diff options
| -rw-r--r-- | lib/libcrypto/asn1/a_utctm.c | 3 | ||||
| -rw-r--r-- | lib/libcrypto/des/fcrypt.c | 8 | ||||
| -rw-r--r-- | lib/libcrypto/des/read_pwd.c | 2 | ||||
| -rw-r--r-- | lib/libcrypto/dsa/dsa_key.c | 4 | ||||
| -rw-r--r-- | lib/libcrypto/dsa/dsa_ossl.c | 56 | ||||
| -rw-r--r-- | lib/libcrypto/engine/Makefile.ssl | 2 | ||||
| -rw-r--r-- | lib/libcrypto/engine/eng_all.c | 5 | ||||
| -rw-r--r-- | lib/libcrypto/engine/engine.h | 2 | ||||
| -rw-r--r-- | lib/libcrypto/evp/evp_test.c | 4 | ||||
| -rw-r--r-- | lib/libcrypto/objects/Makefile.ssl | 1 | ||||
| -rw-r--r-- | lib/libcrypto/objects/obj_dat.pl | 3 | ||||
| -rw-r--r-- | lib/libcrypto/rand/randfile.c | 14 | ||||
| -rw-r--r-- | lib/libcrypto/util/domd | 4 | ||||
| -rw-r--r-- | lib/libssl/s3_srvr.c | 4 | ||||
| -rw-r--r-- | lib/libssl/ssl_locl.h | 2 | ||||
| -rw-r--r-- | lib/libssl/test/Makefile.ssl | 15 |
16 files changed, 44 insertions, 85 deletions
diff --git a/lib/libcrypto/asn1/a_utctm.c b/lib/libcrypto/asn1/a_utctm.c index dbb4a42c9d1..ed2d827db2f 100644 --- a/lib/libcrypto/asn1/a_utctm.c +++ b/lib/libcrypto/asn1/a_utctm.c @@ -222,7 +222,6 @@ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t) int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t) { struct tm *tm; - struct tm data; int offset; int year; @@ -239,7 +238,7 @@ int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t) t -= offset*60; /* FIXME: may overflow in extreme cases */ - tm = OPENSSL_gmtime(&t, &data); + { struct tm data; tm = OPENSSL_gmtime(&t, &data); } #define return_cmp(a,b) if ((a)<(b)) return -1; else if ((a)>(b)) return 1 year = g2(s->data); diff --git a/lib/libcrypto/des/fcrypt.c b/lib/libcrypto/des/fcrypt.c index 387d97f28d1..2758c32656a 100644 --- a/lib/libcrypto/des/fcrypt.c +++ b/lib/libcrypto/des/fcrypt.c @@ -1,5 +1,13 @@ /* NOCW */ #include <stdio.h> +#ifdef _OSD_POSIX +#ifndef CHARSET_EBCDIC +#define CHARSET_EBCDIC 1 +#endif +#endif +#ifdef CHARSET_EBCDIC +#include <openssl/ebcdic.h> +#endif /* This version of crypt has been developed from my MIT compatible * DES library. diff --git a/lib/libcrypto/des/read_pwd.c b/lib/libcrypto/des/read_pwd.c index 54e0e2e6b6c..00000190f80 100644 --- a/lib/libcrypto/des/read_pwd.c +++ b/lib/libcrypto/des/read_pwd.c @@ -211,7 +211,7 @@ static int noecho_fgets(char *buf, int size, FILE *tty); #endif static jmp_buf save; -int _ossl_old_des_read_pw_string(char *buf, int length, const char *prompt, +int des_read_pw_string(char *buf, int length, const char *prompt, int verify) { char buff[BUFSIZ]; diff --git a/lib/libcrypto/dsa/dsa_key.c b/lib/libcrypto/dsa/dsa_key.c index bf718c1c6d2..ef87c3e6372 100644 --- a/lib/libcrypto/dsa/dsa_key.c +++ b/lib/libcrypto/dsa/dsa_key.c @@ -64,8 +64,6 @@ #include <openssl/dsa.h> #include <openssl/rand.h> -extern int __BN_rand_range(BIGNUM *r, BIGNUM *range); - int DSA_generate_key(DSA *dsa) { int ok=0; @@ -82,7 +80,7 @@ int DSA_generate_key(DSA *dsa) priv_key=dsa->priv_key; do - if (!__BN_rand_range(priv_key,dsa->q)) goto err; + if (!BN_rand_range(priv_key,dsa->q)) goto err; while (BN_is_zero(priv_key)); if (dsa->pub_key == NULL) diff --git a/lib/libcrypto/dsa/dsa_ossl.c b/lib/libcrypto/dsa/dsa_ossl.c index 07addc94d9e..37dd5fc9940 100644 --- a/lib/libcrypto/dsa/dsa_ossl.c +++ b/lib/libcrypto/dsa/dsa_ossl.c @@ -66,8 +66,6 @@ #include <openssl/asn1.h> #include <openssl/engine.h> -int __BN_rand_range(BIGNUM *r, BIGNUM *range); - static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa); static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp); static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, @@ -193,7 +191,7 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) /* Get random k */ do - if (!__BN_rand_range(&k, dsa->q)) goto err; + if (!BN_rand_range(&k, dsa->q)) goto err; while (BN_is_zero(&k)); if ((dsa->method_mont_p == NULL) && (dsa->flags & DSA_FLAG_CACHE_MONT_P)) @@ -344,55 +342,3 @@ static int dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p, { return BN_mod_exp_mont(r, a, p, m, ctx, m_ctx); } - - -/* random number r: 0 <= r < range */ -int __BN_rand_range(BIGNUM *r, BIGNUM *range) - { - int n; - - if (range->neg || BN_is_zero(range)) - { - /* BNerr(BN_F_BN_RAND_RANGE, BN_R_INVALID_RANGE); */ - return 0; - } - - n = BN_num_bits(range); /* n > 0 */ - - if (n == 1) - { - if (!BN_zero(r)) return 0; - } - else if (BN_is_bit_set(range, n - 2)) - { - do - { - /* range = 11..._2, so each iteration succeeds with probability >= .75 */ - if (!BN_rand(r, n, -1, 0)) return 0; - } - while (BN_cmp(r, range) >= 0); - } - else - { - /* range = 10..._2, - * so 3*range (= 11..._2) is exactly one bit longer than range */ - do - { - if (!BN_rand(r, n + 1, -1, 0)) return 0; - /* If r < 3*range, use r := r MOD range - * (which is either r, r - range, or r - 2*range). - * Otherwise, iterate once more. - * Since 3*range = 11..._2, each iteration succeeds with - * probability >= .75. */ - if (BN_cmp(r ,range) >= 0) - { - if (!BN_sub(r, r, range)) return 0; - if (BN_cmp(r, range) >= 0) - if (!BN_sub(r, r, range)) return 0; - } - } - while (BN_cmp(r, range) >= 0); - } - - return 1; - } diff --git a/lib/libcrypto/engine/Makefile.ssl b/lib/libcrypto/engine/Makefile.ssl index 8ee3b7d2dd0..5172028f93a 100644 --- a/lib/libcrypto/engine/Makefile.ssl +++ b/lib/libcrypto/engine/Makefile.ssl @@ -74,7 +74,7 @@ tags: errors: $(PERL) $(TOP)/util/mkerr.pl -conf hw.ec \ - -nostatic -staticloader -write hw_*.c + -nostatic -staticloader -write hw_*.c; \ tests: diff --git a/lib/libcrypto/engine/eng_all.c b/lib/libcrypto/engine/eng_all.c index a35b3db9e86..bc504654225 100644 --- a/lib/libcrypto/engine/eng_all.c +++ b/lib/libcrypto/engine/eng_all.c @@ -96,6 +96,9 @@ void ENGINE_load_builtin_engines(void) #ifndef OPENSSL_NO_HW_SUREWARE ENGINE_load_sureware(); #endif +#ifndef OPENSSL_NO_HW_4758_CCA + ENGINE_load_4758cca(); +#endif #ifdef OPENSSL_OPENBSD_DEV_CRYPTO ENGINE_load_openbsd_dev_crypto(); #endif @@ -114,5 +117,3 @@ void ENGINE_setup_openbsd(void) { openbsd_default_loaded=1; } #endif - - diff --git a/lib/libcrypto/engine/engine.h b/lib/libcrypto/engine/engine.h index 97f5de9e129..fd17ff616d2 100644 --- a/lib/libcrypto/engine/engine.h +++ b/lib/libcrypto/engine/engine.h @@ -312,7 +312,7 @@ void ENGINE_load_builtin_engines(void); #ifdef __OpenBSD__ void ENGINE_load_cryptodev(void); #endif - + /* Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation * "registry" handling. */ unsigned int ENGINE_get_table_flags(void); diff --git a/lib/libcrypto/evp/evp_test.c b/lib/libcrypto/evp/evp_test.c index 90294ef686e..1bfffb34cf3 100644 --- a/lib/libcrypto/evp/evp_test.c +++ b/lib/libcrypto/evp/evp_test.c @@ -118,7 +118,7 @@ static char *sstrsep(char **string, const char *delim) } static unsigned char *ustrsep(char **p,const char *sep) - { return (unsigned char *)sstrsep(p,sep); } + { return (unsigned char *)sstrsep((char **)p,sep); } static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn, const unsigned char *iv,int in, @@ -358,7 +358,7 @@ int main(int argc,char **argv) p[-1] = '\0'; encdec = -1; } else { - encdec = atoi(sstrsep(&p,"\n")); + encdec = atoi(strsep(&p,"\n")); } diff --git a/lib/libcrypto/objects/Makefile.ssl b/lib/libcrypto/objects/Makefile.ssl index 1e990107d32..a9f01ffc0d5 100644 --- a/lib/libcrypto/objects/Makefile.ssl +++ b/lib/libcrypto/objects/Makefile.ssl @@ -15,6 +15,7 @@ MAKEDEPPROG= makedepend MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile.ssl AR= ar r +PERL= perl CFLAGS= $(INCLUDES) $(CFLAG) diff --git a/lib/libcrypto/objects/obj_dat.pl b/lib/libcrypto/objects/obj_dat.pl index 85ab2098097..d0371661f97 100644 --- a/lib/libcrypto/objects/obj_dat.pl +++ b/lib/libcrypto/objects/obj_dat.pl @@ -1,4 +1,7 @@ #!/usr/local/bin/perl + +# fixes bug in floating point emulation on sparc64 when +# this script produces off-by-one output on sparc64 use integer; sub obj_cmp diff --git a/lib/libcrypto/rand/randfile.c b/lib/libcrypto/rand/randfile.c index 4b221e08f5b..1c3e68ef317 100644 --- a/lib/libcrypto/rand/randfile.c +++ b/lib/libcrypto/rand/randfile.c @@ -99,12 +99,11 @@ int RAND_load_file(const char *file, long bytes) if (file == NULL) return(0); i=stat(file,&sb); - if (i < 0) { - /* If the state fails, put some crap in anyway */ - RAND_add(&sb,sizeof(sb),0); - return(0); - } + /* If the state fails, put some crap in anyway */ + RAND_add(&sb,sizeof(sb),0); + if (i < 0) return(0); if (bytes == 0) return(ret); + in=fopen(file,"rb"); if (in == NULL) goto err; if (sb.st_mode & (S_IFBLK | S_IFCHR)) { @@ -218,12 +217,12 @@ err: const char *RAND_file_name(char *buf, size_t size) { - char *s = NULL; + char *s=NULL; int ok = 0; struct stat sb; if (issetugid() == 0) - s = getenv("RANDFILE"); + s=getenv("RANDFILE"); if (s != NULL && *s && strlen(s) + 1 < size) { strlcpy(buf,s,size); @@ -272,4 +271,3 @@ const char *RAND_file_name(char *buf, size_t size) #endif return(buf); } - diff --git a/lib/libcrypto/util/domd b/lib/libcrypto/util/domd index 8cbe383c165..aa99cb05236 100644 --- a/lib/libcrypto/util/domd +++ b/lib/libcrypto/util/domd @@ -18,11 +18,11 @@ if [ "$MAKEDEPEND" = "gcc" ]; then sed -e '/^# DO NOT DELETE.*/,$d' < Makefile.ssl > Makefile.tmp echo '# DO NOT DELETE THIS LINE -- make depend depends on it.' >> Makefile.tmp gcc -D OPENSSL_DOING_MAKEDEPEND -M $@ >> Makefile.tmp - ${PERL} $TOP/util/clean-depend.pl < Makefile.tmp > Makefile.new + perl $TOP/util/clean-depend.pl < Makefile.tmp > Makefile.new rm -f Makefile.tmp else ${MAKEDEPEND} -D OPENSSL_DOING_MAKEDEPEND -f Makefile.ssl $@ - ${PERL} $TOP/util/clean-depend.pl < Makefile.ssl > Makefile.new + perl $TOP/util/clean-depend.pl < Makefile.ssl > Makefile.new fi mv Makefile.new Makefile.ssl # unfake the presence of Kerberos diff --git a/lib/libssl/s3_srvr.c b/lib/libssl/s3_srvr.c index dfffed7165e..cef8d4f81e2 100644 --- a/lib/libssl/s3_srvr.c +++ b/lib/libssl/s3_srvr.c @@ -114,8 +114,6 @@ #include <stdio.h> -#include "ssl_locl.h" -#include "kssl_lcl.h" #include <openssl/buffer.h> #include <openssl/rand.h> #include <openssl/objects.h> @@ -123,8 +121,10 @@ #include <openssl/x509.h> #ifndef OPENSSL_NO_KRB5 #include <openssl/krb5_asn.h> +#include "kssl_lcl.h" #endif #include <openssl/md5.h> +#include "ssl_locl.h" static SSL_METHOD *ssl3_get_server_method(int ver); static int ssl3_get_client_hello(SSL *s); diff --git a/lib/libssl/ssl_locl.h b/lib/libssl/ssl_locl.h index 0029edc3a6c..6afb0f4cdf7 100644 --- a/lib/libssl/ssl_locl.h +++ b/lib/libssl/ssl_locl.h @@ -116,7 +116,7 @@ #include <string.h> #include <errno.h> -#include <e_os.h> +#include "e_os.h" #include <openssl/buffer.h> #include <openssl/comp.h> diff --git a/lib/libssl/test/Makefile.ssl b/lib/libssl/test/Makefile.ssl index 952ab163710..49f2cc9a23f 100644 --- a/lib/libssl/test/Makefile.ssl +++ b/lib/libssl/test/Makefile.ssl @@ -14,6 +14,7 @@ MAKEFILE= Makefile.ssl MAKE= make -f $(MAKEFILE) MAKEDEPPROG= makedepend MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) +PERL= perl PEX_LIBS= EX_LIBS= #-lnsl -lsocket @@ -234,7 +235,7 @@ test_gen: @echo "Generate and verify a certificate request" @sh ./testgen -test_ss: +test_ss keyU.ss certU.ss certCA.ss: testss @echo "Generate and certify a test certificate" @sh ./testss @@ -242,13 +243,17 @@ test_engine: @echo "Manipulate the ENGINE structures" ./$(ENGINETEST) -test_ssl: +test_ssl: keyU.ss certU.ss certCA.ss @echo "test SSL protocol" - @sh ./testssl + @sh ./testssl keyU.ss certU.ss certCA.ss test_ca: - @echo "Generate and certify a test certificate via the 'ca' program" - @sh ./testca + @if ../apps/openssl no-rsa; then \ + echo "skipping CA.sh test -- requires RSA"; \ + else \ + echo "Generate and certify a test certificate via the 'ca' program"; \ + sh ./testca; \ + fi test_rd: #$(RDTEST) # @echo "test Rijndael" |