From 4d8743f490a5f96fa26d41985ee12cb6b9815a4c Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Fri, 28 Nov 2003 13:10:58 +0000 Subject: Netware-specific changes, PR: 780 Submitted by: Verdon Walker Reviewed by: Richard Levitte --- Configure | 18 +- INSTALL | 6 +- INSTALL.NW | 437 +++++++++++++++++++++++++++++++ Netware/build.bat | 204 +++++++++++++++ Netware/cpy_tests.bat | 112 ++++++++ Netware/do_tests.pl | 585 ++++++++++++++++++++++++++++++++++++++++++ Netware/globals.txt | 254 ++++++++++++++++++ Netware/readme.txt | 19 ++ Netware/set_env.bat | 90 +++++++ apps/apps.c | 13 +- apps/apps.h | 2 + apps/ca.c | 2 +- apps/s_apps.h | 3 +- apps/s_client.c | 8 +- apps/s_server.c | 16 +- apps/s_socket.c | 38 ++- apps/s_time.c | 18 +- apps/speed.c | 43 +++- crypto/bf/bf_opts.c | 3 + crypto/bf/bfspeed.c | 3 + crypto/bf/bftest.c | 3 + crypto/bio/b_sock.c | 33 ++- crypto/bio/bss_file.c | 15 +- crypto/bio/bss_log.c | 2 + crypto/bio/bss_sock.c | 2 +- crypto/bn/exptest.c | 3 + crypto/buffer/buffer.h | 3 + crypto/cast/cast_spd.c | 3 + crypto/cast/castopts.c | 3 + crypto/des/des_opts.c | 4 + crypto/des/destest.c | 3 + crypto/des/speed.c | 4 + crypto/dh/dhtest.c | 6 +- crypto/dsa/dsatest.c | 3 + crypto/idea/idea_spd.c | 3 + crypto/idea/ideatest.c | 3 + crypto/md2/md2test.c | 3 + crypto/md32_common.h | 2 + crypto/md5/md5test.c | 4 + crypto/mdc2/mdc2test.c | 3 + crypto/perlasm/x86asm.pl | 8 +- crypto/perlasm/x86mwasm_nw.pl | 363 ++++++++++++++++++++++++++ crypto/perlasm/x86nasm_nw.pl | 364 ++++++++++++++++++++++++++ crypto/rand/Makefile.ssl | 4 +- crypto/rand/rand_egd.c | 2 +- crypto/rand/rand_nw.c | 171 ++++++++++++ crypto/rand/rand_unix.c | 3 +- crypto/rand/randtest.c | 3 + crypto/rc2/rc2speed.c | 3 + crypto/rc2/rc2test.c | 3 + crypto/rc4/rc4speed.c | 3 + crypto/rc4/rc4test.c | 3 + crypto/rc5/rc5speed.c | 3 + crypto/rsa/rsa_test.c | 3 + crypto/sha/sha1test.c | 4 + crypto/sha/shatest.c | 5 +- crypto/threads/mttest.c | 115 +++++++++ crypto/threads/netware.bat | 79 ++++++ crypto/tmdiff.c | 16 +- crypto/ui/ui_openssl.c | 10 +- crypto/uid.c | 2 +- e_os.h | 36 +++ e_os2.h | 6 + engines/e_aep.c | 4 + ssl/ssltest.c | 3 + util/mk1mf.pl | 11 + util/pl/netware.pl | 327 +++++++++++++++++++++++ 67 files changed, 3490 insertions(+), 43 deletions(-) create mode 100644 INSTALL.NW create mode 100644 Netware/build.bat create mode 100644 Netware/cpy_tests.bat create mode 100644 Netware/do_tests.pl create mode 100644 Netware/globals.txt create mode 100644 Netware/readme.txt create mode 100644 Netware/set_env.bat create mode 100644 crypto/perlasm/x86mwasm_nw.pl create mode 100644 crypto/perlasm/x86nasm_nw.pl create mode 100644 crypto/rand/rand_nw.c create mode 100644 crypto/threads/netware.bat create mode 100644 util/pl/netware.pl diff --git a/Configure b/Configure index bc7d5d4891..fa96c762f7 100755 --- a/Configure +++ b/Configure @@ -519,6 +519,12 @@ my %table=( "Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall:::CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:win32:cygwin-shared:::.dll", "debug-Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -march=i486 -Wall -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -g -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror:::CYGWIN32::::win32:cygwin-shared:::.dll", +# NetWare from David Ward (dsward@novell.com) - requires MetroWerks NLM development tools +# netware-clib => legacy CLib c-runtime support +"netware-clib", "mwccnlm:::::${x86_gcc_opts}:::", +# netware-libc => LibC/NKS support +"netware-libc", "mwccnlm:::::BN_LLONG ${x86_gcc_opts}:::", + # DJGPP "DJGPP", "gcc:-I/dev/env/WATT_ROOT/inc -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -Wall:::MSDOS:-L/dev/env/WATT_ROOT/lib -lwatt:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::", @@ -570,8 +576,8 @@ my %table=( ); -my @WinTargets=qw(VC-NT VC-CE VC-WIN32 VC-WIN16 VC-W31-16 VC-W31-32 VC-MSDOS - BC-32 BC-16 Mingw32 OS2-EMX); +my @MK1MF_Builds=qw(VC-NT VC-CE VC-WIN32 VC-WIN16 VC-W31-16 VC-W31-32 VC-MSDOS + BC-32 BC-16 Mingw32 OS2-EMX netware-clib netware-libc); my $idx = 0; my $idx_cc = $idx++; @@ -940,7 +946,7 @@ print "Configuring for $target\n"; &usage if (!defined($table{$target})); -my $IsWindows=scalar grep /^$target$/,@WinTargets; +my $IsMK1MF=scalar grep /^$target$/,@MK1MF_Builds; $exe_ext=".exe" if ($target eq "Cygwin"); $exe_ext=".exe" if ($target eq "DJGPP"); @@ -954,7 +960,7 @@ $openssldir=$prefix . "/ssl" if $openssldir eq ""; $openssldir=$prefix . "/" . $openssldir if $openssldir !~ /(^\/|^[a-zA-Z]:[\\\/])/; -print "IsWindows=$IsWindows\n"; +print "IsMK1MF=$IsMK1MF\n"; my @fields = split(/\s*:\s*/,$table{$target} . ":" x 30 , -1); my $cc = $fields[$idx_cc]; @@ -1502,7 +1508,7 @@ print "RC2 uses u$type[$rc2_int]\n" if $rc2_int != $def_int; print "BF_PTR used\n" if $bf_ptr == 1; print "BF_PTR2 used\n" if $bf_ptr == 2; -if($IsWindows) { +if($IsMK1MF) { open (OUT,">crypto/buildinf.h") || die "Can't open buildinf.h"; printf OUT <MINFO + generates a listing of source files (used by mk1mf) + + perl util\mk1mf.pl no-asm [other config opts] [netware-clib|netware-libc >netware\nlm.mak + generates the makefile for NetWare + + gmake -f netware\nlm.mak + build with the make tool (nmake.exe also works) + +NOTE: If you are building using the assembly option, you must also run the +various Perl scripts to generate the assembly files. See build.bat +for an example of running the various assembly scripts. You must use the +"no-asm" option to build without assembly. The configure and mk1mf scripts +also have various other options. See the scripts for more information. + + +The output from the build is placed in the following directories: + + CLIB Debug build: + out_nw_clib.dbg - static libs & test nlm(s) + tmp_nw_clib.dbg - temporary build files + outinc_nw_clib - necessary include files + + CLIB Non-debug build: + out_nw_clib - static libs & test nlm(s) + tmp_nw_clib - temporary build files + outinc_nw_clib - necesary include files + + LibC Debug build: + out_nw_libc.dbg - static libs & test nlm(s) + tmp_nw_libc.dbg - temporary build files + outinc_nw_libc - necessary include files + + LibC Non-debug build: + out_nw_libc - static libs & test nlm(s) + tmp_nw_libc - temporary build files + outinc_nw_libc - necesary include files + + +TESTING: +-------- +The build process creates the OpenSSL static libs ( crypto.lib, ssl.lib, +rsaglue.lib ) and several test programs. You should copy the test programs +to your NetWare server and run the tests. + +The batch file "netware\cpy_tests.bat" will copy all the necessary files +to your server for testing. In order to run the batch file, you need a +drive mapped to your target server. It will create an "OpenSSL" directory +on the drive and copy the test files to it. CAUTION: If a directory with the +name of "OpenSSL" already exists, it will be deleted. + +To run cpy_tests.bat: + + netware\cpy_tests [output directory] [NetWare drive] + + output directory - "out_nw_clib.dbg", "out_nw_libc", etc. + NetWare drive - drive letter of mapped drive + + CLIB ex: netware\cpy_tests out_nw_clib m: + LibC ex: netware\cpy_tests out_nw_libc m: + + +The Perl script, "do_tests.pl", in the "OpenSSL" directory on the server +should be used to execute the tests. Before running the script, make sure +your SEARCH PATH includes the "OpenSSL" directory. For example, if you +copied the files to the "sys:" volume you use the command: + + SEARCH ADD SYS:\OPENSSL + + +To run do_tests.pl type (at the console prompt): + + perl \openssl\do_tests.pl [options] + + options: + -p - pause after executing each test + +The do_tests.pl script generates a log file "\openssl\test_out\tests.log" +which should be reviewed for errors. Any errors will be denoted by the word +"ERROR" in the log. + +NOTE: Currently (11/2002), the LibC test nlms report an error while loading + when launched from the perl script (do_tests.pl). The problems are + being addressed by the LibC development team and should be fixed in the + next release. Until the problems are corrected, the LibC test nlms + will have to be executed manually. + + +DEVELOPING WITH THE OPENSSL SDK: +-------------------------------- +Now that everything is built and tested, you are ready to use the OpenSSL +libraries in your development. + +There is no real installation procedure, just copy the static libs and +headers to your build location. The libs (crypto.lib & ssl.lib) are +located in the appropriate "out_nw_XXXX" directory +(out_nw_clib, out_nw_libc, etc). + +The headers are located in the appropriate "outinc_nw_XXX" directory +(outinc_nw_clib, outinc_nw_libc). + +One suggestion is to create the following directory +structure for the OpenSSL SDK: + + \openssl + |- bin + | |- openssl.nlm + | |- (other tests you want) + | + |- lib + | | - crypto.lib + | | - ssl.lib + | + |- include + | | - openssl + | | | - (all the headers in "outinc_nw\openssl") + + +The program "openssl.nlm" can be very useful. It has dozens of +options and you may want to keep it handy for debugging, testing, etc. + +When building your apps using OpenSSL, define "NETWARE". It is needed by +some of the OpenSSL headers. One way to do this is with a compile option, +for example "-DNETWARE". + + + +NOTES: +------ + +Resource leaks in Tests +------------------------ +Some OpenSSL tests do not clean up resources and NetWare reports +the resource leaks when the tests unload. If this really bugs you, +you can stop the messages by setting the developer option off at the console +prompt (set developer option = off). Or better yet, fix the tests to +clean up the resources! + + +Multi-threaded Development +--------------------------- +The NetWare version of OpenSSL is thread-safe however, multi-threaded +applications must provide the necessary locking function callbacks. This +is described in doc\threads.doc. The file "openssl\crypto\threads\mttest.c" +is a multi-threaded test program and demonstrates the locking functions. + + +What is openssl2.nlm? +--------------------- +The openssl program has numerous options and can be used for many different +things. Many of the options operate in an interactive mode requiring the +user to enter data. Because of this, a default screen is created for the +program. However, when running the test script it is not desirable to +have a seperate screen. Therefore, the build also creates openssl2.nlm. +Openssl2.nlm is functionally identical but uses the console screen. +Openssl2 can be used when a non-interactive mode is desired. + +NOTE: There are may other possibilities (command line options, etc) +which could have been used to address the screen issue. The openssl2.nlm +option was chosen because it impacted only the build not the code. + + +Why only static libraries? +-------------------------- +Globals, globals, and more globals. The OpenSSL code uses many global +variables that are allocated and initialized when used for the first time. + +On NetWare, most applications (at least historically) run in the kernel. +When running in the kernel, there is one instance of global variables. +For regular application type NLM(s) this isn't a problem because they are +the only ones using the globals. However, for a library NLM (an NLM which +exposes functions and has no threads of execution), the globals cause +problems. Applications could inadvertently step on each other if they +change some globals. Even worse, the first application that triggers a +global to be allocated and initialized has the allocated memory charged to +itself. Now when that application unloads, NetWare will clean up all the +applicaton's memory. The global pointer variables inside OpenSSL now +point to freed memory. An abend waiting to happen! + +To work correctly in the kernel, library NLM(s) that use globals need to +provide a set of globals (instance data) for each application. Another +option is to require the library only be loaded in a protected address +space along with the application using it. + +Modifying the OpenSSL code to provide a set of globals (instance data) for +each application isn't technically difficult, but due to the large number +globals it would require substantial code changes and it wasn't done. Hence, +the build currently only builds static libraries which are then linked +into each application. + +NOTE: If you are building a library NLM that uses the OpenSSL static +libraries, you will still have to deal with the global variable issue. +This is because when you link in the OpenSSL code you bring in all the +globals. One possible solution for the global pointer variables is to +register memory functions with OpenSSL which allocate memory and charge it +to your library NLM (see the function CRYPTO_set_mem_functions). However, +be aware that now all memory allocated by OpenSSL is charged to your NLM. + + +CodeWarrior Tools and W2K +--------------------------- +There have been problems reported with the CodeWarrior Linker +(mwldnlm.exe) in the PDK 2.1 for NetWare when running on Windows 2000. The +problems cause the link step to fail. The only work around is to obtain an +updated linker from Metrowerks. It is expected Metrowerks will release +PDK 3.0 (in beta testing at this time - May, 2001) in the near future which +will fix these problems. + + +Makefile "vclean" +------------------ +The generated makefile has a "vclean" target which cleans up the build +directories. If you have been building successfully and suddenly +experience problems, use "vclean" (gmake -f netware\nlm.mak vclean) and retry. + + +"Undefined Symbol" Linker errors +-------------------------------- +There have been linker errors reported when doing a CLIB build. The problems +occur because some versions of the CLIB SDK import files inadvertently +left out some symbols. One symbol in particular is "_lrotl". The missing +functions are actually delivered in the binaries, but they were left out of +the import files. The issues should be fixed in the September 2001 release +of the NDK. If you experience the problems you can temporarily +work around it by manually adding the missing symbols to your version of +"clib.imp". diff --git a/Netware/build.bat b/Netware/build.bat new file mode 100644 index 0000000000..ee73da4dff --- /dev/null +++ b/Netware/build.bat @@ -0,0 +1,204 @@ +@echo off + +rem ======================================================================== +rem Batch file to automate building OpenSSL for NetWare. +rem +rem usage: +rem build [target] [debug opts] [assembly opts] [configure opts] +rem +rem target - "netware-clib" - CLib NetWare build +rem - "netware-libc" - LibC NKS NetWare build +rem +rem debug opts - "debug" - build debug +rem +rem assembly opts - "nw-mwasm" - use Metrowerks assembler +rem "nw-nasm" - use NASM assembler +rem "no-asm" - don't use assembly +rem +rem configure opts- all unrecognized arguments are passed to the +rem perl configure script +rem +rem If no arguments are specified the default is to build non-debug with +rem no assembly. NOTE: there is no default BLD_TARGET. +rem + + + +rem No assembly is the default - Uncomment section below to change +rem the assembler default +set ASM_MODE= +set ASSEMBLER= +set NO_ASM=no-asm + +rem Uncomment to default to the Metrowerks assembler +rem set ASM_MODE=nw-mwasm +rem set ASSEMBLER=Metrowerks +rem set NO_ASM= + +rem Uncomment to default to the NASM assembler +rem set ASM_MODE=nw-nasm +rem set ASSEMBLER=NASM +rem set NO_ASM= + +rem No default Bld target +set BLD_TARGET=no_target +rem set BLD_TARGET=netware-clib +rem set BLD_TARGET=netware-libc + + +rem Default to build non-debug +set DEBUG= + +rem Uncomment to default to debug build +rem set DEBUG=debug + + +set CONFIG_OPTS= +set ARG_PROCESSED=NO + + +rem Process command line args +:opts +if "a%1" == "a" goto endopt +if "%1" == "no-asm" set NO_ASM=no-asm +if "%1" == "no-asm" set ARG_PROCESSED=YES +if "%1" == "debug" set DEBUG=debug +if "%1" == "debug" set ARG_PROCESSED=YES +if "%1" == "nw-nasm" set ASM_MODE=nw-nasm +if "%1" == "nw-nasm" set ASSEMBLER=NASM +if "%1" == "nw-nasm" set NO_ASM= +if "%1" == "nw-nasm" set ARG_PROCESSED=YES +if "%1" == "nw-mwasm" set ASM_MODE=nw-mwasm +if "%1" == "nw-mwasm" set ASSEMBLER=Metrowerks +if "%1" == "nw-mwasm" set NO_ASM= +if "%1" == "nw-mwasm" set ARG_PROCESSED=YES +if "%1" == "netware-clib" set BLD_TARGET=netware-clib +if "%1" == "netware-clib" set ARG_PROCESSED=YES +if "%1" == "netware-libc" set BLD_TARGET=netware-libc +if "%1" == "netware-libc" set ARG_PROCESSED=YES + +rem If we didn't recognize the argument, consider it an option for config +if "%ARG_PROCESSED%" == "NO" set CONFIG_OPTS=%CONFIG_OPTS% %1 +if "%ARG_PROCESSED%" == "YES" set ARG_PROCESSED=NO + +shift +goto opts +:endopt + +rem make sure a valid BLD_TARGET was specified +if "%BLD_TARGET%" == "no_target" goto no_target + +rem build the nlm make file name which includes target and debug info +set NLM_MAKE= +if "%BLD_TARGET%" == "netware-clib" set NLM_MAKE=netware\nlm_clib +if "%BLD_TARGET%" == "netware-libc" set NLM_MAKE=netware\nlm_libc +if "%DEBUG%" == "" set NLM_MAKE=%NLM_MAKE%.mak +if "%DEBUG%" == "debug" set NLM_MAKE=%NLM_MAKE%_dbg.mak + +if "%NO_ASM%" == "no-asm" set ASM_MODE= +if "%NO_ASM%" == "no-asm" set ASSEMBLER= +if "%NO_ASM%" == "no-asm" set CONFIG_OPTS=%CONFIG_OPTS% no-asm +if "%NO_ASM%" == "no-asm" goto do_config + + +rem ================================================== +echo Generating x86 for %ASSEMBLER% assembler + +echo Bignum +cd crypto\bn\asm +perl x86.pl %ASM_MODE% > bn-nw.asm +cd ..\..\.. + +echo DES +cd crypto\des\asm +perl des-586.pl %ASM_MODE% > d-nw.asm +cd ..\..\.. + +echo "crypt(3)" + +cd crypto\des\asm +perl crypt586.pl %ASM_MODE% > y-nw.asm +cd ..\..\.. + +echo Blowfish + +cd crypto\bf\asm +perl bf-586.pl %ASM_MODE% > b-nw.asm +cd ..\..\.. + +echo CAST5 +cd crypto\cast\asm +perl cast-586.pl %ASM_MODE% > c-nw.asm +cd ..\..\.. + +echo RC4 +cd crypto\rc4\asm +perl rc4-586.pl %ASM_MODE% > r4-nw.asm +cd ..\..\.. + +echo MD5 +cd crypto\md5\asm +perl md5-586.pl %ASM_MODE% > m5-nw.asm +cd ..\..\.. + +echo SHA1 +cd crypto\sha\asm +perl sha1-586.pl %ASM_MODE% > s1-nw.asm +cd ..\..\.. + +echo RIPEMD160 +cd crypto\ripemd\asm +perl rmd-586.pl %ASM_MODE% > rm-nw.asm +cd ..\..\.. + +echo RC5\32 +cd crypto\rc5\asm +perl rc5-586.pl %ASM_MODE% > r5-nw.asm +cd ..\..\.. + +rem =============================================================== +rem +:do_config + +echo . +echo configure options: %CONFIG_OPTS% %BLD_TARGET% +echo . +perl configure %CONFIG_OPTS% %BLD_TARGET% + +perl util\mkfiles.pl >MINFO + +echo . +echo mk1mf.pl options: %DEBUG% %ASM_MODE% %CONFIG_OPTS% %BLD_TARGET% +echo . +perl util\mk1mf.pl %DEBUG% %ASM_MODE% %CONFIG_OPTS% %BLD_TARGET% >%NLM_MAKE% + +echo The makefile "%NLM_MAKE%" has been created use your maketool to +echo build (ex: gmake -f %NLM_MAKE%) +goto end + +rem =============================================================== +rem +:no_target +echo . +echo . No build target specified!!! +echo . +echo . usage: build [target] [debug opts] [assembly opts] [configure opts] +echo . +echo . target - "netware-clib" - CLib NetWare build +echo . - "netware-libc" - LibC NKS NetWare build +echo . +echo . debug opts - "debug" - build debug +echo . +echo . assembly opts - "nw-mwasm" - use Metrowerks assembler +echo . "nw-nasm" - use NASM assembler +echo . "no-asm" - don't use assembly +echo . +echo . configure opts- all unrecognized arguments are passed to the +echo . perl configure script +echo . +echo . If no debug or assembly opts are specified the default is to build +echo . non-debug without assembly +echo . + + +:end diff --git a/Netware/cpy_tests.bat b/Netware/cpy_tests.bat new file mode 100644 index 0000000000..c2f07c00c7 --- /dev/null +++ b/Netware/cpy_tests.bat @@ -0,0 +1,112 @@ +@echo off + +rem Batch file to copy OpenSSL stuff to a NetWare server for testing + +rem This batch file will create an "opensssl" directory at the root of the +rem specified NetWare drive and copy the required files to run the tests. +rem It should be run from inside the "openssl\netware" subdirectory. + +rem Usage: +rem cpy_tests.bat +rem - out_nw.dbg | out_nw +rem - any mapped drive letter +rem +rem example ( copy from debug build to m: dirve ): +rem cpy_tests.bat out_nw.dbg m: +rem +rem CAUTION: If a directory named OpenSSL exists on the target drive +rem it will be deleted first. + + +if "%1" == "" goto usage +if "%2" == "" goto usage + +rem Assume running in \openssl directory unless cpy_tests.bat exists then +rem it must be the \openssl\netware directory +set loc=. +if exist cpy_tests.bat set loc=.. + +rem make sure the local build subdirectory specified is valid +if not exist %loc%\%1\NUL goto invalid_dir + +rem make sure target drive is valid +if not exist %2\NUL goto invalid_drive + +rem If an OpenSSL directory exists on the target drive, remove it +if exist %2\openssl\NUL goto remove_openssl +goto do_copy + +:remove_openssl +echo . +echo OpenSSL directory exists on %2 - it will be removed! +pause +rmdir %2\openssl /s /q + +:do_copy +rem make an "openssl" directory and others at the root of the NetWare drive +mkdir %2\openssl +mkdir %2\openssl\test_out +mkdir %2\openssl\apps +mkdir %2\openssl\certs +mkdir %2\openssl\test + + +rem copy the test nlms +copy %loc%\%1\*.nlm %2\openssl\ + +rem copy the test perl script +copy %loc%\netware\do_tests.pl %2\openssl\ + +rem copy the certs directory stuff +xcopy %loc%\certs\*.* %2\openssl\certs\ /s + +rem copy the test directory stuff +copy %loc%\test\CAss.cnf %2\openssl\test\ +copy %loc%\test\Uss.cnf %2\openssl\test\ +copy %loc%\test\pkcs7.pem %2\openssl\test\ +copy %loc%\test\pkcs7-1.pem %2\openssl\test\ +copy %loc%\test\testcrl.pem %2\openssl\test\ +copy %loc%\test\testp7.pem %2\openssl\test\ +copy %loc%\test\testreq2.pem %2\openssl\test\ +copy %loc%\test\testrsa.pem %2\openssl\test\ +copy %loc%\test\testsid.pem %2\openssl\test\ +copy %loc%\test\testx509.pem %2\openssl\test\ +copy %loc%\test\v3-cert1.pem %2\openssl\test\ +copy %loc%\test\v3-cert2.pem %2\openssl\test\ + +rem copy the apps directory stuff +copy %loc%\apps\client.pem %2\openssl\apps\ +copy %loc%\apps\server.pem %2\openssl\apps\ +copy %loc%\apps\openssl.cnf %2\openssl\apps\ + +echo . +echo Tests copied +echo Run the test script at the console by typing: +echo "Perl \openssl\do_tests.pl" +echo . +echo Make sure the Search path includes the OpenSSL subdirectory + +goto end + +:invalid_dir +echo. +echo Invalid build directory specified: %1 +echo. +goto usage + +:invalid_drive +echo. +echo Invalid drive: %2 +echo. +goto usage + +:usage +echo. +echo usage: cpy_tests.bat [test subdirectory] [NetWare drive] +echo [test subdirectory] - out_nw_clib.dbg, out_nw_libc.dbg, etc. +echo [NetWare drive] - any mapped drive letter +echo. +echo example: cpy_test out_nw_clib.dbg M: +echo (copy from clib debug build area to M: drive) + +:end diff --git a/Netware/do_tests.pl b/Netware/do_tests.pl new file mode 100644 index 0000000000..f4e11272d3 --- /dev/null +++ b/Netware/do_tests.pl @@ -0,0 +1,585 @@ +# perl script to run OpenSSL tests + + +my $base_path = "\\openssl"; + +my $output_path = "$base_path\\test_out"; +my $cert_path = "$base_path\\certs"; +my $test_path = "$base_path\\test"; +my $app_path = "$base_path\\apps"; + +my $tmp_cert = "$output_path\\cert.tmp"; +my $OpenSSL_config = "$app_path\\openssl.cnf"; +my $log_file = "$output_path\\tests.log"; + +my $pause = 0; + + +# process the command line args to see if they wanted us to pause +# between executing each command +foreach $i (@ARGV) +{ + if ($i =~ /^-p$/) + { $pause=1; } +} + + + +main(); + + +############################################################################ +sub main() +{ + # delete all the output files in the output directory + unlink <$output_path\\*.*>; + + # open the main log file + open(OUT, ">$log_file") || die "unable to open $log_file\n"; + + + algorithm_tests(); + encryption_tests(); + pem_tests(); + verify_tests(); + ssl_tests(); + ca_tests(); + + close(OUT); + + print("\nCompleted running tests.\n\n"); + print("Check log file for errors: $log_file\n"); +} + +############################################################################ +sub algorithm_tests +{ + my $i; + my $outFile; + my @tests = ( rsa_test, destest, ideatest, bftest, shatest, sha1test, + md5test, dsatest, md2test, mdc2test, rc2test, rc4test, randtest, + dhtest, exptest ); + + print( "\nRUNNING CRYPTO ALGORITHM TESTS:\n\n"); + + print( OUT "\n========================================================\n"); + print( OUT "CRYPTO ALGORITHM TESTS:\n\n"); + + foreach $i (@tests) + { + $outFile = "$output_path\\$i.out"; + system("$i > $outFile"); + log_desc("Test: $i\.nlm:"); + log_output("", $outFile ); + } +} + +############################################################################ +sub encryption_tests +{ + my $i; + my $outFile; + my @enc_tests = ( "enc", "rc4", "des-cfb", "des-ede-cfb", "des-ede3-cfb", + "des-ofb", "des-ede-ofb", "des-ede3-ofb", + "des-ecb", "des-ede", "des-ede3", "des-cbc", + "des-ede-cbc", "des-ede3-cbc", "idea-ecb", "idea-cfb", + "idea-ofb", "idea-cbc", "rc2-ecb", "rc2-cfb", + "rc2-ofb", "rc2-cbc", "bf-ecb", "bf-cfb", + "bf-ofb", "bf-cbc" ); + + my $input = "$base_path\\do_tests.pl"; + my $cipher = "$output_path\\cipher.out"; + my $clear = "$output_path\\clear.out"; + + print( "\nRUNNING ENCRYPTION & DECRYPTION TESTS:\n\n"); + + print( OUT "\n========================================================\n"); + print( OUT "FILE ENCRYPTION & DECRYPTION TESTS:\n\n"); + + foreach $i (@enc_tests) + { + log_desc("Testing: $i"); + + # do encryption + $outFile = "$output_path\\enc.out"; + system("openssl2 $i -e -bufsize 113 -k test -in $input -out $cipher > $outFile" ); + log_output("Encrypting: $input --> $cipher", $outFile); + + # do decryption + $outFile = "$output_path\\dec.out"; + system("openssl2 $i -d -bufsize 157 -k test -in $cipher -out $clear > $outFile"); + log_output("Decrypting: $cipher --> $clear", $outFile); + + # compare files + $x = compare_files( $input, $clear, 1); + if ( $x == 0 ) + { + print( "SUCCESS - files match: $input, $clear\n"); + print( OUT "SUCCESS - files match: $input, $clear\n"); + } + else + { + print( "ERROR: files don't match\n"); + print( OUT "ERROR: files don't match\n"); + } + + do_wait(); + + # Now do the same encryption but use Base64 + + # do encryption B64 + $outFile = "$output_path\\B64enc.out"; + system("openssl2 $i -a -e -bufsize 113 -k test -in $input -out $cipher > $outFile"); + log_output("Encrypting(B64): $cipher --> $clear", $outFile); + + # do decryption B64 + $outFile = "$output_path\\B64dec.out"; + system("openssl2 $i -a -d -bufsize 157 -k test -in $cipher -out $clear > $outFile"); + log_output("Decrypting(B64): $cipher --> $clear", $outFile); + + # compare files + $x = compare_files( $input, $clear, 1); + if ( $x == 0 ) + { + print( "SUCCESS - files match: $input, $clear\n"); + print( OUT "SUCCESS - files match: $input, $clear\n"); + } + else + { + print( "ERROR: files don't match\n"); + print( OUT "ERROR: files don't match\n"); + } + + do_wait(); + + } # end foreach + + # delete the temporary files + unlink($cipher); + unlink($clear); +} + + +############################################################################ +sub pem_tests +{ + my $i; + my $tmp_out; + my $outFile = "$output_path\\pem.out"; + + my %pem_tests = ( + "crl" => "testcrl.pem", + "pkcs7" => "testp7.pem", + "req" => "testreq2.pem", + "rsa" => "testrsa.pem", + "x509" => "testx509.pem", + "x509" => "v3-cert1.pem", + "sess_id" => "testsid.pem" ); + + + print( "\nRUNNING PEM TESTS:\n\n"); + + print( OUT "\n========================================================\n"); + print( OUT "PEM TESTS:\n\n"); + + foreach $i (keys(%pem_tests)) + { + log_desc( "Testing: $i"); + + my $input = "$test_path\\$pem_tests{$i}"; + + $tmp_out = "$output_path\\$pem_tests{$i}"; + + if ($i ne "req" ) + { + system("openssl2 $i -in $input -out $tmp_out > $outFile"); + log_output( "openssl2 $i -in $input -out $tmp_out", $outFile); + } + else + { + system("openssl2 $i -in $input -out $tmp_out -config $OpenSSL_config > $outFile"); + log_output( "openssl2 $i -in $input -out $tmp_out -config $OpenSSL_config", $outFile ); + } + + $x = compare_files( $input, $tmp_out); + if ( $x == 0 ) + { + print( "SUCCESS - files match: $input, $tmp_out\n"); + print( OUT "SUCCESS - files match: $input, $tmp_out\n"); + } + else + { + print( "ERROR: files don't match\n"); + print( OUT "ERROR: files don't match\n"); + } + do_wait(); + + } # end foreach +} + + +############################################################################ +sub verify_tests +{ + my $i; + my $outFile = "$output_path\\verify.out"; + + my @cert_files = <$cert_path\\*.pem>; + + print( "\nRUNNING VERIFY TESTS:\n\n"); + + print( OUT "\n========================================================\n"); + print( OUT "VERIFY TESTS:\n\n"); + + make_tmp_cert_file(); + + foreach $i (@cert_files) + { + system("openssl2 verify -CAfile $tmp_cert $i >$outFile"); + log_desc("Verifying cert: $i"); + log_output("openssl2 verify -CAfile $tmp_cert $i", $outFile); + } +} + + +############################################################################ +sub ssl_tests +{ + my $outFile = "$output_path\\ssl_tst.out"; + + print( "\nRUNNING SSL TESTS:\n\n"); + + print( OUT "\n========================================================\n"); + print( OUT "SSL TESTS:\n\n"); + + make_tmp_cert_file(); + + system("ssltest -ssl2 >$outFile"); + log_desc("Testing sslv2:"); + log_output("ssltest -ssl2", $outFile); + + system("ssltest -ssl2 -server_auth -CAfile $tmp_cert >$outFile"); + log_desc("Testing sslv2 with server authentication:"); + log_output("ssltest -ssl2 -server_auth -CAfile $tmp_cert", $outFile); + + system("ssltest -ssl2 -client_auth -CAfile $tmp_cert >$outFile"); + log_desc("Testing sslv2 with client authentication:"); + log_output("ssltest -ssl2 -client_auth -CAfile $tmp_cert", $outFile); + + system("ssltest -ssl2 -server_auth -client_auth -CAfile $tmp_cert >$outFile"); + log_desc("Testing sslv2 with both client and server authentication:"); + log_output("ssltest -ssl2 -server_auth -client_auth -CAfile $tmp_cert", $outFile); + + system("ssltest -ssl3 >$outFile"); + log_desc("Testing sslv3:"); + log_output("ssltest -ssl3", $outFile); + + system("ssltest -ssl3 -server_auth -CAfile $tmp_cert >$outFile"); + log_desc("Testing sslv3 with server authentication:"); + log_output("ssltest -ssl3 -server_auth -CAfile $tmp_cert", $outFile); + + system("ssltest -ssl3 -client_auth -CAfile $tmp_cert >$outFile"); + log_desc("Testing sslv3 with client authentication:"); + log_output("ssltest -ssl3 -client_auth -CAfile $tmp_cert", $outFile); + + system("ssltest -ssl3 -server_auth -client_auth -CAfile $tmp_cert >$outFile"); + log_desc("Testing sslv3 with both client and server authentication:"); + log_output("ssltest -ssl3 -server_auth -client_auth -CAfile $tmp_cert", $outFile); + + system("ssltest >$outFile"); + log_desc("Testing sslv2/sslv3:"); + log_output("ssltest", $outFile); + + system("ssltest -server_auth -CAfile $tmp_cert >$outFile"); + log_desc("Testing sslv2/sslv3 with server authentication:"); + log_output("ssltest -server_auth -CAfile $tmp_cert", $outFile); + + system("ssltest -client_auth -CAfile $tmp_cert >$outFile"); + log_desc("Testing sslv2/sslv3 with client authentication:"); + log_output("ssltest -client_auth -CAfile $tmp_cert", $outFile); + + system("ssltest -server_auth -client_auth -CAfile $tmp_cert >$outFile"); + log_desc("Testing sslv2/sslv3 with both client and server authentication:"); + log_output("ssltest -server_auth -client_auth -CAfile $tmp_cert", $outFile); + + system("ssltest -bio_pair -ssl2 >$outFile"); + log_desc("Testing sslv2 via BIO pair:"); + log_output("ssltest -bio_pair -ssl2", $outFile); + + system("ssltest -bio_pair -dhe1024dsa -v >$outFile"); + log_desc("Testing sslv2/sslv3 with 1024 bit DHE via BIO pair:"); + log_output("ssltest -bio_pair -dhe1024dsa -v", $outFile); + + system("ssltest -bio_pair -ssl2 -server_auth -CAfile $tmp_cert >$outFile"); + log_desc("Testing sslv2 with server authentication via BIO pair:"); + log_output("ssltest -bio_pair -ssl2 -server_auth -CAfile $tmp_cert", $outFile); + + system("ssltest -bio_pair -ssl2 -client_auth -CAfile $tmp_cert >$outFile"); + log_desc("Testing sslv2 with client authentication via BIO pair:"); + log_output("ssltest -bio_pair -ssl2 -client_auth -CAfile $tmp_cert", $outFile); + + system("ssltest -bio_pair -ssl2 -server_auth -client_auth -CAfile $tmp_cert >$outFile"); + log_desc("Testing sslv2 with both client and server authentication via BIO pair:"); + log_output("ssltest -bio_pair -ssl2 -server_auth -client_auth -CAfile $tmp_cert", $outFile); + + system("ssltest -bio_pair -ssl3 >$outFile"); + log_desc("Testing sslv3 via BIO pair:"); + log_output("ssltest -bio_pair -ssl3", $outFile); + + system("ssltest -bio_pair -ssl3 -server_auth -CAfile $tmp_cert >$outFile"); + log_desc("Testing sslv3 with server authentication via BIO pair:"); + log_output("ssltest -bio_pair -ssl3 -server_auth -CAfile $tmp_cert", $outFile); + + system("ssltest -bio_pair -ssl3 -client_auth -CAfile $tmp_cert >$outFile"); + log_desc("Testing sslv3 with client authentication via BIO pair:"); + log_output("ssltest -bio_pair -ssl3 -client_auth -CAfile $tmp_cert", $outFile); + + system("ssltest -bio_pair -ssl3 -server_auth -client_auth -CAfile $tmp_cert >$outFile"); + log_desc("Testing sslv3 with both client and server authentication via BIO pair:"); + log_output("ssltest -bio_pair -ssl3 -server_auth -client_auth -CAfile $tmp_cert", $outFile); + + system("ssltest -bio_pair >$outFile"); + log_desc("Testing sslv2/sslv3 via BIO pair:"); + log_output("ssltest -bio_pair", $outFile); + + system("ssltest -bio_pair -server_auth -CAfile $tmp_cert >$outFile"); + log_desc("Testing sslv2/sslv3 with server authentication via BIO pair:"); + log_output("ssltest -bio_pair -server_auth -CAfile $tmp_cert", $outFile); + + system("ssltest -bio_pair -client_auth -CAfile $tmp_cert >$outFile"); + log_desc("Testing sslv2/sslv3 with client authentication via BIO pair:"); + log_output("ssltest -bio_pair -client_auth -CAfile $tmp_cert", $outFile); + + system("ssltest -bio_pair -server_auth -client_auth -CAfile $tmp_cert >$outFile"); + log_desc("Testing sslv2/sslv3 with both client and server authentication via BIO pair:"); + log_output("ssltest -bio_pair -server_auth -client_auth -CAfile $tmp_cert", $outFile); +} + + +############################################################################ +sub ca_tests +{ + my $outFile = "$output_path\\ca_tst.out"; + + my($CAkey) = "$output_path\\keyCA.ss"; + my($CAcert) = "$output_path\\certCA.ss"; + my($CAserial) = "$output_path\\certCA.srl"; + my($CAreq) = "$output_path\\reqCA.ss"; + my($CAreq2) = "$output_path\\req2CA.ss"; + + my($CAconf) = "$test_path\\CAss.cnf"; + + my($Uconf) = "$test_path\\Uss.cnf"; + + my($Ukey) = "$output_path\\keyU.ss"; + my($Ureq) = "$output_path\\reqU.ss"; + my($Ucert) = "$output_path\\certU.ss"; + + print( "\nRUNNING CA TESTS:\n\n"); + + print( OUT "\n========================================================\n"); + print( OUT "CA TESTS:\n"); + + system("openssl2 req -config $CAconf -out $CAreq -keyout $CAkey -new >$outFile"); + log_desc("Make a certificate request using req:"); + log_output("openssl2 req -config $CAconf -out $CAreq -keyout $CAkey -new", $outFile); + + system("openssl2 x509 -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey >$outFile"); + log_desc("Convert the certificate request into a self signed certificate using x509:"); + log_output("openssl2 x509 -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey", $outFile); + + system("openssl2 x509 -in $CAcert -x509toreq -signkey $CAkey -out $CAreq2 >$outFile"); + log_desc("Convert a certificate into a certificate request using 'x509':"); + log_output("openssl2 x509 -in $CAcert -x509toreq -signkey $CAkey -out $CAreq2", $outFile); + + system("openssl2 req -config $OpenSSL_config -verify -in $CAreq -noout >$outFile"); + log_output("openssl2 req -config $OpenSSL_config -verify -in $CAreq -noout", $outFile); + + system("openssl2 req -config $OpenSSL_config -verify -in $CAreq2 -noout >$outFile"); + log_output( "openssl2 req -config $OpenSSL_config -verify -in $CAreq2 -noout", $outFile); + + system("openssl2 verify -CAfile $CAcert $CAcert >$outFile"); + log_output("openssl2 verify -CAfile $CAcert $CAcert", $outFile); + + system("openssl2 req -config $Uconf -out $Ureq -keyout $Ukey -new >$outFile"); + log_desc("Make another certificate request using req:"); + log_output("openssl2 req -config $Uconf -out $Ureq -keyout $Ukey -new", $outFile); + + system("openssl2 x509 -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -CAserial $CAserial >$outFile"); + log_desc("Sign certificate request with the just created CA via x509:"); + log_output("openssl2 x509 -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -CAserial $CAserial", $outFile); + + system("openssl2 verify -CAfile $CAcert $Ucert >$outFile"); + log_output("openssl2 verify -CAfile $CAcert $Ucert", $outFile); + + system("openssl2 x509 -subject -issuer -startdate -enddate -noout -in $Ucert >$outFile"); + log_desc("Certificate details"); + log_output("openssl2 x509 -subject -issuer -startdate -enddate -noout -in $Ucert", $outFile); + + print(OUT "-- \n"); + print(OUT "The generated CA certificate is $CAcert\n"); + print(OUT "The generated CA private key is $CAkey\n"); + print(OUT "The current CA signing serial number is in $CAserial\n"); + + print(OUT "The generated user certificate is $Ucert\n"); + print(OUT "The generated user private key is $Ukey\n"); + print(OUT "--\n"); +} + +############################################################################ +sub log_output( $ $ ) +{ + my( $desc, $file ) = @_; + my($error) = 0; + my($key); + my($msg); + + if ($desc) + { + print("$desc\n"); + print(OUT "$desc\n"); + } + + # loop waiting for test program to complete + while ( stat($file) == 0) + { print(". "); sleep(1); } + + + # copy test output to log file + open(IN, "<$file"); + while () + { + print(OUT $_); + if ( $_ =~ /ERROR/ ) + { + $error = 1; + } + } + # close and delete the temporary test output file + close(IN); + unlink($file); + + if ( $error == 0 ) + { + $msg = "Test Succeeded"; + } + else + { + $msg = "Test Failed"; + } + + print(OUT "$msg\n"); + + if ($pause) + { + print("$msg - press ENTER to continue..."); + $key = getc; + print("\n"); + } + + # Several of the testing scripts run a loop loading the + # same NLM with different options. + # On slow NetWare machines there appears to be some delay in the + # OS actually unloading the test nlms and the OS complains about. + # the NLM already being loaded. This additional pause is to + # to help provide a little more time for unloading before trying to + # load again. + sleep(1); +} + + +############################################################################ +sub log_desc( $ ) +{ + my( $desc ) = @_; + + print("\n"); + print("$desc\n"); + + print(OUT "\n"); + print(OUT "$desc\n"); + print(OUT "======================================\n"); +} + +############################################################################ +sub compare_files( $ $ $ ) +{ + my( $file1, $file2, $binary ) = @_; + my( $n1, $n2, $b1, $b2 ); + my($ret) = 1; + + open(IN0, $file1) || die "\nunable to open $file1\n"; + open(IN1, $file2) || die "\nunable to open $file2\n"; + + if ($binary) + { + binmode IN0; + binmode IN1; + } + + for (;;) + { + $n1 = read(IN0, $b1, 512); + $n2 = read(IN1, $b2, 512); + + if ($n1 != $n2) {last;} + if ($b1 != $b2) {last;} + + if ($n1 == 0) + { + $ret = 0; + last; + } + } + close(IN0); + close(IN1); + return($ret); +} + +############################################################################ +sub do_wait() +{ + my($key); + + if ($pause) + { + print("Press ENTER to continue..."); + $key = getc; + print("\n"); + } +} + + +############################################################################ +sub make_tmp_cert_file() +{ + my @cert_files = <$cert_path\\*.pem>; + + # delete the file if it already exists + unlink($tmp_cert); + + open( TMP_CERT, ">$tmp_cert") || die "\nunable to open $tmp_cert\n"; + + print("building temporary cert file\n"); + + # create a temporary cert file that contains all the certs + foreach $i (@cert_files) + { + open( IN_CERT, $i ) || die "\nunable to open $i\n"; + + for(;;) + { + $n = sysread(IN_CERT, $data, 1024); + + if ($n == 0) + { + close(IN_CERT); + last; + }; + + syswrite(TMP_CERT, $data, $n); + } + } + + close( TMP_CERT ); +} diff --git a/Netware/globals.txt b/Netware/globals.txt new file mode 100644 index 0000000000..fe05d390cf --- /dev/null +++ b/Netware/globals.txt @@ -0,0 +1,254 @@ +An initial review of the OpenSSL code was done to determine how many +global variables where present. The idea was to determine the amount of +work required to pull the globals into an instance data structure in +order to build a Library NLM for NetWare. This file contains the results +of the review. Each file is listed along with the globals in the file. +The initial review was done very quickly so this list is probably +not a comprehensive list. + + +cryptlib.c +=========================================== + +static STACK *app_locks=NULL; + +static STACK_OF(CRYPTO_dynlock) *dyn_locks=NULL; + +static void (MS_FAR *locking_callback)(int mode,int type, + const char *file,int line)=NULL; +static int (MS_FAR *add_lock_callback)(int *pointer,int amount, + int type,const char *file,int line)=NULL; +static unsigned long (MS_FAR *id_callback)(void)=NULL; +static struct CRYPTO_dynlock_value *(MS_FAR *dynlock_create_callback) + (const char *file,int line)=NULL; +static void (MS_FAR *dynlock_lock_callback)(int mode, + struct CRYPTO_dynlock_value *l, const char *file,int line)=NULL; +static void (MS_FAR *dynlock_destroy_callback)(struct CRYPTO_dynlock_value *l, + const char *file,int line)=NULL; + + +mem.c +=========================================== +static int allow_customize = 1; /* we provide flexible functions for */ +static int allow_customize_debug = 1;/* exchanging memory-related functions at + +/* may be changed as long as `allow_customize' is set */ +static void *(*malloc_locked_func)(size_t) = malloc; +static void (*free_locked_func)(void *) = free; +static void *(*malloc_func)(size_t) = malloc; +static void *(*realloc_func)(void *, size_t)= realloc; +static void (*free_func)(void *) = free; + +/* use default functions from mem_dbg.c */ +static void (*malloc_debug_func)(void *,int,const char *,int,int) + = CRYPTO_dbg_malloc; +static void (*realloc_debug_func)(void *,void *,int,const char *,int,int) + = CRYPTO_dbg_realloc; +static void (*free_debug_func)(void *,int) = CRYPTO_dbg_free; +static void (*set_debug_options_func)(long) = CRYPTO_dbg_set_options; +static long (*get_debug_options_func)(void) = CRYPTO_dbg_get_options; + + +mem_dbg.c +=========================================== +static int mh_mode=CRYPTO_MEM_CHECK_OFF; +static unsigned long order = 0; /* number of memory requests */ +static LHASH *mh=NULL; /* hash-table of memory requests (address as key) */ + +static LHASH *amih=NULL; /* hash-table with those app_mem_info_st's */ +static long options = /* extra information to be recorded */ +static unsigned long disabling_thread = 0; + + +err.c +=========================================== +static LHASH *error_hash=NULL; +static LHASH *thread_hash=NULL; + +several files have routines with static "init" to track if error strings + have been loaded ( may not want seperate error strings for each process ) + The "init" variable can't be left "global" because the error has is a ptr + that is malloc'ed. The malloc'ed error has is dependant on the "init" + vars. + + files: + pem_err.c + cpt_err.c + pk12err.c + asn1_err.c + bio_err.c + bn_err.c + buf_err.c + comp_err.c + conf_err.c + cpt_err.c + dh_err.c + dsa_err.c + dso_err.c + evp_err.c + obj_err.c + pkcs7err.c + rand_err.c + rsa_err.c + rsar_err.c + ssl_err.c + x509_err.c + v3err.c + err.c + +These file have similar "init" globals but they are for other stuff not +error strings: + + bn_lib.c + ecc_enc.c + s23_clnt.c + s23_meth.c + s23_srvr.c + s2_clnt.c + s2_lib.c + s2_meth.c + s2_srvr.c + s3_clnt.c + s3_lib.c + s3_srvr.c + t1_clnt.c + t1_meth.c + t1_srvr.c + +rand_lib.c +=========================================== +static RAND_METHOD *rand_meth= &rand_ssleay_meth; + +md_rand.c +=========================================== +static int state_num=0,state_index=0; +static unsigned char state[STATE_SIZE+MD_DIGEST_LENGTH]; +static unsigned char md[MD_DIGEST_LENGTH]; +static long md_count[2]={0,0}; +static double entropy=0; +static int initialized=0; + +/* This should be set to 1 only when ssleay_rand_add() is called inside + an already locked state, so it doesn't try to lock and thereby cause + a hang. And it should always be reset back to 0 before unlocking. */ +static int add_do_not_lock=0; + +obj_dat.c +============================================ +static int new_nid=NUM_NID; +static LHASH *added=NULL; + +b_sock.c +=========================================== +static unsigned long BIO_ghbn_hits=0L; +static unsigned long BIO_ghbn_miss=0L; +static struct ghbn_cache_st + { + char name[129]; + struct hostent *ent; + unsigned long order; + } ghbn_cache[GHBN_NUM]; + +static int wsa_init_done=0; + + +bio_lib.c +=========================================== +static STACK_OF(CRYPTO_EX_DATA_FUNCS) *bio_meth=NULL; +static int bio_meth_num=0; + + +bn_lib.c +======================================== +static int bn_limit_bits=0; +static int bn_limit_num=8; /* (1<