mirror of https://github.com/BOINC/boinc.git
- client: Update client libraries and add debug libraries.
zlib 1.2.3 OpenSSL 0.9.8g LibCurl 7.17.1 curl/ <Many Files> openssl/ <Many Files> zlib/ <Many Files> svn path=/trunk/boinc/; revision=14359
This commit is contained in:
parent
4e5f3b4c18
commit
f10786c135
|
@ -12117,3 +12117,16 @@ Charlie 4 Dec 2007
|
|||
lib/
|
||||
mac/
|
||||
QCrashReport.c
|
||||
|
||||
Rom 5 Dec 2007
|
||||
- client: Update client libraries and add debug libraries.
|
||||
zlib 1.2.3
|
||||
OpenSSL 0.9.8g
|
||||
LibCurl 7.17.1
|
||||
|
||||
curl/
|
||||
<Many Files>
|
||||
openssl/
|
||||
<Many Files>
|
||||
zlib/
|
||||
<Many Files>
|
||||
|
|
|
@ -322,6 +322,17 @@ typedef struct ASN1_VALUE_st ASN1_VALUE;
|
|||
#define I2D_OF(type) int (*)(type *,unsigned char **)
|
||||
#define I2D_OF_const(type) int (*)(const type *,unsigned char **)
|
||||
|
||||
#define CHECKED_D2I_OF(type, d2i) \
|
||||
((d2i_of_void*) (1 ? d2i : ((D2I_OF(type))0)))
|
||||
#define CHECKED_I2D_OF(type, i2d) \
|
||||
((i2d_of_void*) (1 ? i2d : ((I2D_OF(type))0)))
|
||||
#define CHECKED_NEW_OF(type, xnew) \
|
||||
((void *(*)(void)) (1 ? xnew : ((type *(*)(void))0)))
|
||||
#define CHECKED_PTR_OF(type, p) \
|
||||
((void*) (1 ? p : (type*)0))
|
||||
#define CHECKED_PPTR_OF(type, p) \
|
||||
((void**) (1 ? p : (type**)0))
|
||||
|
||||
#define TYPEDEF_D2I_OF(type) typedef type *d2i_of_##type(type **,const unsigned char **,long)
|
||||
#define TYPEDEF_I2D_OF(type) typedef int i2d_of_##type(type *,unsigned char **)
|
||||
#define TYPEDEF_D2I2D_OF(type) TYPEDEF_D2I_OF(type); TYPEDEF_I2D_OF(type)
|
||||
|
@ -902,23 +913,41 @@ int ASN1_object_size(int constructed, int length, int tag);
|
|||
|
||||
/* Used to implement other functions */
|
||||
void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, char *x);
|
||||
|
||||
#define ASN1_dup_of(type,i2d,d2i,x) \
|
||||
((type *(*)(I2D_OF(type),D2I_OF(type),type *))openssl_fcast(ASN1_dup))(i2d,d2i,x)
|
||||
((type*)ASN1_dup(CHECKED_I2D_OF(type, i2d), \
|
||||
CHECKED_D2I_OF(type, d2i), \
|
||||
CHECKED_PTR_OF(type, x)))
|
||||
|
||||
#define ASN1_dup_of_const(type,i2d,d2i,x) \
|
||||
((type *(*)(I2D_OF_const(type),D2I_OF(type),type *))openssl_fcast(ASN1_dup))(i2d,d2i,x)
|
||||
((type*)ASN1_dup(CHECKED_I2D_OF(const type, i2d), \
|
||||
CHECKED_D2I_OF(type, d2i), \
|
||||
CHECKED_PTR_OF(const type, x)))
|
||||
|
||||
void *ASN1_item_dup(const ASN1_ITEM *it, void *x);
|
||||
|
||||
#ifndef OPENSSL_NO_FP_API
|
||||
void *ASN1_d2i_fp(void *(*xnew)(void), d2i_of_void *d2i, FILE *in, void **x);
|
||||
|
||||
#define ASN1_d2i_fp_of(type,xnew,d2i,in,x) \
|
||||
((type *(*)(type *(*)(void),D2I_OF(type),FILE *,type **))openssl_fcast(ASN1_d2i_fp))(xnew,d2i,in,x)
|
||||
((type*)ASN1_d2i_fp(CHECKED_NEW_OF(type, xnew), \
|
||||
CHECKED_D2I_OF(type, d2i), \
|
||||
in, \
|
||||
CHECKED_PPTR_OF(type, x)))
|
||||
|
||||
void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x);
|
||||
int ASN1_i2d_fp(i2d_of_void *i2d,FILE *out,void *x);
|
||||
|
||||
#define ASN1_i2d_fp_of(type,i2d,out,x) \
|
||||
((int (*)(I2D_OF(type),FILE *,type *))openssl_fcast(ASN1_i2d_fp))(i2d,out,x)
|
||||
(ASN1_i2d_fp(CHECKED_I2D_OF(type, i2d), \
|
||||
out, \
|
||||
CHECKED_PTR_OF(type, x)))
|
||||
|
||||
#define ASN1_i2d_fp_of_const(type,i2d,out,x) \
|
||||
((int (*)(I2D_OF_const(type),FILE *,type *))openssl_fcast(ASN1_i2d_fp))(i2d,out,x)
|
||||
(ASN1_i2d_fp(CHECKED_I2D_OF(const type, i2d), \
|
||||
out, \
|
||||
CHECKED_PTR_OF(const type, x)))
|
||||
|
||||
int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x);
|
||||
int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags);
|
||||
#endif
|
||||
|
@ -927,14 +956,26 @@ int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in);
|
|||
|
||||
#ifndef OPENSSL_NO_BIO
|
||||
void *ASN1_d2i_bio(void *(*xnew)(void), d2i_of_void *d2i, BIO *in, void **x);
|
||||
|
||||
#define ASN1_d2i_bio_of(type,xnew,d2i,in,x) \
|
||||
((type *(*)(type *(*)(void),D2I_OF(type),BIO *,type **))openssl_fcast(ASN1_d2i_bio))(xnew,d2i,in,x)
|
||||
((type*)ASN1_d2i_bio( CHECKED_NEW_OF(type, xnew), \
|
||||
CHECKED_D2I_OF(type, d2i), \
|
||||
in, \
|
||||
CHECKED_PPTR_OF(type, x)))
|
||||
|
||||
void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x);
|
||||
int ASN1_i2d_bio(i2d_of_void *i2d,BIO *out, unsigned char *x);
|
||||
|
||||
#define ASN1_i2d_bio_of(type,i2d,out,x) \
|
||||
((int (*)(I2D_OF(type),BIO *,type *))openssl_fcast(ASN1_i2d_bio))(i2d,out,x)
|
||||
(ASN1_i2d_bio(CHECKED_I2D_OF(type, i2d), \
|
||||
out, \
|
||||
CHECKED_PTR_OF(type, x)))
|
||||
|
||||
#define ASN1_i2d_bio_of_const(type,i2d,out,x) \
|
||||
((int (*)(I2D_OF_const(type),BIO *,const type *))openssl_fcast(ASN1_i2d_bio))(i2d,out,x)
|
||||
(ASN1_i2d_bio(CHECKED_I2D_OF(const type, i2d), \
|
||||
out, \
|
||||
CHECKED_PTR_OF(const type, x)))
|
||||
|
||||
int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x);
|
||||
int ASN1_UTCTIME_print(BIO *fp,ASN1_UTCTIME *a);
|
||||
int ASN1_GENERALIZEDTIME_print(BIO *fp,ASN1_GENERALIZEDTIME *a);
|
||||
|
@ -977,8 +1018,12 @@ void *ASN1_unpack_string(ASN1_STRING *oct, d2i_of_void *d2i);
|
|||
void *ASN1_item_unpack(ASN1_STRING *oct, const ASN1_ITEM *it);
|
||||
ASN1_STRING *ASN1_pack_string(void *obj, i2d_of_void *i2d,
|
||||
ASN1_OCTET_STRING **oct);
|
||||
|
||||
#define ASN1_pack_string_of(type,obj,i2d,oct) \
|
||||
((ASN1_STRING *(*)(type *,I2D_OF(type),ASN1_OCTET_STRING **))openssl_fcast(ASN1_pack_string))(obj,i2d,oct)
|
||||
(ASN1_pack_string(CHECKED_PTR_OF(type, obj), \
|
||||
CHECKED_I2D_OF(type, i2d), \
|
||||
oct))
|
||||
|
||||
ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_OCTET_STRING **oct);
|
||||
|
||||
void ASN1_STRING_set_default_mask(unsigned long mask);
|
||||
|
|
|
@ -129,8 +129,8 @@ extern "C" {
|
|||
/* dgram BIO stuff */
|
||||
#define BIO_CTRL_DGRAM_CONNECT 31 /* BIO dgram special */
|
||||
#define BIO_CTRL_DGRAM_SET_CONNECTED 32 /* allow for an externally
|
||||
* connected socket to be
|
||||
* passed in */
|
||||
* connected socket to be
|
||||
* passed in */
|
||||
#define BIO_CTRL_DGRAM_SET_RECV_TIMEOUT 33 /* setsockopt, essentially */
|
||||
#define BIO_CTRL_DGRAM_GET_RECV_TIMEOUT 34 /* getsockopt, essentially */
|
||||
#define BIO_CTRL_DGRAM_SET_SEND_TIMEOUT 35 /* setsockopt, essentially */
|
||||
|
@ -146,14 +146,14 @@ extern "C" {
|
|||
#define BIO_CTRL_DGRAM_QUERY_MTU 40 /* as kernel for current MTU */
|
||||
#define BIO_CTRL_DGRAM_GET_MTU 41 /* get cached value for MTU */
|
||||
#define BIO_CTRL_DGRAM_SET_MTU 42 /* set cached value for
|
||||
* MTU. want to use this
|
||||
* if asking the kernel
|
||||
* fails */
|
||||
* MTU. want to use this
|
||||
* if asking the kernel
|
||||
* fails */
|
||||
|
||||
#define BIO_CTRL_DGRAM_MTU_EXCEEDED 43 /* check whether the MTU
|
||||
* was exceed in the
|
||||
* previous write
|
||||
* operation */
|
||||
* was exceed in the
|
||||
* previous write
|
||||
* operation */
|
||||
|
||||
#define BIO_CTRL_DGRAM_SET_PEER 44 /* Destination for the data */
|
||||
|
||||
|
|
|
@ -245,8 +245,18 @@ extern "C" {
|
|||
|
||||
#define BN_FLG_MALLOCED 0x01
|
||||
#define BN_FLG_STATIC_DATA 0x02
|
||||
#define BN_FLG_EXP_CONSTTIME 0x04 /* avoid leaking exponent information through timings
|
||||
* (BN_mod_exp_mont() will call BN_mod_exp_mont_consttime) */
|
||||
#define BN_FLG_CONSTTIME 0x04 /* avoid leaking exponent information through timing,
|
||||
* BN_mod_exp_mont() will call BN_mod_exp_mont_consttime,
|
||||
* BN_div() will call BN_div_no_branch,
|
||||
* BN_mod_inverse() will call BN_mod_inverse_no_branch.
|
||||
*/
|
||||
|
||||
#ifndef OPENSSL_NO_DEPRECATED
|
||||
#define BN_FLG_EXP_CONSTTIME BN_FLG_CONSTTIME /* deprecated name for the flag */
|
||||
/* avoid leaking exponent information through timings
|
||||
* (BN_mod_exp_mont() will call BN_mod_exp_mont_consttime) */
|
||||
#endif
|
||||
|
||||
#ifndef OPENSSL_NO_DEPRECATED
|
||||
#define BN_FLG_FREE 0x8000 /* used for debuging */
|
||||
#endif
|
||||
|
@ -534,7 +544,7 @@ BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock,
|
|||
#define BN_BLINDING_NO_UPDATE 0x00000001
|
||||
#define BN_BLINDING_NO_RECREATE 0x00000002
|
||||
|
||||
BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod);
|
||||
BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, /* const */ BIGNUM *mod);
|
||||
void BN_BLINDING_free(BN_BLINDING *b);
|
||||
int BN_BLINDING_update(BN_BLINDING *b,BN_CTX *ctx);
|
||||
int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
|
||||
|
@ -546,7 +556,7 @@ void BN_BLINDING_set_thread_id(BN_BLINDING *, unsigned long);
|
|||
unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
|
||||
void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
|
||||
BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
|
||||
const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
|
||||
const BIGNUM *e, /* const */ BIGNUM *m, BN_CTX *ctx,
|
||||
int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
|
||||
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx),
|
||||
BN_MONT_CTX *m_ctx);
|
||||
|
@ -775,6 +785,7 @@ void ERR_load_BN_strings(void);
|
|||
#define BN_F_BN_CTX_NEW 106
|
||||
#define BN_F_BN_CTX_START 129
|
||||
#define BN_F_BN_DIV 107
|
||||
#define BN_F_BN_DIV_NO_BRANCH 138
|
||||
#define BN_F_BN_DIV_RECP 130
|
||||
#define BN_F_BN_EXP 123
|
||||
#define BN_F_BN_EXPAND2 108
|
||||
|
@ -793,6 +804,7 @@ void ERR_load_BN_strings(void);
|
|||
#define BN_F_BN_MOD_EXP_RECP 125
|
||||
#define BN_F_BN_MOD_EXP_SIMPLE 126
|
||||
#define BN_F_BN_MOD_INVERSE 110
|
||||
#define BN_F_BN_MOD_INVERSE_NO_BRANCH 139
|
||||
#define BN_F_BN_MOD_LSHIFT_QUICK 119
|
||||
#define BN_F_BN_MOD_MUL_RECIPROCAL 111
|
||||
#define BN_F_BN_MOD_SQRT 121
|
||||
|
|
|
@ -114,6 +114,7 @@ typedef void conf_finish_func(CONF_IMODULE *md);
|
|||
#define CONF_MFLAGS_SILENT 0x4
|
||||
#define CONF_MFLAGS_NO_DSO 0x8
|
||||
#define CONF_MFLAGS_IGNORE_MISSING_FILE 0x10
|
||||
#define CONF_MFLAGS_DEFAULT_SECTION 0x20
|
||||
|
||||
int CONF_set_default_method(CONF_METHOD *meth);
|
||||
void CONF_set_nconf(CONF *conf,LHASH *hash);
|
||||
|
|
|
@ -67,9 +67,8 @@
|
|||
extern "C" {
|
||||
#endif
|
||||
|
||||
#define DTLS1_VERSION 0x0100
|
||||
#define DTLS1_VERSION_MAJOR 0x01
|
||||
#define DTLS1_VERSION_MINOR 0x00
|
||||
#define DTLS1_VERSION 0xFEFF
|
||||
#define DTLS1_BAD_VER 0x0100
|
||||
|
||||
#define DTLS1_AD_MISSING_HANDSHAKE_MESSAGE 110
|
||||
|
||||
|
@ -83,7 +82,7 @@ extern "C" {
|
|||
#define DTLS1_HM_BAD_FRAGMENT -2
|
||||
#define DTLS1_HM_FRAGMENT_RETRY -3
|
||||
|
||||
#define DTLS1_CCS_HEADER_LENGTH 3
|
||||
#define DTLS1_CCS_HEADER_LENGTH 1
|
||||
|
||||
#define DTLS1_AL_HEADER_LENGTH 7
|
||||
|
||||
|
|
|
@ -471,6 +471,7 @@ void ERR_load_EC_strings(void);
|
|||
#define EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP 126
|
||||
#define EC_F_EC_POINT_SET_TO_INFINITY 127
|
||||
#define EC_F_EC_PRE_COMP_DUP 207
|
||||
#define EC_F_EC_PRE_COMP_NEW 196
|
||||
#define EC_F_EC_WNAF_MUL 187
|
||||
#define EC_F_EC_WNAF_PRECOMPUTE_MULT 188
|
||||
#define EC_F_I2D_ECPARAMETERS 190
|
||||
|
|
|
@ -766,6 +766,14 @@ const EVP_CIPHER *EVP_camellia_256_cfb128(void);
|
|||
const EVP_CIPHER *EVP_camellia_256_ofb(void);
|
||||
#endif
|
||||
|
||||
#ifndef OPENSSL_NO_SEED
|
||||
const EVP_CIPHER *EVP_seed_ecb(void);
|
||||
const EVP_CIPHER *EVP_seed_cbc(void);
|
||||
const EVP_CIPHER *EVP_seed_cfb128(void);
|
||||
# define EVP_seed_cfb EVP_seed_cfb128
|
||||
const EVP_CIPHER *EVP_seed_ofb(void);
|
||||
#endif
|
||||
|
||||
void OPENSSL_add_all_algorithms_noconf(void);
|
||||
void OPENSSL_add_all_algorithms_conf(void);
|
||||
|
||||
|
@ -963,6 +971,7 @@ void ERR_load_EVP_strings(void);
|
|||
#define EVP_R_UNSUPPORTED_SALT_TYPE 126
|
||||
#define EVP_R_WRONG_FINAL_BLOCK_LENGTH 109
|
||||
#define EVP_R_WRONG_PUBLIC_KEY_TYPE 110
|
||||
#define EVP_R_SEED_KEY_SETUP_FAILED 162
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
|
|
|
@ -3406,3 +3406,28 @@
|
|||
#define LN_camellia_256_cfb8 "camellia-256-cfb8"
|
||||
#define NID_camellia_256_cfb8 765
|
||||
|
||||
#define SN_kisa "KISA"
|
||||
#define LN_kisa "kisa"
|
||||
#define NID_kisa 773
|
||||
#define OBJ_kisa OBJ_member_body,410L,200004L
|
||||
|
||||
#define SN_seed_ecb "SEED-ECB"
|
||||
#define LN_seed_ecb "seed-ecb"
|
||||
#define NID_seed_ecb 776
|
||||
#define OBJ_seed_ecb OBJ_kisa,1L,3L
|
||||
|
||||
#define SN_seed_cbc "SEED-CBC"
|
||||
#define LN_seed_cbc "seed-cbc"
|
||||
#define NID_seed_cbc 777
|
||||
#define OBJ_seed_cbc OBJ_kisa,1L,4L
|
||||
|
||||
#define SN_seed_cfb128 "SEED-CFB"
|
||||
#define LN_seed_cfb128 "seed-cfb"
|
||||
#define NID_seed_cfb128 779
|
||||
#define OBJ_seed_cfb128 OBJ_kisa,1L,5L
|
||||
|
||||
#define SN_seed_ofb128 "SEED-OFB"
|
||||
#define LN_seed_ofb128 "seed-ofb"
|
||||
#define NID_seed_ofb128 778
|
||||
#define OBJ_seed_ofb128 OBJ_kisa,1L,6L
|
||||
|
||||
|
|
|
@ -469,7 +469,7 @@ int OCSP_basic_sign(OCSP_BASICRESP *brsp,
|
|||
ASN1_STRING *ASN1_STRING_encode(ASN1_STRING *s, i2d_of_void *i2d,
|
||||
void *data, STACK_OF(ASN1_OBJECT) *sk);
|
||||
#define ASN1_STRING_encode_of(type,s,i2d,data,sk) \
|
||||
((ASN1_STRING *(*)(ASN1_STRING *,I2D_OF(type),type *,STACK_OF(ASN1_OBJECT) *))openssl_fcast(ASN1_STRING_encode))(s,i2d,data,sk)
|
||||
ASN1_STRING_encode(s, CHECKED_I2D_OF(type, i2d), data, sk)
|
||||
|
||||
X509_EXTENSION *OCSP_crlID_new(char *url, long *n, char *tim);
|
||||
|
||||
|
|
|
@ -25,6 +25,12 @@
|
|||
#ifndef OPENSSL_NO_RFC3779
|
||||
# define OPENSSL_NO_RFC3779
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_SEED
|
||||
# define OPENSSL_NO_SEED
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_TLSEXT
|
||||
# define OPENSSL_NO_TLSEXT
|
||||
#endif
|
||||
|
||||
#endif /* OPENSSL_DOING_MAKEDEPEND */
|
||||
#ifndef OPENSSL_THREADS
|
||||
|
@ -54,6 +60,12 @@
|
|||
# if defined(OPENSSL_NO_RFC3779) && !defined(NO_RFC3779)
|
||||
# define NO_RFC3779
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_SEED) && !defined(NO_SEED)
|
||||
# define NO_SEED
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_TLSEXT) && !defined(NO_TLSEXT)
|
||||
# define NO_TLSEXT
|
||||
# endif
|
||||
#endif
|
||||
|
||||
/* crypto/opensslconf.h.in */
|
||||
|
@ -63,8 +75,8 @@
|
|||
|
||||
#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
|
||||
#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
|
||||
#define ENGINESDIR "c:/Src/BOINC/SDKs/openssl-0.9.8e/lib/engines"
|
||||
#define OPENSSLDIR "c:/Src/BOINC/SDKs/openssl-0.9.8e/ssl"
|
||||
#define ENGINESDIR "C:/Src/SDKs/openssl-0.9.8g/lib/engines"
|
||||
#define OPENSSLDIR "C:/Src/SDKs/openssl-0.9.8g/ssl"
|
||||
#endif
|
||||
#endif
|
||||
|
||||
|
|
|
@ -25,11 +25,11 @@
|
|||
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
|
||||
* major minor fix final patch/beta)
|
||||
*/
|
||||
#define OPENSSL_VERSION_NUMBER 0x0090805fL
|
||||
#define OPENSSL_VERSION_NUMBER 0x0090807fL
|
||||
#ifdef OPENSSL_FIPS
|
||||
#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8e-fips 23 Feb 2007"
|
||||
#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8g-fips 19 Oct 2007"
|
||||
#else
|
||||
#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8e 23 Feb 2007"
|
||||
#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8g 19 Oct 2007"
|
||||
#endif
|
||||
#define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
|
||||
|
||||
|
|
|
@ -220,19 +220,28 @@ typedef struct pem_ctx_st
|
|||
#define IMPLEMENT_PEM_read_fp(name, type, str, asn1) \
|
||||
type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u)\
|
||||
{ \
|
||||
return(((type *(*)(D2I_OF(type),char *,FILE *,type **,pem_password_cb *,void *))openssl_fcast(PEM_ASN1_read))(d2i_##asn1, str,fp,x,cb,u)); \
|
||||
return (type*)PEM_ASN1_read(CHECKED_D2I_OF(type, d2i_##asn1), \
|
||||
str, fp, \
|
||||
CHECKED_PPTR_OF(type, x), \
|
||||
cb, u); \
|
||||
}
|
||||
|
||||
#define IMPLEMENT_PEM_write_fp(name, type, str, asn1) \
|
||||
int PEM_write_##name(FILE *fp, type *x) \
|
||||
{ \
|
||||
return(((int (*)(I2D_OF(type),const char *,FILE *,type *, const EVP_CIPHER *,unsigned char *,int, pem_password_cb *,void *))openssl_fcast(PEM_ASN1_write))(i2d_##asn1,str,fp,x,NULL,NULL,0,NULL,NULL)); \
|
||||
return PEM_ASN1_write(CHECKED_I2D_OF(type, i2d_##asn1), \
|
||||
str, fp, \
|
||||
CHECKED_PTR_OF(type, x), \
|
||||
NULL, NULL, 0, NULL, NULL); \
|
||||
}
|
||||
|
||||
#define IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) \
|
||||
int PEM_write_##name(FILE *fp, const type *x) \
|
||||
{ \
|
||||
return(((int (*)(I2D_OF_const(type),const char *,FILE *, const type *, const EVP_CIPHER *,unsigned char *,int, pem_password_cb *,void *))openssl_fcast(PEM_ASN1_write))(i2d_##asn1,str,fp,x,NULL,NULL,0,NULL,NULL)); \
|
||||
return PEM_ASN1_write(CHECKED_I2D_OF(const type, i2d_##asn1), \
|
||||
str, fp, \
|
||||
CHECKED_PTR_OF(const type, x), \
|
||||
NULL, NULL, 0, NULL, NULL); \
|
||||
}
|
||||
|
||||
#define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) \
|
||||
|
@ -240,7 +249,10 @@ int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
|
|||
unsigned char *kstr, int klen, pem_password_cb *cb, \
|
||||
void *u) \
|
||||
{ \
|
||||
return(((int (*)(I2D_OF(type),const char *,FILE *,type *, const EVP_CIPHER *,unsigned char *,int, pem_password_cb *,void *))openssl_fcast(PEM_ASN1_write))(i2d_##asn1,str,fp,x,enc,kstr,klen,cb,u)); \
|
||||
return PEM_ASN1_write(CHECKED_I2D_OF(type, i2d_##asn1), \
|
||||
str, fp, \
|
||||
CHECKED_PTR_OF(type, x), \
|
||||
enc, kstr, klen, cb, u); \
|
||||
}
|
||||
|
||||
#define IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) \
|
||||
|
@ -248,7 +260,10 @@ int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
|
|||
unsigned char *kstr, int klen, pem_password_cb *cb, \
|
||||
void *u) \
|
||||
{ \
|
||||
return(((int (*)(I2D_OF_const(type),const char *,FILE *,type *, const EVP_CIPHER *,unsigned char *,int, pem_password_cb *,void *))openssl_fcast(PEM_ASN1_write))(i2d_##asn1,str,fp,x,enc,kstr,klen,cb,u)); \
|
||||
return PEM_ASN1_write(CHECKED_I2D_OF(const type, i2d_##asn1), \
|
||||
str, fp, \
|
||||
CHECKED_PTR_OF(const type, x), \
|
||||
enc, kstr, klen, cb, u); \
|
||||
}
|
||||
|
||||
#endif
|
||||
|
@ -256,33 +271,48 @@ int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
|
|||
#define IMPLEMENT_PEM_read_bio(name, type, str, asn1) \
|
||||
type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u)\
|
||||
{ \
|
||||
return(((type *(*)(D2I_OF(type),const char *,BIO *,type **,pem_password_cb *,void *))openssl_fcast(PEM_ASN1_read_bio))(d2i_##asn1, str,bp,x,cb,u)); \
|
||||
return (type*)PEM_ASN1_read_bio(CHECKED_D2I_OF(type, d2i_##asn1), \
|
||||
str, bp, \
|
||||
CHECKED_PPTR_OF(type, x), \
|
||||
cb, u); \
|
||||
}
|
||||
|
||||
#define IMPLEMENT_PEM_write_bio(name, type, str, asn1) \
|
||||
int PEM_write_bio_##name(BIO *bp, type *x) \
|
||||
{ \
|
||||
return(((int (*)(I2D_OF(type),const char *,BIO *,type *, const EVP_CIPHER *,unsigned char *,int, pem_password_cb *,void *))openssl_fcast(PEM_ASN1_write_bio))(i2d_##asn1,str,bp,x,NULL,NULL,0,NULL,NULL)); \
|
||||
return PEM_ASN1_write_bio(CHECKED_I2D_OF(type, i2d_##asn1), \
|
||||
str, bp, \
|
||||
CHECKED_PTR_OF(type, x), \
|
||||
NULL, NULL, 0, NULL, NULL); \
|
||||
}
|
||||
|
||||
#define IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \
|
||||
int PEM_write_bio_##name(BIO *bp, const type *x) \
|
||||
{ \
|
||||
return(((int (*)(I2D_OF_const(type),const char *,BIO *,const type *, const EVP_CIPHER *,unsigned char *,int, pem_password_cb *,void *))openssl_fcast(PEM_ASN1_write_bio))(i2d_##asn1,str,bp,x,NULL,NULL,0,NULL,NULL)); \
|
||||
return PEM_ASN1_write_bio(CHECKED_I2D_OF(const type, i2d_##asn1), \
|
||||
str, bp, \
|
||||
CHECKED_PTR_OF(const type, x), \
|
||||
NULL, NULL, 0, NULL, NULL); \
|
||||
}
|
||||
|
||||
#define IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \
|
||||
int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
|
||||
unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \
|
||||
{ \
|
||||
return(((int (*)(I2D_OF(type),const char *,BIO *,type *,const EVP_CIPHER *,unsigned char *,int,pem_password_cb *,void *))openssl_fcast(PEM_ASN1_write_bio))(i2d_##asn1,str,bp,x,enc,kstr,klen,cb,u)); \
|
||||
return PEM_ASN1_write_bio(CHECKED_I2D_OF(type, i2d_##asn1), \
|
||||
str, bp, \
|
||||
CHECKED_PTR_OF(type, x), \
|
||||
enc, kstr, klen, cb, u); \
|
||||
}
|
||||
|
||||
#define IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \
|
||||
int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
|
||||
unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \
|
||||
{ \
|
||||
return(((int (*)(I2D_OF_const(type),const char *,BIO *,type *,const EVP_CIPHER *,unsigned char *,int,pem_password_cb *,void *))openssl_fcast(PEM_ASN1_write_bio))(i2d_##asn1,str,bp,x,enc,kstr,klen,cb,u)); \
|
||||
return PEM_ASN1_write_bio(CHECKED_I2D_OF(const type, i2d_##asn1), \
|
||||
str, bp, \
|
||||
CHECKED_PTR_OF(const type, x), \
|
||||
enc, kstr, klen, cb, u); \
|
||||
}
|
||||
|
||||
#define IMPLEMENT_PEM_write(name, type, str, asn1) \
|
||||
|
@ -545,13 +575,22 @@ int PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm, const char
|
|||
pem_password_cb *cb, void *u);
|
||||
void * PEM_ASN1_read_bio(d2i_of_void *d2i, const char *name, BIO *bp,
|
||||
void **x, pem_password_cb *cb, void *u);
|
||||
|
||||
#define PEM_ASN1_read_bio_of(type,d2i,name,bp,x,cb,u) \
|
||||
((type *(*)(D2I_OF(type),const char *,BIO *,type **,pem_password_cb *,void *))openssl_fcast(PEM_ASN1_read_bio))(d2i,name,bp,x,cb,u)
|
||||
((type*)PEM_ASN1_read_bio(CHECKED_D2I_OF(type, d2i), \
|
||||
name, bp, \
|
||||
CHECKED_PPTR_OF(type, x), \
|
||||
cb, u))
|
||||
|
||||
int PEM_ASN1_write_bio(i2d_of_void *i2d,const char *name,BIO *bp,char *x,
|
||||
const EVP_CIPHER *enc,unsigned char *kstr,int klen,
|
||||
pem_password_cb *cb, void *u);
|
||||
|
||||
#define PEM_ASN1_write_bio_of(type,i2d,name,bp,x,enc,kstr,klen,cb,u) \
|
||||
((int (*)(I2D_OF(type),const char *,BIO *,type *, const EVP_CIPHER *,unsigned char *,int, pem_password_cb *,void *))openssl_fcast(PEM_ASN1_write_bio))(i2d,name,bp,x,enc,kstr,klen,cb,u)
|
||||
(PEM_ASN1_write_bio(CHECKED_I2D_OF(type, i2d), \
|
||||
name, bp, \
|
||||
CHECKED_PTR_OF(type, x), \
|
||||
enc, kstr, klen, cb, u))
|
||||
|
||||
STACK_OF(X509_INFO) * PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u);
|
||||
int PEM_X509_INFO_write_bio(BIO *bp,X509_INFO *xi, EVP_CIPHER *enc,
|
||||
|
|
|
@ -57,7 +57,7 @@
|
|||
*
|
||||
*/
|
||||
|
||||
#include "opensslconf.h"
|
||||
#include <openssl/opensslconf.h>
|
||||
#include <openssl/bn.h>
|
||||
|
||||
/*
|
||||
|
|
|
@ -195,13 +195,27 @@ struct rsa_st
|
|||
* default (ignoring RSA_FLAG_BLINDING),
|
||||
* but other engines might not need it
|
||||
*/
|
||||
#define RSA_FLAG_NO_EXP_CONSTTIME 0x0100 /* new with 0.9.7h; the built-in RSA
|
||||
#define RSA_FLAG_NO_CONSTTIME 0x0100 /* new with 0.9.8f; the built-in RSA
|
||||
* implementation now uses constant time
|
||||
* operations by default in private key operations,
|
||||
* e.g., constant time modular exponentiation,
|
||||
* modular inverse without leaking branches,
|
||||
* division without leaking branches. This
|
||||
* flag disables these constant time
|
||||
* operations and results in faster RSA
|
||||
* private key operations.
|
||||
*/
|
||||
#ifndef OPENSSL_NO_DEPRECATED
|
||||
#define RSA_FLAG_NO_EXP_CONSTTIME RSA_FLAG_NO_CONSTTIME /* deprecated name for the flag*/
|
||||
/* new with 0.9.7h; the built-in RSA
|
||||
* implementation now uses constant time
|
||||
* modular exponentiation for secret exponents
|
||||
* by default. This flag causes the
|
||||
* faster variable sliding window method to
|
||||
* be used for all exponents.
|
||||
*/
|
||||
#endif
|
||||
|
||||
|
||||
#define RSA_PKCS1_PADDING 1
|
||||
#define RSA_SSLV23_PADDING 2
|
||||
|
|
|
@ -57,11 +57,20 @@
|
|||
|
||||
#include <openssl/stack.h>
|
||||
|
||||
typedef void (*openssl_fptr)(void);
|
||||
#define openssl_fcast(f) ((openssl_fptr)f)
|
||||
|
||||
#ifdef DEBUG_SAFESTACK
|
||||
|
||||
#ifndef CHECKED_PTR_OF
|
||||
#define CHECKED_PTR_OF(type, p) \
|
||||
((void*) (1 ? p : (type*)0))
|
||||
#endif
|
||||
|
||||
#define CHECKED_SK_FREE_FUNC(type, p) \
|
||||
((void (*)(void *)) ((1 ? p : (void (*)(type *))0)))
|
||||
|
||||
#define CHECKED_SK_CMP_FUNC(type, p) \
|
||||
((int (*)(const char * const *, const char * const *)) \
|
||||
((1 ? p : (int (*)(const type * const *, const type * const *))0)))
|
||||
|
||||
#define STACK_OF(type) struct stack_st_##type
|
||||
#define PREDECLARE_STACK_OF(type) STACK_OF(type);
|
||||
|
||||
|
@ -76,76 +85,71 @@ STACK_OF(type) \
|
|||
/* SKM_sk_... stack macros are internal to safestack.h:
|
||||
* never use them directly, use sk_<type>_... instead */
|
||||
#define SKM_sk_new(type, cmp) \
|
||||
((STACK_OF(type) * (*)(int (*)(const type * const *, const type * const *)))openssl_fcast(sk_new))(cmp)
|
||||
((STACK_OF(type) *)sk_new(CHECKED_SK_CMP_FUNC(type, cmp)))
|
||||
#define SKM_sk_new_null(type) \
|
||||
((STACK_OF(type) * (*)(void))openssl_fcast(sk_new_null))()
|
||||
((STACK_OF(type) *)sk_new_null())
|
||||
#define SKM_sk_free(type, st) \
|
||||
((void (*)(STACK_OF(type) *))openssl_fcast(sk_free))(st)
|
||||
sk_free(CHECKED_PTR_OF(STACK_OF(type), st))
|
||||
#define SKM_sk_num(type, st) \
|
||||
((int (*)(const STACK_OF(type) *))openssl_fcast(sk_num))(st)
|
||||
sk_num(CHECKED_PTR_OF(STACK_OF(type), st))
|
||||
#define SKM_sk_value(type, st,i) \
|
||||
((type * (*)(const STACK_OF(type) *, int))openssl_fcast(sk_value))(st, i)
|
||||
((type *)sk_value(CHECKED_PTR_OF(STACK_OF(type), st), i))
|
||||
#define SKM_sk_set(type, st,i,val) \
|
||||
((type * (*)(STACK_OF(type) *, int, type *))openssl_fcast(sk_set))(st, i, val)
|
||||
sk_set(CHECKED_PTR_OF(STACK_OF(type), st), i, CHECKED_PTR_OF(type, val))
|
||||
#define SKM_sk_zero(type, st) \
|
||||
((void (*)(STACK_OF(type) *))openssl_fcast(sk_zero))(st)
|
||||
sk_zero(CHECKED_PTR_OF(STACK_OF(type), st))
|
||||
#define SKM_sk_push(type, st,val) \
|
||||
((int (*)(STACK_OF(type) *, type *))openssl_fcast(sk_push))(st, val)
|
||||
sk_push(CHECKED_PTR_OF(STACK_OF(type), st), CHECKED_PTR_OF(type, val))
|
||||
#define SKM_sk_unshift(type, st,val) \
|
||||
((int (*)(STACK_OF(type) *, type *))openssl_fcast(sk_unshift))(st, val)
|
||||
sk_unshift(CHECKED_PTR_OF(STACK_OF(type), st), CHECKED_PTR_OF(type, val))
|
||||
#define SKM_sk_find(type, st,val) \
|
||||
((int (*)(STACK_OF(type) *, type *))openssl_fcast(sk_find))(st, val)
|
||||
sk_find(CHECKED_PTR_OF(STACK_OF(type), st), CHECKED_PTR_OF(type, val))
|
||||
#define SKM_sk_delete(type, st,i) \
|
||||
((type * (*)(STACK_OF(type) *, int))openssl_fcast(sk_delete))(st, i)
|
||||
(type *)sk_delete(CHECKED_PTR_OF(STACK_OF(type), st), i)
|
||||
#define SKM_sk_delete_ptr(type, st,ptr) \
|
||||
((type * (*)(STACK_OF(type) *, type *))openssl_fcast(sk_delete_ptr))(st, ptr)
|
||||
(type *)sk_delete_ptr(CHECKED_PTR_OF(STACK_OF(type), st), CHECKED_PTR_OF(type, ptr))
|
||||
#define SKM_sk_insert(type, st,val,i) \
|
||||
((int (*)(STACK_OF(type) *, type *, int))openssl_fcast(sk_insert))(st, val, i)
|
||||
sk_insert(CHECKED_PTR_OF(STACK_OF(type), st), CHECKED_PTR_OF(type, val), i)
|
||||
#define SKM_sk_set_cmp_func(type, st,cmp) \
|
||||
((int (*(*)(STACK_OF(type) *, int (*)(const type * const *, const type * const *))) \
|
||||
(const type * const *, const type * const *))openssl_fcast(sk_set_cmp_func))\
|
||||
(st, cmp)
|
||||
((int (*)(const type * const *,const type * const *)) \
|
||||
sk_set_cmp_func(CHECKED_PTR_OF(STACK_OF(type), st), CHECKED_SK_CMP_FUNC(type, cmp)))
|
||||
#define SKM_sk_dup(type, st) \
|
||||
((STACK_OF(type) *(*)(STACK_OF(type) *))openssl_fcast(sk_dup))(st)
|
||||
(STACK_OF(type) *)sk_dup(CHECKED_PTR_OF(STACK_OF(type), st))
|
||||
#define SKM_sk_pop_free(type, st,free_func) \
|
||||
((void (*)(STACK_OF(type) *, void (*)(type *)))openssl_fcast(sk_pop_free))\
|
||||
(st, free_func)
|
||||
sk_pop_free(CHECKED_PTR_OF(STACK_OF(type), st), CHECKED_SK_FREE_FUNC(type, free_func))
|
||||
#define SKM_sk_shift(type, st) \
|
||||
((type * (*)(STACK_OF(type) *))openssl_fcast(sk_shift))(st)
|
||||
(type *)sk_shift(CHECKED_PTR_OF(STACK_OF(type), st))
|
||||
#define SKM_sk_pop(type, st) \
|
||||
((type * (*)(STACK_OF(type) *))openssl_fcast(sk_pop))(st)
|
||||
(type *)sk_pop(CHECKED_PTR_OF(STACK_OF(type), st))
|
||||
#define SKM_sk_sort(type, st) \
|
||||
((void (*)(STACK_OF(type) *))openssl_fcast(sk_sort))(st)
|
||||
sk_sort(CHECKED_PTR_OF(STACK_OF(type), st))
|
||||
#define SKM_sk_is_sorted(type, st) \
|
||||
((int (*)(const STACK_OF(type) *))openssl_fcast(sk_is_sorted))(st)
|
||||
sk_is_sorted(CHECKED_PTR_OF(STACK_OF(type), st))
|
||||
|
||||
#define SKM_ASN1_SET_OF_d2i(type, st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
|
||||
((STACK_OF(type) * (*) (STACK_OF(type) **,const unsigned char **, long , \
|
||||
type *(*)(type **, const unsigned char **,long), \
|
||||
void (*)(type *), int ,int )) openssl_fcast(d2i_ASN1_SET)) \
|
||||
(st,pp,length, d2i_func, free_func, ex_tag,ex_class)
|
||||
(STACK_OF(type) *)d2i_ASN1_SET(CHECKED_PTR_OF(STACK_OF(type), st), \
|
||||
pp, length, \
|
||||
CHECKED_D2I_OF(type, d2i_func), \
|
||||
CHECKED_SK_FREE_FUNC(type, free_func), \
|
||||
ex_tag, ex_class)
|
||||
|
||||
#define SKM_ASN1_SET_OF_i2d(type, st, pp, i2d_func, ex_tag, ex_class, is_set) \
|
||||
((int (*)(STACK_OF(type) *,unsigned char **, \
|
||||
int (*)(type *,unsigned char **), int , int , int)) openssl_fcast(i2d_ASN1_SET)) \
|
||||
(st,pp,i2d_func,ex_tag,ex_class,is_set)
|
||||
i2d_ASN1_SET(CHECKED_PTR_OF(STACK_OF(type), st), pp, \
|
||||
CHECKED_I2D_OF(type, i2d_func), \
|
||||
ex_tag, ex_class, is_set)
|
||||
|
||||
#define SKM_ASN1_seq_pack(type, st, i2d_func, buf, len) \
|
||||
((unsigned char *(*)(STACK_OF(type) *, \
|
||||
int (*)(type *,unsigned char **), unsigned char **,int *)) openssl_fcast(ASN1_seq_pack)) \
|
||||
(st, i2d_func, buf, len)
|
||||
ASN1_seq_pack(CHECKED_PTR_OF(STACK_OF(type), st), \
|
||||
CHECKED_I2D_OF(type, i2d_func), buf, len)
|
||||
|
||||
#define SKM_ASN1_seq_unpack(type, buf, len, d2i_func, free_func) \
|
||||
((STACK_OF(type) * (*)(const unsigned char *,int, \
|
||||
type *(*)(type **,const unsigned char **, long), \
|
||||
void (*)(type *)))openssl_fcast(ASN1_seq_unpack)) \
|
||||
(buf,len,d2i_func, free_func)
|
||||
(STACK_OF(type) *)ASN1_seq_unpack(buf, len, CHECKED_D2I_OF(type, d2i_func), CHECKED_SK_FREE_FUNC(type, free_func))
|
||||
|
||||
#define SKM_PKCS12_decrypt_d2i(type, algor, d2i_func, free_func, pass, passlen, oct, seq) \
|
||||
((STACK_OF(type) * (*)(X509_ALGOR *, \
|
||||
type *(*)(type **, const unsigned char **, long), \
|
||||
void (*)(type *), \
|
||||
const char *, int, \
|
||||
ASN1_STRING *, int))PKCS12_decrypt_d2i) \
|
||||
(algor,d2i_func,free_func,pass,passlen,oct,seq)
|
||||
(STACK_OF(type) *)PKCS12_decrypt_d2i(algor, \
|
||||
CHECKED_D2I_OF(type, d2i_func), \
|
||||
CHECKED_SK_FREE_FUNC(type, free_func), \
|
||||
pass, passlen, oct, seq)
|
||||
|
||||
#else
|
||||
|
||||
|
|
|
@ -281,6 +281,7 @@ extern "C" {
|
|||
#define SSL_TXT_RC4 "RC4"
|
||||
#define SSL_TXT_RC2 "RC2"
|
||||
#define SSL_TXT_IDEA "IDEA"
|
||||
#define SSL_TXT_SEED "SEED"
|
||||
#define SSL_TXT_AES "AES"
|
||||
#define SSL_TXT_CAMELLIA "CAMELLIA"
|
||||
#define SSL_TXT_MD5 "MD5"
|
||||
|
@ -316,11 +317,7 @@ extern "C" {
|
|||
/* The following cipher list is used by default.
|
||||
* It also is substituted when an application-defined cipher list string
|
||||
* starts with 'DEFAULT'. */
|
||||
#ifdef OPENSSL_NO_CAMELLIA
|
||||
# define SSL_DEFAULT_CIPHER_LIST "ALL:!ADH:+RC4:@STRENGTH" /* low priority for RC4 */
|
||||
#else
|
||||
# define SSL_DEFAULT_CIPHER_LIST "AES:CAMELLIA:ALL:!ADH:+RC4:@STRENGTH" /* low priority for RC4 */
|
||||
#endif
|
||||
#define SSL_DEFAULT_CIPHER_LIST "AES:ALL:!aNULL:!eNULL:+RC4:@STRENGTH" /* low priority for RC4 */
|
||||
|
||||
/* Used in SSL_set_shutdown()/SSL_get_shutdown(); */
|
||||
#define SSL_SENT_SHUTDOWN 1
|
||||
|
@ -477,6 +474,13 @@ typedef struct ssl_session_st
|
|||
/* These are used to make removal of session-ids more
|
||||
* efficient and to implement a maximum cache size. */
|
||||
struct ssl_session_st *prev,*next;
|
||||
#ifndef OPENSSL_NO_TLSEXT
|
||||
char *tlsext_hostname;
|
||||
/* RFC4507 info */
|
||||
unsigned char *tlsext_tick; /* Session ticket */
|
||||
size_t tlsext_ticklen; /* Session ticket length */
|
||||
long tlsext_tick_lifetime_hint; /* Session lifetime hint in seconds */
|
||||
#endif
|
||||
} SSL_SESSION;
|
||||
|
||||
|
||||
|
@ -505,6 +509,8 @@ typedef struct ssl_session_st
|
|||
#define SSL_OP_NO_QUERY_MTU 0x00001000L
|
||||
/* Turn on Cookie Exchange (on relevant for servers) */
|
||||
#define SSL_OP_COOKIE_EXCHANGE 0x00002000L
|
||||
/* Don't use RFC4507 ticket extension */
|
||||
#define SSL_OP_NO_TICKET 0x00004000L
|
||||
|
||||
/* As server, disallow session resumption on renegotiation */
|
||||
#define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0x00010000L
|
||||
|
@ -752,6 +758,17 @@ struct ssl_ctx_st
|
|||
#endif
|
||||
|
||||
int quiet_shutdown;
|
||||
|
||||
#ifndef OPENSSL_NO_TLSEXT
|
||||
/* TLS extensions servername callback */
|
||||
int (*tlsext_servername_callback)(SSL*, int *, void *);
|
||||
void *tlsext_servername_arg;
|
||||
/* RFC 4507 session ticket keys */
|
||||
unsigned char tlsext_tick_key_name[16];
|
||||
unsigned char tlsext_tick_hmac_key[16];
|
||||
unsigned char tlsext_tick_aes_key[16];
|
||||
#endif
|
||||
|
||||
};
|
||||
|
||||
#define SSL_SESS_CACHE_OFF 0x0000
|
||||
|
@ -973,6 +990,25 @@ struct ssl_st
|
|||
int first_packet;
|
||||
int client_version; /* what was passed, used for
|
||||
* SSLv3/TLS rollback check */
|
||||
#ifndef OPENSSL_NO_TLSEXT
|
||||
/* TLS extension debug callback */
|
||||
void (*tlsext_debug_cb)(SSL *s, int client_server, int type,
|
||||
unsigned char *data, int len,
|
||||
void *arg);
|
||||
void *tlsext_debug_arg;
|
||||
char *tlsext_hostname;
|
||||
int servername_done; /* no further mod of servername
|
||||
0 : call the servername extension callback.
|
||||
1 : prepare 2, allow last ack just after in server callback.
|
||||
2 : don't call servername callback, no ack in server hello
|
||||
*/
|
||||
/* RFC4507 session ticket expected to be received or sent */
|
||||
int tlsext_ticket_expected;
|
||||
SSL_CTX * initial_ctx; /* initial ctx, used to store sessions */
|
||||
#define session_ctx initial_ctx
|
||||
#else
|
||||
#define session_ctx ctx
|
||||
#endif
|
||||
};
|
||||
|
||||
#ifdef __cplusplus
|
||||
|
@ -1118,6 +1154,9 @@ size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count);
|
|||
#define SSL_AD_INTERNAL_ERROR TLS1_AD_INTERNAL_ERROR /* fatal */
|
||||
#define SSL_AD_USER_CANCELLED TLS1_AD_USER_CANCELLED
|
||||
#define SSL_AD_NO_RENEGOTIATION TLS1_AD_NO_RENEGOTIATION
|
||||
#define SSL_AD_UNSUPPORTED_EXTENSION TLS1_AD_UNSUPPORTED_EXTENSION
|
||||
#define SSL_AD_CERTIFICATE_UNOBTAINABLE TLS1_AD_CERTIFICATE_UNOBTAINABLE
|
||||
#define SSL_AD_UNRECOGNIZED_NAME TLS1_AD_UNRECOGNIZED_NAME
|
||||
|
||||
#define SSL_ERROR_NONE 0
|
||||
#define SSL_ERROR_SSL 1
|
||||
|
@ -1176,6 +1215,17 @@ size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count);
|
|||
#define SSL_CTRL_GET_MAX_CERT_LIST 50
|
||||
#define SSL_CTRL_SET_MAX_CERT_LIST 51
|
||||
|
||||
/* see tls1.h for macros based on these */
|
||||
#ifndef OPENSSL_NO_TLSEXT
|
||||
#define SSL_CTRL_SET_TLSEXT_SERVERNAME_CB 53
|
||||
#define SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG 54
|
||||
#define SSL_CTRL_SET_TLSEXT_HOSTNAME 55
|
||||
#define SSL_CTRL_SET_TLSEXT_DEBUG_CB 56
|
||||
#define SSL_CTRL_SET_TLSEXT_DEBUG_ARG 57
|
||||
#define SSL_CTRL_GET_TLSEXT_TICKET_KEYS 58
|
||||
#define SSL_CTRL_SET_TLSEXT_TICKET_KEYS 59
|
||||
#endif
|
||||
|
||||
#define SSL_session_reused(ssl) \
|
||||
SSL_ctrl((ssl),SSL_CTRL_GET_SESSION_REUSED,0,NULL)
|
||||
#define SSL_num_renegotiations(ssl) \
|
||||
|
@ -1448,6 +1498,7 @@ int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
|
|||
SSL_SESSION *SSL_get_session(const SSL *ssl);
|
||||
SSL_SESSION *SSL_get1_session(SSL *ssl); /* obtain a reference count */
|
||||
SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl);
|
||||
SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX* ctx);
|
||||
void SSL_set_info_callback(SSL *ssl,
|
||||
void (*cb)(const SSL *ssl,int type,int val));
|
||||
void (*SSL_get_info_callback(const SSL *ssl))(const SSL *ssl,int type,int val);
|
||||
|
@ -1564,6 +1615,7 @@ void ERR_load_SSL_strings(void);
|
|||
#define SSL_F_DTLS1_GET_MESSAGE_FRAGMENT 253
|
||||
#define SSL_F_DTLS1_GET_RECORD 254
|
||||
#define SSL_F_DTLS1_OUTPUT_CERT_CHAIN 255
|
||||
#define SSL_F_DTLS1_PREPROCESS_FRAGMENT 277
|
||||
#define SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE 256
|
||||
#define SSL_F_DTLS1_PROCESS_RECORD 257
|
||||
#define SSL_F_DTLS1_READ_BYTES 258
|
||||
|
@ -1624,10 +1676,12 @@ void ERR_load_SSL_strings(void);
|
|||
#define SSL_F_SSL3_GET_FINISHED 140
|
||||
#define SSL_F_SSL3_GET_KEY_EXCHANGE 141
|
||||
#define SSL_F_SSL3_GET_MESSAGE 142
|
||||
#define SSL_F_SSL3_GET_NEW_SESSION_TICKET 283
|
||||
#define SSL_F_SSL3_GET_RECORD 143
|
||||
#define SSL_F_SSL3_GET_SERVER_CERTIFICATE 144
|
||||
#define SSL_F_SSL3_GET_SERVER_DONE 145
|
||||
#define SSL_F_SSL3_GET_SERVER_HELLO 146
|
||||
#define SSL_F_SSL3_NEW_SESSION_TICKET 284
|
||||
#define SSL_F_SSL3_OUTPUT_CERT_CHAIN 147
|
||||
#define SSL_F_SSL3_PEEK 235
|
||||
#define SSL_F_SSL3_READ_BYTES 148
|
||||
|
@ -1643,8 +1697,10 @@ void ERR_load_SSL_strings(void);
|
|||
#define SSL_F_SSL3_SETUP_KEY_BLOCK 157
|
||||
#define SSL_F_SSL3_WRITE_BYTES 158
|
||||
#define SSL_F_SSL3_WRITE_PENDING 159
|
||||
#define SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT 272
|
||||
#define SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK 215
|
||||
#define SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK 216
|
||||
#define SSL_F_SSL_ADD_SERVERHELLO_TLSEXT 273
|
||||
#define SSL_F_SSL_BAD_METHOD 160
|
||||
#define SSL_F_SSL_BYTES_TO_CIPHER_LIST 161
|
||||
#define SSL_F_SSL_CERT_DUP 221
|
||||
|
@ -1652,6 +1708,7 @@ void ERR_load_SSL_strings(void);
|
|||
#define SSL_F_SSL_CERT_INSTANTIATE 214
|
||||
#define SSL_F_SSL_CERT_NEW 162
|
||||
#define SSL_F_SSL_CHECK_PRIVATE_KEY 163
|
||||
#define SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT 274
|
||||
#define SSL_F_SSL_CIPHER_PROCESS_RULESTR 230
|
||||
#define SSL_F_SSL_CIPHER_STRENGTH_SORT 231
|
||||
#define SSL_F_SSL_CLEAR 164
|
||||
|
@ -1684,6 +1741,8 @@ void ERR_load_SSL_strings(void);
|
|||
#define SSL_F_SSL_LOAD_CLIENT_CA_FILE 185
|
||||
#define SSL_F_SSL_NEW 186
|
||||
#define SSL_F_SSL_PEEK 270
|
||||
#define SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT 275
|
||||
#define SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT 276
|
||||
#define SSL_F_SSL_READ 223
|
||||
#define SSL_F_SSL_RSA_PRIVATE_DECRYPT 187
|
||||
#define SSL_F_SSL_RSA_PUBLIC_ENCRYPT 188
|
||||
|
@ -1766,6 +1825,7 @@ void ERR_load_SSL_strings(void);
|
|||
#define SSL_R_CIPHER_CODE_WRONG_LENGTH 137
|
||||
#define SSL_R_CIPHER_OR_HASH_UNAVAILABLE 138
|
||||
#define SSL_R_CIPHER_TABLE_SRC_ERROR 139
|
||||
#define SSL_R_CLIENTHELLO_TLSEXT 157
|
||||
#define SSL_R_COMPRESSED_LENGTH_TOO_LONG 140
|
||||
#define SSL_R_COMPRESSION_FAILURE 141
|
||||
#define SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE 307
|
||||
|
@ -1793,6 +1853,7 @@ void ERR_load_SSL_strings(void);
|
|||
#define SSL_R_INVALID_CHALLENGE_LENGTH 158
|
||||
#define SSL_R_INVALID_COMMAND 280
|
||||
#define SSL_R_INVALID_PURPOSE 278
|
||||
#define SSL_R_INVALID_TICKET_KEYS_LENGTH 275
|
||||
#define SSL_R_INVALID_TRUST 279
|
||||
#define SSL_R_KEY_ARG_TOO_LONG 284
|
||||
#define SSL_R_KRB5 285
|
||||
|
@ -1850,6 +1911,7 @@ void ERR_load_SSL_strings(void);
|
|||
#define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED 197
|
||||
#define SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE 297
|
||||
#define SSL_R_PACKET_LENGTH_TOO_LONG 198
|
||||
#define SSL_R_PARSE_TLSEXT 223
|
||||
#define SSL_R_PATH_TOO_LONG 270
|
||||
#define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE 199
|
||||
#define SSL_R_PEER_ERROR 200
|
||||
|
@ -1873,11 +1935,14 @@ void ERR_load_SSL_strings(void);
|
|||
#define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO 216
|
||||
#define SSL_R_REUSE_CERT_TYPE_NOT_ZERO 217
|
||||
#define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO 218
|
||||
#define SSL_R_SERVERHELLO_TLSEXT 224
|
||||
#define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED 277
|
||||
#define SSL_R_SHORT_READ 219
|
||||
#define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220
|
||||
#define SSL_R_SSL23_DOING_SESSION_ID_REUSE 221
|
||||
#define SSL_R_SSL2_CONNECTION_ID_TOO_LONG 299
|
||||
#define SSL_R_SSL3_EXT_INVALID_SERVERNAME 225
|
||||
#define SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE 226
|
||||
#define SSL_R_SSL3_SESSION_ID_TOO_LONG 300
|
||||
#define SSL_R_SSL3_SESSION_ID_TOO_SHORT 222
|
||||
#define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE 1042
|
||||
|
@ -1912,6 +1977,7 @@ void ERR_load_SSL_strings(void);
|
|||
#define SSL_R_TLSV1_ALERT_UNKNOWN_CA 1048
|
||||
#define SSL_R_TLSV1_ALERT_USER_CANCELLED 1090
|
||||
#define SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER 232
|
||||
#define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST 227
|
||||
#define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233
|
||||
#define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG 234
|
||||
#define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER 235
|
||||
|
|
|
@ -481,6 +481,8 @@ typedef struct ssl3_state_st
|
|||
#define SSL3_ST_CR_CHANGE_B (0x1C1|SSL_ST_CONNECT)
|
||||
#define SSL3_ST_CR_FINISHED_A (0x1D0|SSL_ST_CONNECT)
|
||||
#define SSL3_ST_CR_FINISHED_B (0x1D1|SSL_ST_CONNECT)
|
||||
#define SSL3_ST_CR_SESSION_TICKET_A (0x1E0|SSL_ST_CONNECT)
|
||||
#define SSL3_ST_CR_SESSION_TICKET_B (0x1E1|SSL_ST_CONNECT)
|
||||
|
||||
/* server */
|
||||
/* extra state */
|
||||
|
@ -522,10 +524,13 @@ typedef struct ssl3_state_st
|
|||
#define SSL3_ST_SW_CHANGE_B (0x1D1|SSL_ST_ACCEPT)
|
||||
#define SSL3_ST_SW_FINISHED_A (0x1E0|SSL_ST_ACCEPT)
|
||||
#define SSL3_ST_SW_FINISHED_B (0x1E1|SSL_ST_ACCEPT)
|
||||
#define SSL3_ST_SW_SESSION_TICKET_A (0x1F0|SSL_ST_ACCEPT)
|
||||
#define SSL3_ST_SW_SESSION_TICKET_B (0x1F1|SSL_ST_ACCEPT)
|
||||
|
||||
#define SSL3_MT_HELLO_REQUEST 0
|
||||
#define SSL3_MT_CLIENT_HELLO 1
|
||||
#define SSL3_MT_SERVER_HELLO 2
|
||||
#define SSL3_MT_NEWSESSION_TICKET 4
|
||||
#define SSL3_MT_CERTIFICATE 11
|
||||
#define SSL3_MT_SERVER_KEY_EXCHANGE 12
|
||||
#define SSL3_MT_CERTIFICATE_REQUEST 13
|
||||
|
|
|
@ -96,6 +96,60 @@ extern "C" {
|
|||
#define TLS1_AD_INTERNAL_ERROR 80 /* fatal */
|
||||
#define TLS1_AD_USER_CANCELLED 90
|
||||
#define TLS1_AD_NO_RENEGOTIATION 100
|
||||
/* codes 110-114 are from RFC3546 */
|
||||
#define TLS1_AD_UNSUPPORTED_EXTENSION 110
|
||||
#define TLS1_AD_CERTIFICATE_UNOBTAINABLE 111
|
||||
#define TLS1_AD_UNRECOGNIZED_NAME 112
|
||||
#define TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE 113
|
||||
#define TLS1_AD_BAD_CERTIFICATE_HASH_VALUE 114
|
||||
#define TLS1_AD_UNKNOWN_PSK_IDENTITY 115 /* fatal */
|
||||
|
||||
/* ExtensionType values from RFC 3546 */
|
||||
#define TLSEXT_TYPE_server_name 0
|
||||
#define TLSEXT_TYPE_max_fragment_length 1
|
||||
#define TLSEXT_TYPE_client_certificate_url 2
|
||||
#define TLSEXT_TYPE_trusted_ca_keys 3
|
||||
#define TLSEXT_TYPE_truncated_hmac 4
|
||||
#define TLSEXT_TYPE_status_request 5
|
||||
#define TLSEXT_TYPE_elliptic_curves 10
|
||||
#define TLSEXT_TYPE_ec_point_formats 11
|
||||
#define TLSEXT_TYPE_session_ticket 35
|
||||
|
||||
/* NameType value from RFC 3546 */
|
||||
#define TLSEXT_NAMETYPE_host_name 0
|
||||
|
||||
#ifndef OPENSSL_NO_TLSEXT
|
||||
|
||||
#define TLSEXT_MAXLEN_host_name 255
|
||||
|
||||
const char *SSL_get_servername(const SSL *s, const int type) ;
|
||||
int SSL_get_servername_type(const SSL *s) ;
|
||||
|
||||
#define SSL_set_tlsext_host_name(s,name) \
|
||||
SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_HOSTNAME,TLSEXT_NAMETYPE_host_name,(char *)name)
|
||||
|
||||
#define SSL_set_tlsext_debug_callback(ssl, cb) \
|
||||
SSL_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_CB,(void (*)(void))cb)
|
||||
|
||||
#define SSL_set_tlsext_debug_arg(ssl, arg) \
|
||||
SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_ARG,0, (void *)arg)
|
||||
|
||||
#define SSL_CTX_set_tlsext_servername_callback(ctx, cb) \
|
||||
SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_CB,(void (*)(void))cb)
|
||||
|
||||
#define SSL_TLSEXT_ERR_OK 0
|
||||
#define SSL_TLSEXT_ERR_ALERT_WARNING 1
|
||||
#define SSL_TLSEXT_ERR_ALERT_FATAL 2
|
||||
#define SSL_TLSEXT_ERR_NOACK 3
|
||||
|
||||
#define SSL_CTX_set_tlsext_servername_arg(ctx, arg) \
|
||||
SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG,0, (void *)arg)
|
||||
|
||||
#define SSL_CTX_get_tlsext_ticket_keys(ctx, keys, keylen) \
|
||||
SSL_CTX_ctrl((ctx),SSL_CTRL_GET_TLXEXT_TICKET_KEYS,(keylen),(keys))
|
||||
#define SSL_CTX_set_tlsext_ticket_keys(ctx, keys, keylen) \
|
||||
SSL_CTX_ctrl((ctx),SSL_CTRL_SET_TLXEXT_TICKET_KEYS,(keylen),(keys))
|
||||
#endif
|
||||
|
||||
/* Additional TLS ciphersuites from draft-ietf-tls-56-bit-ciphersuites-00.txt
|
||||
* (available if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES is defined, see
|
||||
|
@ -140,6 +194,14 @@ extern "C" {
|
|||
#define TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000088
|
||||
#define TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA 0x03000089
|
||||
|
||||
/* SEED ciphersuites from RFC4162 */
|
||||
#define TLS1_CK_RSA_WITH_SEED_SHA 0x03000096
|
||||
#define TLS1_CK_DH_DSS_WITH_SEED_SHA 0x03000097
|
||||
#define TLS1_CK_DH_RSA_WITH_SEED_SHA 0x03000098
|
||||
#define TLS1_CK_DHE_DSS_WITH_SEED_SHA 0x03000099
|
||||
#define TLS1_CK_DHE_RSA_WITH_SEED_SHA 0x0300009A
|
||||
#define TLS1_CK_ADH_WITH_SEED_SHA 0x0300009B
|
||||
|
||||
/* ECC ciphersuites from draft-ietf-tls-ecc-12.txt with changes soon to be in draft 13 */
|
||||
#define TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA 0x0300C001
|
||||
#define TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA 0x0300C002
|
||||
|
@ -232,7 +294,7 @@ extern "C" {
|
|||
#define TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA "AECDH-AES128-SHA"
|
||||
#define TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA "AECDH-AES256-SHA"
|
||||
|
||||
/* Camellia ciphersuites form RFC4132 */
|
||||
/* Camellia ciphersuites from RFC4132 */
|
||||
#define TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA "CAMELLIA128-SHA"
|
||||
#define TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA "DH-DSS-CAMELLIA128-SHA"
|
||||
#define TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA "DH-RSA-CAMELLIA128-SHA"
|
||||
|
@ -247,6 +309,13 @@ extern "C" {
|
|||
#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA "DHE-RSA-CAMELLIA256-SHA"
|
||||
#define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA "ADH-CAMELLIA256-SHA"
|
||||
|
||||
/* SEED ciphersuites from RFC4162 */
|
||||
#define TLS1_TXT_RSA_WITH_SEED_SHA "SEED-SHA"
|
||||
#define TLS1_TXT_DH_DSS_WITH_SEED_SHA "DH-DSS-SEED-SHA"
|
||||
#define TLS1_TXT_DH_RSA_WITH_SEED_SHA "DH-RSA-SEED-SHA"
|
||||
#define TLS1_TXT_DHE_DSS_WITH_SEED_SHA "DHE-DSS-SEED-SHA"
|
||||
#define TLS1_TXT_DHE_RSA_WITH_SEED_SHA "DHE-RSA-SEED-SHA"
|
||||
#define TLS1_TXT_ADH_WITH_SEED_SHA "ADH-SEED-SHA"
|
||||
|
||||
#define TLS_CT_RSA_SIGN 1
|
||||
#define TLS_CT_DSS_SIGN 2
|
||||
|
|
Loading…
Reference in New Issue