- client: Update client libraries and add debug libraries.

zlib 1.2.3
        OpenSSL 0.9.8g
        LibCurl 7.17.1
        
    curl/
        <Many Files>
    openssl/
        <Many Files>
    zlib/
        <Many Files>

svn path=/trunk/boinc/; revision=14359
This commit is contained in:
Rom Walton 2007-12-05 17:56:34 +00:00
parent 4e5f3b4c18
commit f10786c135
19 changed files with 411 additions and 97 deletions

View File

@ -12117,3 +12117,16 @@ Charlie 4 Dec 2007
lib/
mac/
QCrashReport.c
Rom 5 Dec 2007
- client: Update client libraries and add debug libraries.
zlib 1.2.3
OpenSSL 0.9.8g
LibCurl 7.17.1
curl/
<Many Files>
openssl/
<Many Files>
zlib/
<Many Files>

View File

@ -322,6 +322,17 @@ typedef struct ASN1_VALUE_st ASN1_VALUE;
#define I2D_OF(type) int (*)(type *,unsigned char **)
#define I2D_OF_const(type) int (*)(const type *,unsigned char **)
#define CHECKED_D2I_OF(type, d2i) \
((d2i_of_void*) (1 ? d2i : ((D2I_OF(type))0)))
#define CHECKED_I2D_OF(type, i2d) \
((i2d_of_void*) (1 ? i2d : ((I2D_OF(type))0)))
#define CHECKED_NEW_OF(type, xnew) \
((void *(*)(void)) (1 ? xnew : ((type *(*)(void))0)))
#define CHECKED_PTR_OF(type, p) \
((void*) (1 ? p : (type*)0))
#define CHECKED_PPTR_OF(type, p) \
((void**) (1 ? p : (type**)0))
#define TYPEDEF_D2I_OF(type) typedef type *d2i_of_##type(type **,const unsigned char **,long)
#define TYPEDEF_I2D_OF(type) typedef int i2d_of_##type(type *,unsigned char **)
#define TYPEDEF_D2I2D_OF(type) TYPEDEF_D2I_OF(type); TYPEDEF_I2D_OF(type)
@ -902,23 +913,41 @@ int ASN1_object_size(int constructed, int length, int tag);
/* Used to implement other functions */
void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, char *x);
#define ASN1_dup_of(type,i2d,d2i,x) \
((type *(*)(I2D_OF(type),D2I_OF(type),type *))openssl_fcast(ASN1_dup))(i2d,d2i,x)
((type*)ASN1_dup(CHECKED_I2D_OF(type, i2d), \
CHECKED_D2I_OF(type, d2i), \
CHECKED_PTR_OF(type, x)))
#define ASN1_dup_of_const(type,i2d,d2i,x) \
((type *(*)(I2D_OF_const(type),D2I_OF(type),type *))openssl_fcast(ASN1_dup))(i2d,d2i,x)
((type*)ASN1_dup(CHECKED_I2D_OF(const type, i2d), \
CHECKED_D2I_OF(type, d2i), \
CHECKED_PTR_OF(const type, x)))
void *ASN1_item_dup(const ASN1_ITEM *it, void *x);
#ifndef OPENSSL_NO_FP_API
void *ASN1_d2i_fp(void *(*xnew)(void), d2i_of_void *d2i, FILE *in, void **x);
#define ASN1_d2i_fp_of(type,xnew,d2i,in,x) \
((type *(*)(type *(*)(void),D2I_OF(type),FILE *,type **))openssl_fcast(ASN1_d2i_fp))(xnew,d2i,in,x)
((type*)ASN1_d2i_fp(CHECKED_NEW_OF(type, xnew), \
CHECKED_D2I_OF(type, d2i), \
in, \
CHECKED_PPTR_OF(type, x)))
void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x);
int ASN1_i2d_fp(i2d_of_void *i2d,FILE *out,void *x);
#define ASN1_i2d_fp_of(type,i2d,out,x) \
((int (*)(I2D_OF(type),FILE *,type *))openssl_fcast(ASN1_i2d_fp))(i2d,out,x)
(ASN1_i2d_fp(CHECKED_I2D_OF(type, i2d), \
out, \
CHECKED_PTR_OF(type, x)))
#define ASN1_i2d_fp_of_const(type,i2d,out,x) \
((int (*)(I2D_OF_const(type),FILE *,type *))openssl_fcast(ASN1_i2d_fp))(i2d,out,x)
(ASN1_i2d_fp(CHECKED_I2D_OF(const type, i2d), \
out, \
CHECKED_PTR_OF(const type, x)))
int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x);
int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags);
#endif
@ -927,14 +956,26 @@ int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in);
#ifndef OPENSSL_NO_BIO
void *ASN1_d2i_bio(void *(*xnew)(void), d2i_of_void *d2i, BIO *in, void **x);
#define ASN1_d2i_bio_of(type,xnew,d2i,in,x) \
((type *(*)(type *(*)(void),D2I_OF(type),BIO *,type **))openssl_fcast(ASN1_d2i_bio))(xnew,d2i,in,x)
((type*)ASN1_d2i_bio( CHECKED_NEW_OF(type, xnew), \
CHECKED_D2I_OF(type, d2i), \
in, \
CHECKED_PPTR_OF(type, x)))
void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x);
int ASN1_i2d_bio(i2d_of_void *i2d,BIO *out, unsigned char *x);
#define ASN1_i2d_bio_of(type,i2d,out,x) \
((int (*)(I2D_OF(type),BIO *,type *))openssl_fcast(ASN1_i2d_bio))(i2d,out,x)
(ASN1_i2d_bio(CHECKED_I2D_OF(type, i2d), \
out, \
CHECKED_PTR_OF(type, x)))
#define ASN1_i2d_bio_of_const(type,i2d,out,x) \
((int (*)(I2D_OF_const(type),BIO *,const type *))openssl_fcast(ASN1_i2d_bio))(i2d,out,x)
(ASN1_i2d_bio(CHECKED_I2D_OF(const type, i2d), \
out, \
CHECKED_PTR_OF(const type, x)))
int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x);
int ASN1_UTCTIME_print(BIO *fp,ASN1_UTCTIME *a);
int ASN1_GENERALIZEDTIME_print(BIO *fp,ASN1_GENERALIZEDTIME *a);
@ -977,8 +1018,12 @@ void *ASN1_unpack_string(ASN1_STRING *oct, d2i_of_void *d2i);
void *ASN1_item_unpack(ASN1_STRING *oct, const ASN1_ITEM *it);
ASN1_STRING *ASN1_pack_string(void *obj, i2d_of_void *i2d,
ASN1_OCTET_STRING **oct);
#define ASN1_pack_string_of(type,obj,i2d,oct) \
((ASN1_STRING *(*)(type *,I2D_OF(type),ASN1_OCTET_STRING **))openssl_fcast(ASN1_pack_string))(obj,i2d,oct)
(ASN1_pack_string(CHECKED_PTR_OF(type, obj), \
CHECKED_I2D_OF(type, i2d), \
oct))
ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_OCTET_STRING **oct);
void ASN1_STRING_set_default_mask(unsigned long mask);

View File

@ -129,8 +129,8 @@ extern "C" {
/* dgram BIO stuff */
#define BIO_CTRL_DGRAM_CONNECT 31 /* BIO dgram special */
#define BIO_CTRL_DGRAM_SET_CONNECTED 32 /* allow for an externally
* connected socket to be
* passed in */
* connected socket to be
* passed in */
#define BIO_CTRL_DGRAM_SET_RECV_TIMEOUT 33 /* setsockopt, essentially */
#define BIO_CTRL_DGRAM_GET_RECV_TIMEOUT 34 /* getsockopt, essentially */
#define BIO_CTRL_DGRAM_SET_SEND_TIMEOUT 35 /* setsockopt, essentially */
@ -146,14 +146,14 @@ extern "C" {
#define BIO_CTRL_DGRAM_QUERY_MTU 40 /* as kernel for current MTU */
#define BIO_CTRL_DGRAM_GET_MTU 41 /* get cached value for MTU */
#define BIO_CTRL_DGRAM_SET_MTU 42 /* set cached value for
* MTU. want to use this
* if asking the kernel
* fails */
* MTU. want to use this
* if asking the kernel
* fails */
#define BIO_CTRL_DGRAM_MTU_EXCEEDED 43 /* check whether the MTU
* was exceed in the
* previous write
* operation */
* was exceed in the
* previous write
* operation */
#define BIO_CTRL_DGRAM_SET_PEER 44 /* Destination for the data */

View File

@ -245,8 +245,18 @@ extern "C" {
#define BN_FLG_MALLOCED 0x01
#define BN_FLG_STATIC_DATA 0x02
#define BN_FLG_EXP_CONSTTIME 0x04 /* avoid leaking exponent information through timings
* (BN_mod_exp_mont() will call BN_mod_exp_mont_consttime) */
#define BN_FLG_CONSTTIME 0x04 /* avoid leaking exponent information through timing,
* BN_mod_exp_mont() will call BN_mod_exp_mont_consttime,
* BN_div() will call BN_div_no_branch,
* BN_mod_inverse() will call BN_mod_inverse_no_branch.
*/
#ifndef OPENSSL_NO_DEPRECATED
#define BN_FLG_EXP_CONSTTIME BN_FLG_CONSTTIME /* deprecated name for the flag */
/* avoid leaking exponent information through timings
* (BN_mod_exp_mont() will call BN_mod_exp_mont_consttime) */
#endif
#ifndef OPENSSL_NO_DEPRECATED
#define BN_FLG_FREE 0x8000 /* used for debuging */
#endif
@ -534,7 +544,7 @@ BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock,
#define BN_BLINDING_NO_UPDATE 0x00000001
#define BN_BLINDING_NO_RECREATE 0x00000002
BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod);
BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, /* const */ BIGNUM *mod);
void BN_BLINDING_free(BN_BLINDING *b);
int BN_BLINDING_update(BN_BLINDING *b,BN_CTX *ctx);
int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
@ -546,7 +556,7 @@ void BN_BLINDING_set_thread_id(BN_BLINDING *, unsigned long);
unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
const BIGNUM *e, /* const */ BIGNUM *m, BN_CTX *ctx,
int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx),
BN_MONT_CTX *m_ctx);
@ -775,6 +785,7 @@ void ERR_load_BN_strings(void);
#define BN_F_BN_CTX_NEW 106
#define BN_F_BN_CTX_START 129
#define BN_F_BN_DIV 107
#define BN_F_BN_DIV_NO_BRANCH 138
#define BN_F_BN_DIV_RECP 130
#define BN_F_BN_EXP 123
#define BN_F_BN_EXPAND2 108
@ -793,6 +804,7 @@ void ERR_load_BN_strings(void);
#define BN_F_BN_MOD_EXP_RECP 125
#define BN_F_BN_MOD_EXP_SIMPLE 126
#define BN_F_BN_MOD_INVERSE 110
#define BN_F_BN_MOD_INVERSE_NO_BRANCH 139
#define BN_F_BN_MOD_LSHIFT_QUICK 119
#define BN_F_BN_MOD_MUL_RECIPROCAL 111
#define BN_F_BN_MOD_SQRT 121

View File

@ -114,6 +114,7 @@ typedef void conf_finish_func(CONF_IMODULE *md);
#define CONF_MFLAGS_SILENT 0x4
#define CONF_MFLAGS_NO_DSO 0x8
#define CONF_MFLAGS_IGNORE_MISSING_FILE 0x10
#define CONF_MFLAGS_DEFAULT_SECTION 0x20
int CONF_set_default_method(CONF_METHOD *meth);
void CONF_set_nconf(CONF *conf,LHASH *hash);

View File

@ -67,9 +67,8 @@
extern "C" {
#endif
#define DTLS1_VERSION 0x0100
#define DTLS1_VERSION_MAJOR 0x01
#define DTLS1_VERSION_MINOR 0x00
#define DTLS1_VERSION 0xFEFF
#define DTLS1_BAD_VER 0x0100
#define DTLS1_AD_MISSING_HANDSHAKE_MESSAGE 110
@ -83,7 +82,7 @@ extern "C" {
#define DTLS1_HM_BAD_FRAGMENT -2
#define DTLS1_HM_FRAGMENT_RETRY -3
#define DTLS1_CCS_HEADER_LENGTH 3
#define DTLS1_CCS_HEADER_LENGTH 1
#define DTLS1_AL_HEADER_LENGTH 7

View File

@ -471,6 +471,7 @@ void ERR_load_EC_strings(void);
#define EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP 126
#define EC_F_EC_POINT_SET_TO_INFINITY 127
#define EC_F_EC_PRE_COMP_DUP 207
#define EC_F_EC_PRE_COMP_NEW 196
#define EC_F_EC_WNAF_MUL 187
#define EC_F_EC_WNAF_PRECOMPUTE_MULT 188
#define EC_F_I2D_ECPARAMETERS 190

View File

@ -766,6 +766,14 @@ const EVP_CIPHER *EVP_camellia_256_cfb128(void);
const EVP_CIPHER *EVP_camellia_256_ofb(void);
#endif
#ifndef OPENSSL_NO_SEED
const EVP_CIPHER *EVP_seed_ecb(void);
const EVP_CIPHER *EVP_seed_cbc(void);
const EVP_CIPHER *EVP_seed_cfb128(void);
# define EVP_seed_cfb EVP_seed_cfb128
const EVP_CIPHER *EVP_seed_ofb(void);
#endif
void OPENSSL_add_all_algorithms_noconf(void);
void OPENSSL_add_all_algorithms_conf(void);
@ -963,6 +971,7 @@ void ERR_load_EVP_strings(void);
#define EVP_R_UNSUPPORTED_SALT_TYPE 126
#define EVP_R_WRONG_FINAL_BLOCK_LENGTH 109
#define EVP_R_WRONG_PUBLIC_KEY_TYPE 110
#define EVP_R_SEED_KEY_SETUP_FAILED 162
#ifdef __cplusplus
}

View File

@ -3406,3 +3406,28 @@
#define LN_camellia_256_cfb8 "camellia-256-cfb8"
#define NID_camellia_256_cfb8 765
#define SN_kisa "KISA"
#define LN_kisa "kisa"
#define NID_kisa 773
#define OBJ_kisa OBJ_member_body,410L,200004L
#define SN_seed_ecb "SEED-ECB"
#define LN_seed_ecb "seed-ecb"
#define NID_seed_ecb 776
#define OBJ_seed_ecb OBJ_kisa,1L,3L
#define SN_seed_cbc "SEED-CBC"
#define LN_seed_cbc "seed-cbc"
#define NID_seed_cbc 777
#define OBJ_seed_cbc OBJ_kisa,1L,4L
#define SN_seed_cfb128 "SEED-CFB"
#define LN_seed_cfb128 "seed-cfb"
#define NID_seed_cfb128 779
#define OBJ_seed_cfb128 OBJ_kisa,1L,5L
#define SN_seed_ofb128 "SEED-OFB"
#define LN_seed_ofb128 "seed-ofb"
#define NID_seed_ofb128 778
#define OBJ_seed_ofb128 OBJ_kisa,1L,6L

View File

@ -469,7 +469,7 @@ int OCSP_basic_sign(OCSP_BASICRESP *brsp,
ASN1_STRING *ASN1_STRING_encode(ASN1_STRING *s, i2d_of_void *i2d,
void *data, STACK_OF(ASN1_OBJECT) *sk);
#define ASN1_STRING_encode_of(type,s,i2d,data,sk) \
((ASN1_STRING *(*)(ASN1_STRING *,I2D_OF(type),type *,STACK_OF(ASN1_OBJECT) *))openssl_fcast(ASN1_STRING_encode))(s,i2d,data,sk)
ASN1_STRING_encode(s, CHECKED_I2D_OF(type, i2d), data, sk)
X509_EXTENSION *OCSP_crlID_new(char *url, long *n, char *tim);

View File

@ -25,6 +25,12 @@
#ifndef OPENSSL_NO_RFC3779
# define OPENSSL_NO_RFC3779
#endif
#ifndef OPENSSL_NO_SEED
# define OPENSSL_NO_SEED
#endif
#ifndef OPENSSL_NO_TLSEXT
# define OPENSSL_NO_TLSEXT
#endif
#endif /* OPENSSL_DOING_MAKEDEPEND */
#ifndef OPENSSL_THREADS
@ -54,6 +60,12 @@
# if defined(OPENSSL_NO_RFC3779) && !defined(NO_RFC3779)
# define NO_RFC3779
# endif
# if defined(OPENSSL_NO_SEED) && !defined(NO_SEED)
# define NO_SEED
# endif
# if defined(OPENSSL_NO_TLSEXT) && !defined(NO_TLSEXT)
# define NO_TLSEXT
# endif
#endif
/* crypto/opensslconf.h.in */
@ -63,8 +75,8 @@
#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
#define ENGINESDIR "c:/Src/BOINC/SDKs/openssl-0.9.8e/lib/engines"
#define OPENSSLDIR "c:/Src/BOINC/SDKs/openssl-0.9.8e/ssl"
#define ENGINESDIR "C:/Src/SDKs/openssl-0.9.8g/lib/engines"
#define OPENSSLDIR "C:/Src/SDKs/openssl-0.9.8g/ssl"
#endif
#endif

View File

@ -25,11 +25,11 @@
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
* major minor fix final patch/beta)
*/
#define OPENSSL_VERSION_NUMBER 0x0090805fL
#define OPENSSL_VERSION_NUMBER 0x0090807fL
#ifdef OPENSSL_FIPS
#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8e-fips 23 Feb 2007"
#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8g-fips 19 Oct 2007"
#else
#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8e 23 Feb 2007"
#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8g 19 Oct 2007"
#endif
#define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT

View File

@ -220,19 +220,28 @@ typedef struct pem_ctx_st
#define IMPLEMENT_PEM_read_fp(name, type, str, asn1) \
type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u)\
{ \
return(((type *(*)(D2I_OF(type),char *,FILE *,type **,pem_password_cb *,void *))openssl_fcast(PEM_ASN1_read))(d2i_##asn1, str,fp,x,cb,u)); \
return (type*)PEM_ASN1_read(CHECKED_D2I_OF(type, d2i_##asn1), \
str, fp, \
CHECKED_PPTR_OF(type, x), \
cb, u); \
}
#define IMPLEMENT_PEM_write_fp(name, type, str, asn1) \
int PEM_write_##name(FILE *fp, type *x) \
{ \
return(((int (*)(I2D_OF(type),const char *,FILE *,type *, const EVP_CIPHER *,unsigned char *,int, pem_password_cb *,void *))openssl_fcast(PEM_ASN1_write))(i2d_##asn1,str,fp,x,NULL,NULL,0,NULL,NULL)); \
return PEM_ASN1_write(CHECKED_I2D_OF(type, i2d_##asn1), \
str, fp, \
CHECKED_PTR_OF(type, x), \
NULL, NULL, 0, NULL, NULL); \
}
#define IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) \
int PEM_write_##name(FILE *fp, const type *x) \
{ \
return(((int (*)(I2D_OF_const(type),const char *,FILE *, const type *, const EVP_CIPHER *,unsigned char *,int, pem_password_cb *,void *))openssl_fcast(PEM_ASN1_write))(i2d_##asn1,str,fp,x,NULL,NULL,0,NULL,NULL)); \
return PEM_ASN1_write(CHECKED_I2D_OF(const type, i2d_##asn1), \
str, fp, \
CHECKED_PTR_OF(const type, x), \
NULL, NULL, 0, NULL, NULL); \
}
#define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) \
@ -240,7 +249,10 @@ int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
unsigned char *kstr, int klen, pem_password_cb *cb, \
void *u) \
{ \
return(((int (*)(I2D_OF(type),const char *,FILE *,type *, const EVP_CIPHER *,unsigned char *,int, pem_password_cb *,void *))openssl_fcast(PEM_ASN1_write))(i2d_##asn1,str,fp,x,enc,kstr,klen,cb,u)); \
return PEM_ASN1_write(CHECKED_I2D_OF(type, i2d_##asn1), \
str, fp, \
CHECKED_PTR_OF(type, x), \
enc, kstr, klen, cb, u); \
}
#define IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) \
@ -248,7 +260,10 @@ int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
unsigned char *kstr, int klen, pem_password_cb *cb, \
void *u) \
{ \
return(((int (*)(I2D_OF_const(type),const char *,FILE *,type *, const EVP_CIPHER *,unsigned char *,int, pem_password_cb *,void *))openssl_fcast(PEM_ASN1_write))(i2d_##asn1,str,fp,x,enc,kstr,klen,cb,u)); \
return PEM_ASN1_write(CHECKED_I2D_OF(const type, i2d_##asn1), \
str, fp, \
CHECKED_PTR_OF(const type, x), \
enc, kstr, klen, cb, u); \
}
#endif
@ -256,33 +271,48 @@ int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
#define IMPLEMENT_PEM_read_bio(name, type, str, asn1) \
type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u)\
{ \
return(((type *(*)(D2I_OF(type),const char *,BIO *,type **,pem_password_cb *,void *))openssl_fcast(PEM_ASN1_read_bio))(d2i_##asn1, str,bp,x,cb,u)); \
return (type*)PEM_ASN1_read_bio(CHECKED_D2I_OF(type, d2i_##asn1), \
str, bp, \
CHECKED_PPTR_OF(type, x), \
cb, u); \
}
#define IMPLEMENT_PEM_write_bio(name, type, str, asn1) \
int PEM_write_bio_##name(BIO *bp, type *x) \
{ \
return(((int (*)(I2D_OF(type),const char *,BIO *,type *, const EVP_CIPHER *,unsigned char *,int, pem_password_cb *,void *))openssl_fcast(PEM_ASN1_write_bio))(i2d_##asn1,str,bp,x,NULL,NULL,0,NULL,NULL)); \
return PEM_ASN1_write_bio(CHECKED_I2D_OF(type, i2d_##asn1), \
str, bp, \
CHECKED_PTR_OF(type, x), \
NULL, NULL, 0, NULL, NULL); \
}
#define IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \
int PEM_write_bio_##name(BIO *bp, const type *x) \
{ \
return(((int (*)(I2D_OF_const(type),const char *,BIO *,const type *, const EVP_CIPHER *,unsigned char *,int, pem_password_cb *,void *))openssl_fcast(PEM_ASN1_write_bio))(i2d_##asn1,str,bp,x,NULL,NULL,0,NULL,NULL)); \
return PEM_ASN1_write_bio(CHECKED_I2D_OF(const type, i2d_##asn1), \
str, bp, \
CHECKED_PTR_OF(const type, x), \
NULL, NULL, 0, NULL, NULL); \
}
#define IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \
int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \
{ \
return(((int (*)(I2D_OF(type),const char *,BIO *,type *,const EVP_CIPHER *,unsigned char *,int,pem_password_cb *,void *))openssl_fcast(PEM_ASN1_write_bio))(i2d_##asn1,str,bp,x,enc,kstr,klen,cb,u)); \
return PEM_ASN1_write_bio(CHECKED_I2D_OF(type, i2d_##asn1), \
str, bp, \
CHECKED_PTR_OF(type, x), \
enc, kstr, klen, cb, u); \
}
#define IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \
int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \
{ \
return(((int (*)(I2D_OF_const(type),const char *,BIO *,type *,const EVP_CIPHER *,unsigned char *,int,pem_password_cb *,void *))openssl_fcast(PEM_ASN1_write_bio))(i2d_##asn1,str,bp,x,enc,kstr,klen,cb,u)); \
return PEM_ASN1_write_bio(CHECKED_I2D_OF(const type, i2d_##asn1), \
str, bp, \
CHECKED_PTR_OF(const type, x), \
enc, kstr, klen, cb, u); \
}
#define IMPLEMENT_PEM_write(name, type, str, asn1) \
@ -545,13 +575,22 @@ int PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm, const char
pem_password_cb *cb, void *u);
void * PEM_ASN1_read_bio(d2i_of_void *d2i, const char *name, BIO *bp,
void **x, pem_password_cb *cb, void *u);
#define PEM_ASN1_read_bio_of(type,d2i,name,bp,x,cb,u) \
((type *(*)(D2I_OF(type),const char *,BIO *,type **,pem_password_cb *,void *))openssl_fcast(PEM_ASN1_read_bio))(d2i,name,bp,x,cb,u)
((type*)PEM_ASN1_read_bio(CHECKED_D2I_OF(type, d2i), \
name, bp, \
CHECKED_PPTR_OF(type, x), \
cb, u))
int PEM_ASN1_write_bio(i2d_of_void *i2d,const char *name,BIO *bp,char *x,
const EVP_CIPHER *enc,unsigned char *kstr,int klen,
pem_password_cb *cb, void *u);
#define PEM_ASN1_write_bio_of(type,i2d,name,bp,x,enc,kstr,klen,cb,u) \
((int (*)(I2D_OF(type),const char *,BIO *,type *, const EVP_CIPHER *,unsigned char *,int, pem_password_cb *,void *))openssl_fcast(PEM_ASN1_write_bio))(i2d,name,bp,x,enc,kstr,klen,cb,u)
(PEM_ASN1_write_bio(CHECKED_I2D_OF(type, i2d), \
name, bp, \
CHECKED_PTR_OF(type, x), \
enc, kstr, klen, cb, u))
STACK_OF(X509_INFO) * PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u);
int PEM_X509_INFO_write_bio(BIO *bp,X509_INFO *xi, EVP_CIPHER *enc,

View File

@ -57,7 +57,7 @@
*
*/
#include "opensslconf.h"
#include <openssl/opensslconf.h>
#include <openssl/bn.h>
/*

View File

@ -195,13 +195,27 @@ struct rsa_st
* default (ignoring RSA_FLAG_BLINDING),
* but other engines might not need it
*/
#define RSA_FLAG_NO_EXP_CONSTTIME 0x0100 /* new with 0.9.7h; the built-in RSA
#define RSA_FLAG_NO_CONSTTIME 0x0100 /* new with 0.9.8f; the built-in RSA
* implementation now uses constant time
* operations by default in private key operations,
* e.g., constant time modular exponentiation,
* modular inverse without leaking branches,
* division without leaking branches. This
* flag disables these constant time
* operations and results in faster RSA
* private key operations.
*/
#ifndef OPENSSL_NO_DEPRECATED
#define RSA_FLAG_NO_EXP_CONSTTIME RSA_FLAG_NO_CONSTTIME /* deprecated name for the flag*/
/* new with 0.9.7h; the built-in RSA
* implementation now uses constant time
* modular exponentiation for secret exponents
* by default. This flag causes the
* faster variable sliding window method to
* be used for all exponents.
*/
#endif
#define RSA_PKCS1_PADDING 1
#define RSA_SSLV23_PADDING 2

View File

@ -57,11 +57,20 @@
#include <openssl/stack.h>
typedef void (*openssl_fptr)(void);
#define openssl_fcast(f) ((openssl_fptr)f)
#ifdef DEBUG_SAFESTACK
#ifndef CHECKED_PTR_OF
#define CHECKED_PTR_OF(type, p) \
((void*) (1 ? p : (type*)0))
#endif
#define CHECKED_SK_FREE_FUNC(type, p) \
((void (*)(void *)) ((1 ? p : (void (*)(type *))0)))
#define CHECKED_SK_CMP_FUNC(type, p) \
((int (*)(const char * const *, const char * const *)) \
((1 ? p : (int (*)(const type * const *, const type * const *))0)))
#define STACK_OF(type) struct stack_st_##type
#define PREDECLARE_STACK_OF(type) STACK_OF(type);
@ -76,76 +85,71 @@ STACK_OF(type) \
/* SKM_sk_... stack macros are internal to safestack.h:
* never use them directly, use sk_<type>_... instead */
#define SKM_sk_new(type, cmp) \
((STACK_OF(type) * (*)(int (*)(const type * const *, const type * const *)))openssl_fcast(sk_new))(cmp)
((STACK_OF(type) *)sk_new(CHECKED_SK_CMP_FUNC(type, cmp)))
#define SKM_sk_new_null(type) \
((STACK_OF(type) * (*)(void))openssl_fcast(sk_new_null))()
((STACK_OF(type) *)sk_new_null())
#define SKM_sk_free(type, st) \
((void (*)(STACK_OF(type) *))openssl_fcast(sk_free))(st)
sk_free(CHECKED_PTR_OF(STACK_OF(type), st))
#define SKM_sk_num(type, st) \
((int (*)(const STACK_OF(type) *))openssl_fcast(sk_num))(st)
sk_num(CHECKED_PTR_OF(STACK_OF(type), st))
#define SKM_sk_value(type, st,i) \
((type * (*)(const STACK_OF(type) *, int))openssl_fcast(sk_value))(st, i)
((type *)sk_value(CHECKED_PTR_OF(STACK_OF(type), st), i))
#define SKM_sk_set(type, st,i,val) \
((type * (*)(STACK_OF(type) *, int, type *))openssl_fcast(sk_set))(st, i, val)
sk_set(CHECKED_PTR_OF(STACK_OF(type), st), i, CHECKED_PTR_OF(type, val))
#define SKM_sk_zero(type, st) \
((void (*)(STACK_OF(type) *))openssl_fcast(sk_zero))(st)
sk_zero(CHECKED_PTR_OF(STACK_OF(type), st))
#define SKM_sk_push(type, st,val) \
((int (*)(STACK_OF(type) *, type *))openssl_fcast(sk_push))(st, val)
sk_push(CHECKED_PTR_OF(STACK_OF(type), st), CHECKED_PTR_OF(type, val))
#define SKM_sk_unshift(type, st,val) \
((int (*)(STACK_OF(type) *, type *))openssl_fcast(sk_unshift))(st, val)
sk_unshift(CHECKED_PTR_OF(STACK_OF(type), st), CHECKED_PTR_OF(type, val))
#define SKM_sk_find(type, st,val) \
((int (*)(STACK_OF(type) *, type *))openssl_fcast(sk_find))(st, val)
sk_find(CHECKED_PTR_OF(STACK_OF(type), st), CHECKED_PTR_OF(type, val))
#define SKM_sk_delete(type, st,i) \
((type * (*)(STACK_OF(type) *, int))openssl_fcast(sk_delete))(st, i)
(type *)sk_delete(CHECKED_PTR_OF(STACK_OF(type), st), i)
#define SKM_sk_delete_ptr(type, st,ptr) \
((type * (*)(STACK_OF(type) *, type *))openssl_fcast(sk_delete_ptr))(st, ptr)
(type *)sk_delete_ptr(CHECKED_PTR_OF(STACK_OF(type), st), CHECKED_PTR_OF(type, ptr))
#define SKM_sk_insert(type, st,val,i) \
((int (*)(STACK_OF(type) *, type *, int))openssl_fcast(sk_insert))(st, val, i)
sk_insert(CHECKED_PTR_OF(STACK_OF(type), st), CHECKED_PTR_OF(type, val), i)
#define SKM_sk_set_cmp_func(type, st,cmp) \
((int (*(*)(STACK_OF(type) *, int (*)(const type * const *, const type * const *))) \
(const type * const *, const type * const *))openssl_fcast(sk_set_cmp_func))\
(st, cmp)
((int (*)(const type * const *,const type * const *)) \
sk_set_cmp_func(CHECKED_PTR_OF(STACK_OF(type), st), CHECKED_SK_CMP_FUNC(type, cmp)))
#define SKM_sk_dup(type, st) \
((STACK_OF(type) *(*)(STACK_OF(type) *))openssl_fcast(sk_dup))(st)
(STACK_OF(type) *)sk_dup(CHECKED_PTR_OF(STACK_OF(type), st))
#define SKM_sk_pop_free(type, st,free_func) \
((void (*)(STACK_OF(type) *, void (*)(type *)))openssl_fcast(sk_pop_free))\
(st, free_func)
sk_pop_free(CHECKED_PTR_OF(STACK_OF(type), st), CHECKED_SK_FREE_FUNC(type, free_func))
#define SKM_sk_shift(type, st) \
((type * (*)(STACK_OF(type) *))openssl_fcast(sk_shift))(st)
(type *)sk_shift(CHECKED_PTR_OF(STACK_OF(type), st))
#define SKM_sk_pop(type, st) \
((type * (*)(STACK_OF(type) *))openssl_fcast(sk_pop))(st)
(type *)sk_pop(CHECKED_PTR_OF(STACK_OF(type), st))
#define SKM_sk_sort(type, st) \
((void (*)(STACK_OF(type) *))openssl_fcast(sk_sort))(st)
sk_sort(CHECKED_PTR_OF(STACK_OF(type), st))
#define SKM_sk_is_sorted(type, st) \
((int (*)(const STACK_OF(type) *))openssl_fcast(sk_is_sorted))(st)
sk_is_sorted(CHECKED_PTR_OF(STACK_OF(type), st))
#define SKM_ASN1_SET_OF_d2i(type, st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
((STACK_OF(type) * (*) (STACK_OF(type) **,const unsigned char **, long , \
type *(*)(type **, const unsigned char **,long), \
void (*)(type *), int ,int )) openssl_fcast(d2i_ASN1_SET)) \
(st,pp,length, d2i_func, free_func, ex_tag,ex_class)
(STACK_OF(type) *)d2i_ASN1_SET(CHECKED_PTR_OF(STACK_OF(type), st), \
pp, length, \
CHECKED_D2I_OF(type, d2i_func), \
CHECKED_SK_FREE_FUNC(type, free_func), \
ex_tag, ex_class)
#define SKM_ASN1_SET_OF_i2d(type, st, pp, i2d_func, ex_tag, ex_class, is_set) \
((int (*)(STACK_OF(type) *,unsigned char **, \
int (*)(type *,unsigned char **), int , int , int)) openssl_fcast(i2d_ASN1_SET)) \
(st,pp,i2d_func,ex_tag,ex_class,is_set)
i2d_ASN1_SET(CHECKED_PTR_OF(STACK_OF(type), st), pp, \
CHECKED_I2D_OF(type, i2d_func), \
ex_tag, ex_class, is_set)
#define SKM_ASN1_seq_pack(type, st, i2d_func, buf, len) \
((unsigned char *(*)(STACK_OF(type) *, \
int (*)(type *,unsigned char **), unsigned char **,int *)) openssl_fcast(ASN1_seq_pack)) \
(st, i2d_func, buf, len)
ASN1_seq_pack(CHECKED_PTR_OF(STACK_OF(type), st), \
CHECKED_I2D_OF(type, i2d_func), buf, len)
#define SKM_ASN1_seq_unpack(type, buf, len, d2i_func, free_func) \
((STACK_OF(type) * (*)(const unsigned char *,int, \
type *(*)(type **,const unsigned char **, long), \
void (*)(type *)))openssl_fcast(ASN1_seq_unpack)) \
(buf,len,d2i_func, free_func)
(STACK_OF(type) *)ASN1_seq_unpack(buf, len, CHECKED_D2I_OF(type, d2i_func), CHECKED_SK_FREE_FUNC(type, free_func))
#define SKM_PKCS12_decrypt_d2i(type, algor, d2i_func, free_func, pass, passlen, oct, seq) \
((STACK_OF(type) * (*)(X509_ALGOR *, \
type *(*)(type **, const unsigned char **, long), \
void (*)(type *), \
const char *, int, \
ASN1_STRING *, int))PKCS12_decrypt_d2i) \
(algor,d2i_func,free_func,pass,passlen,oct,seq)
(STACK_OF(type) *)PKCS12_decrypt_d2i(algor, \
CHECKED_D2I_OF(type, d2i_func), \
CHECKED_SK_FREE_FUNC(type, free_func), \
pass, passlen, oct, seq)
#else

View File

@ -281,6 +281,7 @@ extern "C" {
#define SSL_TXT_RC4 "RC4"
#define SSL_TXT_RC2 "RC2"
#define SSL_TXT_IDEA "IDEA"
#define SSL_TXT_SEED "SEED"
#define SSL_TXT_AES "AES"
#define SSL_TXT_CAMELLIA "CAMELLIA"
#define SSL_TXT_MD5 "MD5"
@ -316,11 +317,7 @@ extern "C" {
/* The following cipher list is used by default.
* It also is substituted when an application-defined cipher list string
* starts with 'DEFAULT'. */
#ifdef OPENSSL_NO_CAMELLIA
# define SSL_DEFAULT_CIPHER_LIST "ALL:!ADH:+RC4:@STRENGTH" /* low priority for RC4 */
#else
# define SSL_DEFAULT_CIPHER_LIST "AES:CAMELLIA:ALL:!ADH:+RC4:@STRENGTH" /* low priority for RC4 */
#endif
#define SSL_DEFAULT_CIPHER_LIST "AES:ALL:!aNULL:!eNULL:+RC4:@STRENGTH" /* low priority for RC4 */
/* Used in SSL_set_shutdown()/SSL_get_shutdown(); */
#define SSL_SENT_SHUTDOWN 1
@ -477,6 +474,13 @@ typedef struct ssl_session_st
/* These are used to make removal of session-ids more
* efficient and to implement a maximum cache size. */
struct ssl_session_st *prev,*next;
#ifndef OPENSSL_NO_TLSEXT
char *tlsext_hostname;
/* RFC4507 info */
unsigned char *tlsext_tick; /* Session ticket */
size_t tlsext_ticklen; /* Session ticket length */
long tlsext_tick_lifetime_hint; /* Session lifetime hint in seconds */
#endif
} SSL_SESSION;
@ -505,6 +509,8 @@ typedef struct ssl_session_st
#define SSL_OP_NO_QUERY_MTU 0x00001000L
/* Turn on Cookie Exchange (on relevant for servers) */
#define SSL_OP_COOKIE_EXCHANGE 0x00002000L
/* Don't use RFC4507 ticket extension */
#define SSL_OP_NO_TICKET 0x00004000L
/* As server, disallow session resumption on renegotiation */
#define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0x00010000L
@ -752,6 +758,17 @@ struct ssl_ctx_st
#endif
int quiet_shutdown;
#ifndef OPENSSL_NO_TLSEXT
/* TLS extensions servername callback */
int (*tlsext_servername_callback)(SSL*, int *, void *);
void *tlsext_servername_arg;
/* RFC 4507 session ticket keys */
unsigned char tlsext_tick_key_name[16];
unsigned char tlsext_tick_hmac_key[16];
unsigned char tlsext_tick_aes_key[16];
#endif
};
#define SSL_SESS_CACHE_OFF 0x0000
@ -973,6 +990,25 @@ struct ssl_st
int first_packet;
int client_version; /* what was passed, used for
* SSLv3/TLS rollback check */
#ifndef OPENSSL_NO_TLSEXT
/* TLS extension debug callback */
void (*tlsext_debug_cb)(SSL *s, int client_server, int type,
unsigned char *data, int len,
void *arg);
void *tlsext_debug_arg;
char *tlsext_hostname;
int servername_done; /* no further mod of servername
0 : call the servername extension callback.
1 : prepare 2, allow last ack just after in server callback.
2 : don't call servername callback, no ack in server hello
*/
/* RFC4507 session ticket expected to be received or sent */
int tlsext_ticket_expected;
SSL_CTX * initial_ctx; /* initial ctx, used to store sessions */
#define session_ctx initial_ctx
#else
#define session_ctx ctx
#endif
};
#ifdef __cplusplus
@ -1118,6 +1154,9 @@ size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count);
#define SSL_AD_INTERNAL_ERROR TLS1_AD_INTERNAL_ERROR /* fatal */
#define SSL_AD_USER_CANCELLED TLS1_AD_USER_CANCELLED
#define SSL_AD_NO_RENEGOTIATION TLS1_AD_NO_RENEGOTIATION
#define SSL_AD_UNSUPPORTED_EXTENSION TLS1_AD_UNSUPPORTED_EXTENSION
#define SSL_AD_CERTIFICATE_UNOBTAINABLE TLS1_AD_CERTIFICATE_UNOBTAINABLE
#define SSL_AD_UNRECOGNIZED_NAME TLS1_AD_UNRECOGNIZED_NAME
#define SSL_ERROR_NONE 0
#define SSL_ERROR_SSL 1
@ -1176,6 +1215,17 @@ size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count);
#define SSL_CTRL_GET_MAX_CERT_LIST 50
#define SSL_CTRL_SET_MAX_CERT_LIST 51
/* see tls1.h for macros based on these */
#ifndef OPENSSL_NO_TLSEXT
#define SSL_CTRL_SET_TLSEXT_SERVERNAME_CB 53
#define SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG 54
#define SSL_CTRL_SET_TLSEXT_HOSTNAME 55
#define SSL_CTRL_SET_TLSEXT_DEBUG_CB 56
#define SSL_CTRL_SET_TLSEXT_DEBUG_ARG 57
#define SSL_CTRL_GET_TLSEXT_TICKET_KEYS 58
#define SSL_CTRL_SET_TLSEXT_TICKET_KEYS 59
#endif
#define SSL_session_reused(ssl) \
SSL_ctrl((ssl),SSL_CTRL_GET_SESSION_REUSED,0,NULL)
#define SSL_num_renegotiations(ssl) \
@ -1448,6 +1498,7 @@ int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
SSL_SESSION *SSL_get_session(const SSL *ssl);
SSL_SESSION *SSL_get1_session(SSL *ssl); /* obtain a reference count */
SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl);
SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX* ctx);
void SSL_set_info_callback(SSL *ssl,
void (*cb)(const SSL *ssl,int type,int val));
void (*SSL_get_info_callback(const SSL *ssl))(const SSL *ssl,int type,int val);
@ -1564,6 +1615,7 @@ void ERR_load_SSL_strings(void);
#define SSL_F_DTLS1_GET_MESSAGE_FRAGMENT 253
#define SSL_F_DTLS1_GET_RECORD 254
#define SSL_F_DTLS1_OUTPUT_CERT_CHAIN 255
#define SSL_F_DTLS1_PREPROCESS_FRAGMENT 277
#define SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE 256
#define SSL_F_DTLS1_PROCESS_RECORD 257
#define SSL_F_DTLS1_READ_BYTES 258
@ -1624,10 +1676,12 @@ void ERR_load_SSL_strings(void);
#define SSL_F_SSL3_GET_FINISHED 140
#define SSL_F_SSL3_GET_KEY_EXCHANGE 141
#define SSL_F_SSL3_GET_MESSAGE 142
#define SSL_F_SSL3_GET_NEW_SESSION_TICKET 283
#define SSL_F_SSL3_GET_RECORD 143
#define SSL_F_SSL3_GET_SERVER_CERTIFICATE 144
#define SSL_F_SSL3_GET_SERVER_DONE 145
#define SSL_F_SSL3_GET_SERVER_HELLO 146
#define SSL_F_SSL3_NEW_SESSION_TICKET 284
#define SSL_F_SSL3_OUTPUT_CERT_CHAIN 147
#define SSL_F_SSL3_PEEK 235
#define SSL_F_SSL3_READ_BYTES 148
@ -1643,8 +1697,10 @@ void ERR_load_SSL_strings(void);
#define SSL_F_SSL3_SETUP_KEY_BLOCK 157
#define SSL_F_SSL3_WRITE_BYTES 158
#define SSL_F_SSL3_WRITE_PENDING 159
#define SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT 272
#define SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK 215
#define SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK 216
#define SSL_F_SSL_ADD_SERVERHELLO_TLSEXT 273
#define SSL_F_SSL_BAD_METHOD 160
#define SSL_F_SSL_BYTES_TO_CIPHER_LIST 161
#define SSL_F_SSL_CERT_DUP 221
@ -1652,6 +1708,7 @@ void ERR_load_SSL_strings(void);
#define SSL_F_SSL_CERT_INSTANTIATE 214
#define SSL_F_SSL_CERT_NEW 162
#define SSL_F_SSL_CHECK_PRIVATE_KEY 163
#define SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT 274
#define SSL_F_SSL_CIPHER_PROCESS_RULESTR 230
#define SSL_F_SSL_CIPHER_STRENGTH_SORT 231
#define SSL_F_SSL_CLEAR 164
@ -1684,6 +1741,8 @@ void ERR_load_SSL_strings(void);
#define SSL_F_SSL_LOAD_CLIENT_CA_FILE 185
#define SSL_F_SSL_NEW 186
#define SSL_F_SSL_PEEK 270
#define SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT 275
#define SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT 276
#define SSL_F_SSL_READ 223
#define SSL_F_SSL_RSA_PRIVATE_DECRYPT 187
#define SSL_F_SSL_RSA_PUBLIC_ENCRYPT 188
@ -1766,6 +1825,7 @@ void ERR_load_SSL_strings(void);
#define SSL_R_CIPHER_CODE_WRONG_LENGTH 137
#define SSL_R_CIPHER_OR_HASH_UNAVAILABLE 138
#define SSL_R_CIPHER_TABLE_SRC_ERROR 139
#define SSL_R_CLIENTHELLO_TLSEXT 157
#define SSL_R_COMPRESSED_LENGTH_TOO_LONG 140
#define SSL_R_COMPRESSION_FAILURE 141
#define SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE 307
@ -1793,6 +1853,7 @@ void ERR_load_SSL_strings(void);
#define SSL_R_INVALID_CHALLENGE_LENGTH 158
#define SSL_R_INVALID_COMMAND 280
#define SSL_R_INVALID_PURPOSE 278
#define SSL_R_INVALID_TICKET_KEYS_LENGTH 275
#define SSL_R_INVALID_TRUST 279
#define SSL_R_KEY_ARG_TOO_LONG 284
#define SSL_R_KRB5 285
@ -1850,6 +1911,7 @@ void ERR_load_SSL_strings(void);
#define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED 197
#define SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE 297
#define SSL_R_PACKET_LENGTH_TOO_LONG 198
#define SSL_R_PARSE_TLSEXT 223
#define SSL_R_PATH_TOO_LONG 270
#define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE 199
#define SSL_R_PEER_ERROR 200
@ -1873,11 +1935,14 @@ void ERR_load_SSL_strings(void);
#define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO 216
#define SSL_R_REUSE_CERT_TYPE_NOT_ZERO 217
#define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO 218
#define SSL_R_SERVERHELLO_TLSEXT 224
#define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED 277
#define SSL_R_SHORT_READ 219
#define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220
#define SSL_R_SSL23_DOING_SESSION_ID_REUSE 221
#define SSL_R_SSL2_CONNECTION_ID_TOO_LONG 299
#define SSL_R_SSL3_EXT_INVALID_SERVERNAME 225
#define SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE 226
#define SSL_R_SSL3_SESSION_ID_TOO_LONG 300
#define SSL_R_SSL3_SESSION_ID_TOO_SHORT 222
#define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE 1042
@ -1912,6 +1977,7 @@ void ERR_load_SSL_strings(void);
#define SSL_R_TLSV1_ALERT_UNKNOWN_CA 1048
#define SSL_R_TLSV1_ALERT_USER_CANCELLED 1090
#define SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER 232
#define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST 227
#define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233
#define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG 234
#define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER 235

View File

@ -481,6 +481,8 @@ typedef struct ssl3_state_st
#define SSL3_ST_CR_CHANGE_B (0x1C1|SSL_ST_CONNECT)
#define SSL3_ST_CR_FINISHED_A (0x1D0|SSL_ST_CONNECT)
#define SSL3_ST_CR_FINISHED_B (0x1D1|SSL_ST_CONNECT)
#define SSL3_ST_CR_SESSION_TICKET_A (0x1E0|SSL_ST_CONNECT)
#define SSL3_ST_CR_SESSION_TICKET_B (0x1E1|SSL_ST_CONNECT)
/* server */
/* extra state */
@ -522,10 +524,13 @@ typedef struct ssl3_state_st
#define SSL3_ST_SW_CHANGE_B (0x1D1|SSL_ST_ACCEPT)
#define SSL3_ST_SW_FINISHED_A (0x1E0|SSL_ST_ACCEPT)
#define SSL3_ST_SW_FINISHED_B (0x1E1|SSL_ST_ACCEPT)
#define SSL3_ST_SW_SESSION_TICKET_A (0x1F0|SSL_ST_ACCEPT)
#define SSL3_ST_SW_SESSION_TICKET_B (0x1F1|SSL_ST_ACCEPT)
#define SSL3_MT_HELLO_REQUEST 0
#define SSL3_MT_CLIENT_HELLO 1
#define SSL3_MT_SERVER_HELLO 2
#define SSL3_MT_NEWSESSION_TICKET 4
#define SSL3_MT_CERTIFICATE 11
#define SSL3_MT_SERVER_KEY_EXCHANGE 12
#define SSL3_MT_CERTIFICATE_REQUEST 13

View File

@ -96,6 +96,60 @@ extern "C" {
#define TLS1_AD_INTERNAL_ERROR 80 /* fatal */
#define TLS1_AD_USER_CANCELLED 90
#define TLS1_AD_NO_RENEGOTIATION 100
/* codes 110-114 are from RFC3546 */
#define TLS1_AD_UNSUPPORTED_EXTENSION 110
#define TLS1_AD_CERTIFICATE_UNOBTAINABLE 111
#define TLS1_AD_UNRECOGNIZED_NAME 112
#define TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE 113
#define TLS1_AD_BAD_CERTIFICATE_HASH_VALUE 114
#define TLS1_AD_UNKNOWN_PSK_IDENTITY 115 /* fatal */
/* ExtensionType values from RFC 3546 */
#define TLSEXT_TYPE_server_name 0
#define TLSEXT_TYPE_max_fragment_length 1
#define TLSEXT_TYPE_client_certificate_url 2
#define TLSEXT_TYPE_trusted_ca_keys 3
#define TLSEXT_TYPE_truncated_hmac 4
#define TLSEXT_TYPE_status_request 5
#define TLSEXT_TYPE_elliptic_curves 10
#define TLSEXT_TYPE_ec_point_formats 11
#define TLSEXT_TYPE_session_ticket 35
/* NameType value from RFC 3546 */
#define TLSEXT_NAMETYPE_host_name 0
#ifndef OPENSSL_NO_TLSEXT
#define TLSEXT_MAXLEN_host_name 255
const char *SSL_get_servername(const SSL *s, const int type) ;
int SSL_get_servername_type(const SSL *s) ;
#define SSL_set_tlsext_host_name(s,name) \
SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_HOSTNAME,TLSEXT_NAMETYPE_host_name,(char *)name)
#define SSL_set_tlsext_debug_callback(ssl, cb) \
SSL_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_CB,(void (*)(void))cb)
#define SSL_set_tlsext_debug_arg(ssl, arg) \
SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_ARG,0, (void *)arg)
#define SSL_CTX_set_tlsext_servername_callback(ctx, cb) \
SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_CB,(void (*)(void))cb)
#define SSL_TLSEXT_ERR_OK 0
#define SSL_TLSEXT_ERR_ALERT_WARNING 1
#define SSL_TLSEXT_ERR_ALERT_FATAL 2
#define SSL_TLSEXT_ERR_NOACK 3
#define SSL_CTX_set_tlsext_servername_arg(ctx, arg) \
SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG,0, (void *)arg)
#define SSL_CTX_get_tlsext_ticket_keys(ctx, keys, keylen) \
SSL_CTX_ctrl((ctx),SSL_CTRL_GET_TLXEXT_TICKET_KEYS,(keylen),(keys))
#define SSL_CTX_set_tlsext_ticket_keys(ctx, keys, keylen) \
SSL_CTX_ctrl((ctx),SSL_CTRL_SET_TLXEXT_TICKET_KEYS,(keylen),(keys))
#endif
/* Additional TLS ciphersuites from draft-ietf-tls-56-bit-ciphersuites-00.txt
* (available if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES is defined, see
@ -140,6 +194,14 @@ extern "C" {
#define TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000088
#define TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA 0x03000089
/* SEED ciphersuites from RFC4162 */
#define TLS1_CK_RSA_WITH_SEED_SHA 0x03000096
#define TLS1_CK_DH_DSS_WITH_SEED_SHA 0x03000097
#define TLS1_CK_DH_RSA_WITH_SEED_SHA 0x03000098
#define TLS1_CK_DHE_DSS_WITH_SEED_SHA 0x03000099
#define TLS1_CK_DHE_RSA_WITH_SEED_SHA 0x0300009A
#define TLS1_CK_ADH_WITH_SEED_SHA 0x0300009B
/* ECC ciphersuites from draft-ietf-tls-ecc-12.txt with changes soon to be in draft 13 */
#define TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA 0x0300C001
#define TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA 0x0300C002
@ -232,7 +294,7 @@ extern "C" {
#define TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA "AECDH-AES128-SHA"
#define TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA "AECDH-AES256-SHA"
/* Camellia ciphersuites form RFC4132 */
/* Camellia ciphersuites from RFC4132 */
#define TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA "CAMELLIA128-SHA"
#define TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA "DH-DSS-CAMELLIA128-SHA"
#define TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA "DH-RSA-CAMELLIA128-SHA"
@ -247,6 +309,13 @@ extern "C" {
#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA "DHE-RSA-CAMELLIA256-SHA"
#define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA "ADH-CAMELLIA256-SHA"
/* SEED ciphersuites from RFC4162 */
#define TLS1_TXT_RSA_WITH_SEED_SHA "SEED-SHA"
#define TLS1_TXT_DH_DSS_WITH_SEED_SHA "DH-DSS-SEED-SHA"
#define TLS1_TXT_DH_RSA_WITH_SEED_SHA "DH-RSA-SEED-SHA"
#define TLS1_TXT_DHE_DSS_WITH_SEED_SHA "DHE-DSS-SEED-SHA"
#define TLS1_TXT_DHE_RSA_WITH_SEED_SHA "DHE-RSA-SEED-SHA"
#define TLS1_TXT_ADH_WITH_SEED_SHA "ADH-SEED-SHA"
#define TLS_CT_RSA_SIGN 1
#define TLS_CT_DSS_SIGN 2