssl.org
- if ($withargs{"krb5-flavor"} =~ /^force-[Hh]eimdal$/)
- {
- warn "Heimdal isn't really supported. Your build WILL break\n";
- warn "If you fix the problems, please send a patch to openssl-dev\@openssl.org\n";
- $withargs{"krb5-dir"} = "/usr/heimdal"
- if $withargs{"krb5-dir"} eq "";
- $withargs{"krb5-lib"} = "-L".$withargs{"krb5-dir"}.
- "/lib -lgssapi -lkrb5 -lcom_err"
- if $withargs{"krb5-lib"} eq "" && !$IsMK1MF;
- $cflags="-DKRB5_HEIMDAL $cflags";
- }
- if ($withargs{"krb5-flavor"} =~ /^[Mm][Ii][Tt]/)
- {
- $withargs{"krb5-dir"} = "/usr/kerberos"
- if $withargs{"krb5-dir"} eq "";
- $withargs{"krb5-lib"} = "-L".$withargs{"krb5-dir"}.
- "/lib -lgssapi_krb5 -lkrb5 -lcom_err -lk5crypto"
- if $withargs{"krb5-lib"} eq "" && !$IsMK1MF;
- $cflags="-DKRB5_MIT $cflags";
- $withargs{"krb5-flavor"} =~ s/^[Mm][Ii][Tt][._-]*//;
- if ($withargs{"krb5-flavor"} =~ /^1[._-]*[01]/)
- {
- $cflags="-DKRB5_MIT_OLD11 $cflags";
- }
- }
- LRESOLV:
- foreach $lpath ("/lib", "/usr/lib")
- {
- foreach $lext ("a", "so")
- {
- $lresolv = "$lpath/libresolv.$lext";
- last LRESOLV if (-r "$lresolv");
- $lresolv = "";
- }
- }
- $withargs{"krb5-lib"} .= " -lresolv"
- if ("$lresolv" ne "");
- $withargs{"krb5-include"} = "-I".$withargs{"krb5-dir"}."/include"
- if $withargs{"krb5-include"} eq "" &&
- $withargs{"krb5-dir"} ne "";
- }
-
# The DSO code currently always implements all functions so that no
# applications will have to worry about that from a compilation point
# of view. However, the "method"s may return zero unless that platform
@@ -1827,8 +1742,6 @@ while (<IN>)
s/^PROCESSOR=.*/PROCESSOR= $processor/;
s/^ARFLAGS=.*/ARFLAGS= $arflags/;
s/^PERL=.*/PERL= $perl/;
- s/^KRB5_INCLUDES=.*/KRB5_INCLUDES=$withargs{"krb5-include"}/;
- s/^LIBKRB5=.*/LIBKRB5=$withargs{"krb5-lib"}/;
s/^LIBZLIB=.*/LIBZLIB=$withargs{"zlib-lib"}/;
s/^ZLIB_INCLUDE=.*/ZLIB_INCLUDE=$withargs{"zlib-include"}/;
s/^FIPSLIBDIR=.*/FIPSLIBDIR=$fipslibdir/;
@@ -1887,8 +1800,6 @@ print "PROCESSOR =$processor\n";
print "RANLIB =$ranlib\n";
print "ARFLAGS =$arflags\n";
print "PERL =$perl\n";
-print "KRB5_INCLUDES =",$withargs{"krb5-include"},"\n"
- if $withargs{"krb5-include"} ne "";
my $des_ptr=0;
my $des_risc1=0;
diff --git a/INSTALL.VMS b/INSTALL.VMS
index 132b2e7173..084b279da8 100644
--- a/INSTALL.VMS
+++ b/INSTALL.VMS
@@ -134,7 +134,7 @@ Currently, the logical names supported are:
disabling it is supported. Supported algorithms to
do this with are: AES, BF, CAMELLIA, CAST, CMS, COMP,
DES, DGRAM, DH, DSA, EC, EC2M, ECDH, ECDSA, ENGINE,
- ERR, GOST, HEARTBEATS, HMAC, IDEA, KRB5, MD2, MD4,
+ ERR, GOST, HEARTBEATS, HMAC, IDEA, MD2, MD4,
MD5, OCB, OCSP, PSK, RC2, RC4, RC5, RMD160, RSA, SCTP,
SEED, SOCK, SRP, SRTP, TLSEXT, WHIRLPOOL. So, for
example, having the logical name OPENSSL_NO_RSA with
diff --git a/Makefile.org b/Makefile.org
index 6e32d5beb6..69baf489cb 100644
--- a/Makefile.org
+++ b/Makefile.org
@@ -219,7 +219,6 @@ BUILDENV= PLATFORM='$(PLATFORM)' PROCESSOR='$(PROCESSOR)' \
DEPFLAG='-DOPENSSL_NO_DEPRECATED $(DEPFLAG)' \
MAKEDEPPROG='$(MAKEDEPPROG)' \
SHARED_LDFLAGS='$(SHARED_LDFLAGS)' \
- KRB5_INCLUDES='$(KRB5_INCLUDES)' LIBKRB5='$(LIBKRB5)' \
ZLIB_INCLUDE='$(ZLIB_INCLUDE)' LIBZLIB='$(LIBZLIB)' \
EXE_EXT='$(EXE_EXT)' SHARED_LIBS='$(SHARED_LIBS)' \
SHLIB_EXT='$(SHLIB_EXT)' SHLIB_TARGET='$(SHLIB_TARGET)' \
@@ -340,9 +339,6 @@ build-shared: do_$(SHLIB_TARGET) link-shared
do_$(SHLIB_TARGET):
@ set -e; libs='-L. $(SHLIBDEPS)'; for i in $(SHLIBDIRS); do \
- if [ "$$i" = "ssl" -a -n "$(LIBKRB5)" ]; then \
- libs="$(LIBKRB5) $$libs"; \
- fi; \
$(CLEARENV) && $(MAKE) -f Makefile.shared -e $(BUILDENV) \
LIBNAME=$$i LIBVERSION=$(SHLIB_MAJOR).$(SHLIB_MINOR) \
LIBCOMPATVERSIONS=";$(SHLIB_VERSION_HISTORY)" \
@@ -363,7 +359,7 @@ libcrypto.pc: Makefile
echo 'Requires: '; \
echo 'Libs: -L$${libdir} -lcrypto'; \
echo 'Libs.private: $(EX_LIBS)'; \
- echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libcrypto.pc
+ echo 'Cflags: -I$${includedir}' ) > libcrypto.pc
libssl.pc: Makefile
@ ( echo 'prefix=$(INSTALLTOP)'; \
@@ -377,7 +373,7 @@ libssl.pc: Makefile
echo 'Requires.private: libcrypto'; \
echo 'Libs: -L$${libdir} -lssl'; \
echo 'Libs.private: $(EX_LIBS)'; \
- echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libssl.pc
+ echo 'Cflags: -I$${includedir}' ) > libssl.pc
openssl.pc: Makefile
@ ( echo 'prefix=$(INSTALLTOP)'; \
diff --git a/config b/config
index 94534cb3bb..1683f07888 100755
--- a/config
+++ b/config
@@ -873,27 +873,6 @@ do
fi
done
-# Discover Kerberos 5 (since it's still a prototype, we don't
-# do any guesses yet, that's why this section is commented away.
-#if [ -d /usr/kerberos ]; then
-# krb5_dir=/usr/kerberos
-# if [ \( -f $krb5_dir/lib/libgssapi_krb5.a -o -f $krb5_dir/lib/libgssapi_krb5.so* \)\
-# -a \( -f $krb5_dir/lib/libkrb5.a -o -f $krb5_dir/lib/libkrb5.so* \)\
-# -a \( -f $krb5_dir/lib/libcom_err.a -o -f $krb5_dir/lib/libcom_err.so* \)\
-# -a \( -f $krb5_dir/lib/libk5crypto.a -o -f $krb5_dir/lib/libk5crypto.so* \)\
-# -a \( -f $krb5_dir/include/krb5.h \) ]; then
-# options="$options --with-krb5-flavor=MIT"
-# fi
-#elif [ -d /usr/heimdal ]; then
-# krb5_dir=/usr/heimdal
-# if [ \( -f $krb5_dir/lib/libgssapi.a -o -f $krb5_dir/lib/libgssapi.so* \)\
-# -a \( -f $krb5_dir/lib/libkrb5.a -o -f $krb5_dir/lib/libkrb5.so* \)\
-# -a \( -f $krb5_dir/lib/libcom_err.a -o -f $krb5_dir/lib/libcom_err.so* \)\
-# -a \( -f $krb5_dir/include/krb5.h \) ]; then
-# options="$options --with-krb5-flavor=Heimdal"
-# fi
-#fi
-
if [ -z "$OUT" ]; then
OUT="$CC"
fi
diff --git a/crypto/crypto-lib.com b/crypto/crypto-lib.com
index 02f874190c..5a2694dcfa 100644
--- a/crypto/crypto-lib.com
+++ b/crypto/crypto-lib.com
@@ -127,7 +127,7 @@ $ ENCRYPT_TYPES = "Basic,"+ -
"DES,AES,RC2,RC4,RC5,IDEA,BF,CAST,CAMELLIA,SEED,MODES,"+ -
"BN,EC,RSA,DSA,ECDSA,DH,ECDH,DSO,ENGINE,"+ -
"BUFFER,BIO,STACK,LHASH,RAND,ERR,"+ -
- "EVP,ASN1,PEM,X509,X509V3,CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP,UI,KRB5,"+ -
+ "EVP,ASN1,PEM,X509,X509V3,CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP,UI,"+ -
"CMS,PQUEUE,TS,JPAKE,SRP,STORE,CMAC"
$ ENDIF
$!
@@ -343,7 +343,6 @@ $ LIB_COMP = "comp_lib,comp_err,"+ -
$ LIB_OCSP = "ocsp_asn,ocsp_ext,ocsp_ht,ocsp_lib,ocsp_cl,"+ -
"ocsp_srv,ocsp_prn,ocsp_vfy,ocsp_err,v3_ocsp"
$ LIB_UI = "ui_err,ui_lib,ui_openssl,ui_util"
-$ LIB_KRB5 = "krb5_asn"
$ LIB_CMS = "cms_lib,cms_asn1,cms_att,cms_io,cms_smime,cms_err,"+ -
"cms_sd,cms_dd,cms_cd,cms_env,cms_enc,cms_ess,"+ -
"cms_pwri,cms_kari"
diff --git a/crypto/install-crypto.com b/crypto/install-crypto.com
index 7734f945a8..5b011f6c02 100755
--- a/crypto/install-crypto.com
+++ b/crypto/install-crypto.com
@@ -80,7 +80,7 @@ $ sdirs := , -
bn, ec, rsa, dsa, ecdsa, dh, ecdh, dso, engine, -
buffer, bio, stack, lhash, rand, err, -
evp, asn1, pem, x509, x509v3, conf, txt_db, pkcs7, pkcs12, comp, ocsp, -
- ui, krb5, -
+ ui, -
cms, pqueue, ts, jpake, srp, store, cmac
$!
$ exheader_ := crypto.h, opensslv.h, ebcdic.h, symhacks.h, ossl_typ.h
@@ -132,7 +132,6 @@ $ exheader_pkcs12 := pkcs12.h
$ exheader_comp := comp.h
$ exheader_ocsp := ocsp.h
$ exheader_ui := ui.h
-$ exheader_krb5 := krb5_asn.h
$ exheader_cms := cms.h
$ exheader_pqueue := pqueue.h
$ exheader_ts := ts.h
diff --git a/doc/standards.txt b/doc/standards.txt
index 691fafedde..d28b167d4a 100644
--- a/doc/standards.txt
+++ b/doc/standards.txt
@@ -34,9 +34,6 @@ PKCS#12: Personal Information Exchange Syntax Standard, version 1.0.
2560 X.509 Internet Public Key Infrastructure Online Certificate
Status Protocol - OCSP
-2712 Addition of Kerberos Cipher Suites to Transport Layer Security
- (TLS)
-
2898 PKCS #5: Password-Based Cryptography Specification Version 2.0
2986 PKCS #10: Certification Request Syntax Specification Version 1.7
diff --git a/include/openssl/safestack.h b/include/openssl/safestack.h
index 388f4094ce..9e10c108cb 100644
--- a/include/openssl/safestack.h
+++ b/include/openssl/safestack.h
@@ -2068,6 +2068,31 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_BLOCK, void)
# define sk_void_sort(st) SKM_sk_sort(void, (st))
# define sk_void_is_sorted(st) SKM_sk_is_sorted(void, (st))
+# define sk_OPENSSL_PSTRING_new(cmp) ((STACK_OF(OPENSSL_PSTRING) *)sk_new(CHECKED_SK_CMP_FUNC(OPENSSL_STRING, cmp)))
+# define sk_OPENSSL_PSTRING_new_null() ((STACK_OF(OPENSSL_PSTRING) *)sk_new_null())
+# define sk_OPENSSL_PSTRING_push(st, val) sk_push(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val))
+# define sk_OPENSSL_PSTRING_find(st, val) sk_find(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val))
+# define sk_OPENSSL_PSTRING_value(st, i) ((OPENSSL_PSTRING)sk_value(CHECKED_STACK_OF(OPENSSL_PSTRING, st), i))
+# define sk_OPENSSL_PSTRING_num(st) SKM_sk_num(OPENSSL_PSTRING, st)
+# define sk_OPENSSL_PSTRING_pop_free(st, free_func) sk_pop_free(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_SK_FREE_FUNC(OPENSSL_STRING, free_func))
+# define sk_OPENSSL_PSTRING_deep_copy(st, copy_func, free_func) ((STACK_OF(OPENSSL_PSTRING) *)sk_deep_copy(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_SK_COPY_FUNC(OPENSSL_STRING, copy_func), CHECKED_SK_FREE_FUNC(OPENSSL_STRING, free_func)))
+# define sk_OPENSSL_PSTRING_insert(st, val, i) sk_insert(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val), i)
+# define sk_OPENSSL_PSTRING_free(st) SKM_sk_free(OPENSSL_PSTRING, st)
+# define sk_OPENSSL_PSTRING_set(st, i, val) sk_set(CHECKED_STACK_OF(OPENSSL_PSTRING, st), i, CHECKED_PTR_OF(OPENSSL_STRING, val))
+# define sk_OPENSSL_PSTRING_zero(st) SKM_sk_zero(OPENSSL_PSTRING, (st))
+# define sk_OPENSSL_PSTRING_unshift(st, val) sk_unshift(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val))
+# define sk_OPENSSL_PSTRING_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_CONST_PTR_OF(OPENSSL_STRING, val))
+# define sk_OPENSSL_PSTRING_delete(st, i) SKM_sk_delete(OPENSSL_PSTRING, (st), (i))
+# define sk_OPENSSL_PSTRING_delete_ptr(st, ptr) (OPENSSL_PSTRING *)sk_delete_ptr(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, ptr))
+# define sk_OPENSSL_PSTRING_set_cmp_func(st, cmp) \
+ ((int (*)(const OPENSSL_STRING * const *,const OPENSSL_STRING * const *)) \
+ sk_set_cmp_func(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_SK_CMP_FUNC(OPENSSL_STRING, cmp)))
+# define sk_OPENSSL_PSTRING_dup(st) SKM_sk_dup(OPENSSL_PSTRING, st)
+# define sk_OPENSSL_PSTRING_shift(st) SKM_sk_shift(OPENSSL_PSTRING, (st))
+# define sk_OPENSSL_PSTRING_pop(st) (OPENSSL_STRING *)sk_pop(CHECKED_STACK_OF(OPENSSL_PSTRING, st))
+# define sk_OPENSSL_PSTRING_sort(st) SKM_sk_sort(OPENSSL_PSTRING, (st))
+# define sk_OPENSSL_PSTRING_is_sorted(st) SKM_sk_is_sorted(OPENSSL_PSTRING, (st))
+
# define sk_OPENSSL_STRING_new(cmp) ((STACK_OF(OPENSSL_STRING) *)sk_new(CHECKED_SK_CMP_FUNC(char, cmp)))
# define sk_OPENSSL_STRING_new_null() ((STACK_OF(OPENSSL_STRING) *)sk_new_null())
# define sk_OPENSSL_STRING_push(st, val) sk_push(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, val))
@@ -2118,31 +2143,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_BLOCK, void)
# define sk_OPENSSL_BLOCK_sort(st) SKM_sk_sort(OPENSSL_BLOCK, (st))
# define sk_OPENSSL_BLOCK_is_sorted(st) SKM_sk_is_sorted(OPENSSL_BLOCK, (st))
-# define sk_OPENSSL_PSTRING_new(cmp) ((STACK_OF(OPENSSL_PSTRING) *)sk_new(CHECKED_SK_CMP_FUNC(OPENSSL_STRING, cmp)))
-# define sk_OPENSSL_PSTRING_new_null() ((STACK_OF(OPENSSL_PSTRING) *)sk_new_null())
-# define sk_OPENSSL_PSTRING_push(st, val) sk_push(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val))
-# define sk_OPENSSL_PSTRING_find(st, val) sk_find(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val))
-# define sk_OPENSSL_PSTRING_value(st, i) ((OPENSSL_PSTRING)sk_value(CHECKED_STACK_OF(OPENSSL_PSTRING, st), i))
-# define sk_OPENSSL_PSTRING_num(st) SKM_sk_num(OPENSSL_PSTRING, st)
-# define sk_OPENSSL_PSTRING_pop_free(st, free_func) sk_pop_free(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_SK_FREE_FUNC(OPENSSL_STRING, free_func))
-# define sk_OPENSSL_PSTRING_deep_copy(st, copy_func, free_func) ((STACK_OF(OPENSSL_PSTRING) *)sk_deep_copy(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_SK_COPY_FUNC(OPENSSL_STRING, copy_func), CHECKED_SK_FREE_FUNC(OPENSSL_STRING, free_func)))
-# define sk_OPENSSL_PSTRING_insert(st, val, i) sk_insert(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val), i)
-# define sk_OPENSSL_PSTRING_free(st) SKM_sk_free(OPENSSL_PSTRING, st)
-# define sk_OPENSSL_PSTRING_set(st, i, val) sk_set(CHECKED_STACK_OF(OPENSSL_PSTRING, st), i, CHECKED_PTR_OF(OPENSSL_STRING, val))
-# define sk_OPENSSL_PSTRING_zero(st) SKM_sk_zero(OPENSSL_PSTRING, (st))
-# define sk_OPENSSL_PSTRING_unshift(st, val) sk_unshift(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val))
-# define sk_OPENSSL_PSTRING_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_CONST_PTR_OF(OPENSSL_STRING, val))
-# define sk_OPENSSL_PSTRING_delete(st, i) SKM_sk_delete(OPENSSL_PSTRING, (st), (i))
-# define sk_OPENSSL_PSTRING_delete_ptr(st, ptr) (OPENSSL_PSTRING *)sk_delete_ptr(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, ptr))
-# define sk_OPENSSL_PSTRING_set_cmp_func(st, cmp) \
- ((int (*)(const OPENSSL_STRING * const *,const OPENSSL_STRING * const *)) \
- sk_set_cmp_func(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_SK_CMP_FUNC(OPENSSL_STRING, cmp)))
-# define sk_OPENSSL_PSTRING_dup(st) SKM_sk_dup(OPENSSL_PSTRING, st)
-# define sk_OPENSSL_PSTRING_shift(st) SKM_sk_shift(OPENSSL_PSTRING, (st))
-# define sk_OPENSSL_PSTRING_pop(st) (OPENSSL_STRING *)sk_pop(CHECKED_STACK_OF(OPENSSL_PSTRING, st))
-# define sk_OPENSSL_PSTRING_sort(st) SKM_sk_sort(OPENSSL_PSTRING, (st))
-# define sk_OPENSSL_PSTRING_is_sorted(st) SKM_sk_is_sorted(OPENSSL_PSTRING, (st))
-
# define lh_ADDED_OBJ_new() LHM_lh_new(ADDED_OBJ,added_obj)
# define lh_ADDED_OBJ_insert(lh,inst) LHM_lh_insert(ADDED_OBJ,lh,inst)
# define lh_ADDED_OBJ_retrieve(lh,inst) LHM_lh_retrieve(ADDED_OBJ,lh,inst)
diff --git a/include/openssl/store.h b/include/openssl/store.h
index cd07b26d4b..b732eefa52 100644
--- a/include/openssl/store.h
+++ b/include/openssl/store.h
@@ -180,8 +180,7 @@ typedef enum STORE_params {
STORE_PARAM_KEY_PARAMETERS = 0x03, /* ??? */
STORE_PARAM_KEY_NO_PARAMETERS = 0x04, /* N/A */
STORE_PARAM_AUTH_PASSPHRASE = 0x05, /* char * */
- STORE_PARAM_AUTH_KRB5_TICKET = 0x06, /* void * */
- STORE_PARAM_TYPE_NUM = 0x06 /* The amount of known parameter types */
+ STORE_PARAM_TYPE_NUM = 0x05 /* The amount of known parameter types */
} STORE_PARAM_TYPES;
/*
* Parameter value sizes. -1 means unknown, anything else is the required
diff --git a/makevms.com b/makevms.com
index fc7c0a44de..37efdc8041 100755
--- a/makevms.com
+++ b/makevms.com
@@ -249,7 +249,7 @@ $ SDIRS := -
des,aes,rc2,rc4,rc5,idea,bf,cast,camellia,seed,modes,-
bn,ec,rsa,dsa,ecdsa,dh,ecdh,dso,engine,-
buffer,bio,stack,lhash,rand,err,-
- evp,asn1,pem,x509,x509v3,conf,txt_db,pkcs7,pkcs12,comp,ocsp,ui,krb5,-
+ evp,asn1,pem,x509,x509v3,conf,txt_db,pkcs7,pkcs12,comp,ocsp,ui,-
cms,pqueue,ts,jpake,srp,store,cmac
$
$! One of the best way to figure out what the list should be is to do
@@ -281,7 +281,6 @@ $ CONFIG_LOGICALS := AES,-
HMAC,-
IDEA,-
JPAKE,-
- KRB5,-
MD2,-
MD4,-
MD5,-
@@ -339,7 +338,6 @@ $ CONFIG_DISABLE_RULES := RIJNDAEL/AES;-
DH/GOST;-
TLSEXT/SRP,HEARTBEAT;-
/STATIC_ENGINE;-
- /KRB5;-
/DEPRECATED;-
/EC_NISTP_64_GCC_128;-
/GMP;-
@@ -774,7 +772,7 @@ $ HEADER_SDIRS := , -
BN, EC, RSA, DSA, ECDSA, DH, ECDH, DSO, ENGINE, -
BUFFER, BIO, STACK, LHASH, RAND, ERR, -
EVP, ASN1, PEM, X509, X509V3, CONF, TXT_DB, PKCS7, PKCS12, -
- COMP, OCSP, UI, KRB5, -
+ COMP, OCSP, UI, -
CMS, PQUEUE, TS, JPAKE, SRP, STORE, CMAC
$!
$ EXHEADER_ := crypto.h, opensslv.h, ebcdic.h, symhacks.h, ossl_typ.h
@@ -826,7 +824,6 @@ $ EXHEADER_PKCS12 := pkcs12.h
$ EXHEADER_COMP := comp.h
$ EXHEADER_OCSP := ocsp.h
$ EXHEADER_UI := ui.h
-$ EXHEADER_KRB5 := krb5_asn.h
$ EXHEADER_CMS := cms.h
$ EXHEADER_PQUEUE := pqueue.h
$ EXHEADER_TS := ts.h
@@ -850,7 +847,7 @@ $!
$! Copy All The ".H" Files From The [.SSL] Directory.
$!
$! (keep these in the same order as ssl/Makefile)
-$ EXHEADER := ssl.h, ssl2.h, ssl3.h, ssl23.h, tls1.h, dtls1.h, kssl.h, srtp.h
+$ EXHEADER := ssl.h, ssl2.h, ssl3.h, ssl23.h, tls1.h, dtls1.h, srtp.h
$ copy sys$disk:[.ssl]'exheader' sys$disk:[.include.openssl]
$!
$! Purge the [.include.openssl] header files.
diff --git a/test/Makefile b/test/Makefile
index 695bb3273f..4c1d9d0393 100644
--- a/test/Makefile
+++ b/test/Makefile
@@ -5,13 +5,10 @@
DIR= test
TOP= ..
CC= cc
-INCLUDES= -I$(TOP) -I../include -I../crypto/include $(KRB5_INCLUDES) -I$(TOP)/fips
+INCLUDES= -I$(TOP) -I../include -I../crypto/include -I$(TOP)/fips
CFLAG= -g
MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
PERL= perl
-# KRB5 stuff
-KRB5_INCLUDES=
-LIBKRB5=
PEX_LIBS=
EX_LIBS= #-lnsl -lsocket
@@ -419,14 +416,14 @@ $(DLIBCRYPTO):
BUILD_CMD=shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
shlib_target="$(SHLIB_TARGET)"; \
fi; \
- LIBRARIES="$(LIBSSL) $(LIBCRYPTO) $(LIBKRB5)"; \
+ LIBRARIES="$(LIBSSL) $(LIBCRYPTO)"; \
$(MAKE) -f $(TOP)/Makefile.shared -e \
APPNAME=$$target$(EXE_EXT) OBJECTS="$$target.o $$testutil" \
LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
link_app.$${shlib_target}
BUILD_CMD_STATIC=shlib_target=; \
- LIBRARIES="$(DLIBSSL) $(DLIBCRYPTO) $(LIBKRB5)"; \
+ LIBRARIES="$(DLIBSSL) $(DLIBCRYPTO)"; \
$(MAKE) -f $(TOP)/Makefile.shared -e \
APPNAME=$$target$(EXE_EXT) OBJECTS="$$target.o $$testutil" \
LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
@@ -478,7 +475,7 @@ FIPS_BUILD_CMD=shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
FIPS_CRYPTO_BUILD_CMD=shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
shlib_target="$(SHLIB_TARGET)"; \
fi; \
- LIBRARIES="$(LIBSSL) $(LIBCRYPTO) $(LIBKRB5)"; \
+ LIBRARIES="$(LIBSSL) $(LIBCRYPTO)"; \
if [ -z "$(SHARED_LIBS)" -a -n "$(FIPSCANLIB)" ] ; then \
FIPSLD_CC="$(CC)"; CC=$(TOP)/fips/fipsld; export CC FIPSLD_CC; \
fi; \
diff --git a/util/clean-depend.pl b/util/clean-depend.pl
index d3525b0ed0..04d86b6d09 100755
--- a/util/clean-depend.pl
+++ b/util/clean-depend.pl
@@ -23,8 +23,6 @@ while(<STDIN>) {
@deps=grep(!/^\//,@deps);
@deps=grep(!/^\\$/,@deps);
@deps=grep(!/^$origfile$/,@deps);
-# pull out the kludged kerberos header (if present).
- @deps=grep(!/^[.\/]+\/krb5.h/,@deps);
push @{$files{$thisfile}},@deps;
}
diff --git a/util/domd b/util/domd
index efbfb3ab67..552a352e3a 100755
--- a/util/domd
+++ b/util/domd
@@ -12,8 +12,6 @@ fi
if [ "$MAKEDEPEND" = "" ]; then MAKEDEPEND=makedepend; fi
cp Makefile Makefile.save
-# fake the presence of Kerberos
-touch $TOP/krb5.h
if expr "$MAKEDEPEND" : '.*cc' > /dev/null; then
args=""
while [ $# -gt 0 ]; do
@@ -32,7 +30,5 @@ else
RC=$?
fi
mv Makefile.new Makefile
-# unfake the presence of Kerberos
-rm $TOP/krb5.h
exit $RC
diff --git a/util/indent.pro b/util/indent.pro
index 2a7c1b7b44..5a6d452924 100644
--- a/util/indent.pro
+++ b/util/indent.pro
@@ -305,14 +305,6 @@
-T JPAKE_STEP_PART
-T JPAKE_ZKP
-T KEY_TABLE_TYPE
--T KRB5_APREQBODY
--T KRB5_AUTHDATA
--T KRB5_AUTHENTBODY
--T KRB5_CHECKSUM
--T KRB5_ENCDATA
--T KRB5_ENCKEY
--T KRB5_PRINCNAME
--T KRB5_TKTBODY
-T LHASH
-T LHASH_COMP_FN_TYPE
-T LHASH_DOALL_ARG_FN_TYPE
@@ -650,9 +642,6 @@
-T STACK_OF_GENERAL_SUBTREE_
-T STACK_OF_IPAddressFamily_
-T STACK_OF_IPAddressOrRange_
--T STACK_OF_KRB5_APREQBODY_
--T STACK_OF_KRB5_AUTHENTBODY_
--T STACK_OF_KRB5_TKTBODY_
-T STACK_OF_MEM_OBJECT_DATA_
-T STACK_OF_MIME_HEADER_
-T STACK_OF_MIME_PARAM_
@@ -719,26 +708,6 @@
-T clock_t
-T custom_ext_methods
-T hm_fragment
--T krb5_auth_context
--T krb5_authdata
--T KRB5_CALLCONV
--T krb5_ccache
--T krb5_context
--T krb5_creds
--T krb5_data
--T krb5_deltat
--T krb5_flags
--T krb5_int32
--T krb5_keyblock
--T krb5_keytab
--T krb5_keytab_entry
--T krb5_octet
--T krb5_principal
--T krb5_principal_data
--T krb5_rcache
--T krb5_ticket
--T krb5_ticket_times
--T krb5_timestamp
-T record_pqueue
-T ssl_ctx_st
-T ssl_flag_tbl
diff --git a/util/libeay.num b/util/libeay.num
index b3dcd5d978..d41686fea4 100755
--- a/util/libeay.num
+++ b/util/libeay.num
@@ -1950,8 +1950,8 @@ ASN1_UTF8STRING_it 2527 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTI
ENGINE_unregister_ciphers 2528 EXIST::FUNCTION:ENGINE
ENGINE_get_ciphers 2529 EXIST::FUNCTION:ENGINE
d2i_OCSP_BASICRESP 2530 EXIST::FUNCTION:
-KRB5_CHECKSUM_it 2531 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-KRB5_CHECKSUM_it 2531 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+KRB5_CHECKSUM_it 2531 NOEXIST::FUNCTION:
+KRB5_CHECKSUM_it 2531 NOEXIST::FUNCTION:
EC_POINT_add 2532 EXIST::FUNCTION:EC
ASN1_item_ex_i2d 2533 EXIST::FUNCTION:
OCSP_CERTID_it 2534 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
@@ -1982,8 +1982,8 @@ OCSP_SIGNATURE_it 2554 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTI
X509_CRL_it 2555 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
X509_CRL_it 2555 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
OCSP_BASICRESP_add_ext 2556 EXIST::FUNCTION:
-KRB5_ENCKEY_it 2557 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-KRB5_ENCKEY_it 2557 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+KRB5_ENCKEY_it 2557 NOEXIST::FUNCTION:
+KRB5_ENCKEY_it 2557 NOEXIST::FUNCTION:
UI_method_set_closer 2558 EXIST::FUNCTION:
X509_STORE_set_purpose 2559 EXIST::FUNCTION:
i2d_ASN1_GENERALSTRING 2560 EXIST::FUNCTION:
@@ -1996,11 +1996,11 @@ _ossl_old_des_random_key 2566 NOEXIST::FUNCTION:
ASN1_T61STRING_it 2567 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
ASN1_T61STRING_it 2567 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
EC_GROUP_method_of 2568 EXIST::FUNCTION:EC
-i2d_KRB5_APREQ 2569 EXIST::FUNCTION:
+i2d_KRB5_APREQ 2569 NOEXIST::FUNCTION:
_ossl_old_des_encrypt 2570 NOEXIST::FUNCTION:
ASN1_PRINTABLE_new 2571 EXIST::FUNCTION:
HMAC_Init_ex 2572 EXIST::FUNCTION:
-d2i_KRB5_AUTHENT 2573 EXIST::FUNCTION:
+d2i_KRB5_AUTHENT 2573 NOEXIST::FUNCTION:
OCSP_archive_cutoff_new 2574 EXIST::FUNCTION:
EC_POINT_set_Jprojective_coordinates_GFp 2575 EXIST:!VMS:FUNCTION:EC
EC_POINT_set_Jproj_coords_GFp 2575 EXIST:VMS:FUNCTION:EC
@@ -2017,11 +2017,11 @@ ENGINE_register_DH 2584 EXIST::FUNCTION:ENGINE
UI_construct_prompt 2585 EXIST::FUNCTION:
X509_STORE_set_trust 2586 EXIST::FUNCTION:
UI_dup_input_string 2587 EXIST::FUNCTION:
-d2i_KRB5_APREQ 2588 EXIST::FUNCTION:
+d2i_KRB5_APREQ 2588 NOEXIST::FUNCTION:
EVP_MD_CTX_copy_ex 2589 EXIST::FUNCTION:
OCSP_request_is_signed 2590 EXIST::FUNCTION:
i2d_OCSP_REQINFO 2591 EXIST::FUNCTION:
-KRB5_ENCKEY_free 2592 EXIST::FUNCTION:
+KRB5_ENCKEY_free 2592 NOEXIST::FUNCTION:
OCSP_resp_get0 2593 EXIST::FUNCTION:
GENERAL_NAME_it 2594 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
GENERAL_NAME_it 2594 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
@@ -2059,10 +2059,10 @@ ENGINE_register_ciphers 2620 EXIST::FUNCTION:ENGINE
BN_mod_lshift_quick 2621 EXIST::FUNCTION:
DSO_set_filename 2622 EXIST::FUNCTION:
ASN1_item_free 2623 EXIST::FUNCTION:
-KRB5_TKTBODY_free 2624 EXIST::FUNCTION:
+KRB5_TKTBODY_free 2624 NOEXIST::FUNCTION:
AUTHORITY_KEYID_it 2625 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
AUTHORITY_KEYID_it 2625 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-KRB5_APREQBODY_new 2626 EXIST::FUNCTION:
+KRB5_APREQBODY_new 2626 NOEXIST::FUNCTION:
X509V3_EXT_REQ_add_nconf 2627 EXIST::FUNCTION:
ENGINE_ctrl_cmd_string 2628 EXIST::FUNCTION:ENGINE
i2d_OCSP_RESPDATA 2629 EXIST::FUNCTION:
@@ -2071,7 +2071,7 @@ EXTENDED_KEY_USAGE_free 2631 EXIST::FUNCTION:
PKCS7_ATTR_SIGN_it 2632 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
PKCS7_ATTR_SIGN_it 2632 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
UI_add_error_string 2633 EXIST::FUNCTION:
-KRB5_CHECKSUM_free 2634 EXIST::FUNCTION:
+KRB5_CHECKSUM_free 2634 NOEXIST::FUNCTION:
OCSP_REQUEST_get_ext 2635 EXIST::FUNCTION:
ENGINE_load_ubsec 2636 EXIST::FUNCTION:ENGINE,STATIC_ENGINE
ENGINE_register_all_digests 2637 EXIST::FUNCTION:ENGINE
@@ -2085,7 +2085,7 @@ X509_REVOKED_it 2642 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIA
X509_REVOKED_it 2642 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
ASN1_STRING_encode 2643 NOEXIST::FUNCTION:
EVP_aes_128_ecb 2644 EXIST::FUNCTION:AES
-KRB5_AUTHENT_free 2645 EXIST::FUNCTION:
+KRB5_AUTHENT_free 2645 NOEXIST::FUNCTION:
OCSP_BASICRESP_get_ext_by_critical 2646 EXIST:!VMS:FUNCTION:
OCSP_BASICRESP_get_ext_by_crit 2646 EXIST:VMS:FUNCTION:
OCSP_cert_status_str 2647 EXIST::FUNCTION:
@@ -2113,7 +2113,7 @@ ENGINE_unregister_DSA 2665 EXIST::FUNCTION:ENGINE
_ossl_old_des_key_sched 2666 NOEXIST::FUNCTION:
X509_EXTENSION_it 2667 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
X509_EXTENSION_it 2667 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-i2d_KRB5_AUTHENT 2668 EXIST::FUNCTION:
+i2d_KRB5_AUTHENT 2668 NOEXIST::FUNCTION:
SXNETID_it 2669 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
SXNETID_it 2669 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
d2i_OCSP_SINGLERESP 2670 EXIST::FUNCTION:
@@ -2123,7 +2123,7 @@ _ossl_old_des_ofb64_encrypt 2673 NOEXIST::FUNCTION:
d2i_EXTENDED_KEY_USAGE 2674 EXIST::FUNCTION:
ERR_print_errors_cb 2675 EXIST::FUNCTION:
ENGINE_set_ciphers 2676 EXIST::FUNCTION:ENGINE
-d2i_KRB5_APREQBODY 2677 EXIST::FUNCTION:
+d2i_KRB5_APREQBODY 2677 NOEXIST::FUNCTION:
UI_method_get_flusher 2678 EXIST::FUNCTION:
X509_PUBKEY_it 2679 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
X509_PUBKEY_it 2679 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
@@ -2133,14 +2133,14 @@ PKCS7_ENCRYPT_it 2681 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTI
i2d_OCSP_RESPONSE 2682 EXIST::FUNCTION:
EC_GROUP_get_cofactor 2683 EXIST::FUNCTION:EC
PKCS12_unpack_p7data 2684 EXIST::FUNCTION:
-d2i_KRB5_AUTHDATA 2685 EXIST::FUNCTION:
+d2i_KRB5_AUTHDATA 2685 NOEXIST::FUNCTION:
OCSP_copy_nonce 2686 EXIST::FUNCTION:
-KRB5_AUTHDATA_new 2687 EXIST::FUNCTION:
+KRB5_AUTHDATA_new 2687 NOEXIST::FUNCTION:
OCSP_RESPDATA_new 2688 EXIST::FUNCTION:
EC_GFp_mont_method 2689 EX