14 deps/openssl/openssl/doc/crypto/RSA_set_method.pod
View file
@@ -125,14 +125,18 @@ the default method is used.
/* sign. For backward compatibility, this is used only
* if (flags & RSA_FLAG_SIGN_VER)
*/
int (*rsa_sign)(int type, unsigned char *m, unsigned int m_len,
unsigned char *sigret, unsigned int *siglen, RSA *rsa);

int (*rsa_sign)(int type,
const unsigned char *m, unsigned int m_length,
unsigned char *sigret, unsigned int *siglen, const RSA *rsa);
/* verify. For backward compatibility, this is used only
* if (flags & RSA_FLAG_SIGN_VER)
*/
int (*rsa_verify)(int type, unsigned char *m, unsigned int m_len,
unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
int (*rsa_verify)(int dtype,
const unsigned char *m, unsigned int m_length,
const unsigned char *sigbuf, unsigned int siglen,
const RSA *rsa);
/* keygen. If NULL builtin RSA key generation will be used */
int (*rsa_keygen)(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);

} RSA_METHOD;

4 deps/openssl/openssl/doc/crypto/RSA_sign.pod
View file
@@ -20,6 +20,10 @@ RSA_sign() signs the message digest B<m> of size B<m_len> using the
private key B<rsa> as specified in PKCS #1 v2.0. It stores the
signature in B<sigret> and the signature size in B<siglen>. B<sigret>
must point to RSA_size(B<rsa>) bytes of memory.
Note that PKCS #1 adds meta-data, placing limits on the size of the
key that can be used.
See L<RSA_private_encrypt(3)|RSA_private_encrypt(3)> for lower-level
operations.

B<type> denotes the message digest algorithm that was used to generate
B<m>. It usually is one of B<NID_sha1>, B<NID_ripemd160> and B<NID_md5>;
7 deps/openssl/openssl/doc/crypto/des.pod
View file
@@ -135,9 +135,8 @@ depend on a global variable.

DES_set_odd_parity() sets the parity of the passed I<key> to odd.

DES_is_weak_key() returns 1 is the passed key is a weak key, 0 if it
is ok. The probability that a randomly generated key is weak is
1/2^52, so it is not really worth checking for them.
DES_is_weak_key() returns 1 if the passed key is a weak key, 0 if it
is ok.

The following routines mostly operate on an input and output stream of
I<DES_cblock>s.
@@ -181,7 +180,7 @@ of 24 bytes. This is much better than CBC DES.

DES_ede3_cbc_encrypt() implements outer triple CBC DES encryption with
three keys. This means that each DES operation inside the CBC mode is
really an C<C=E(ks3,D(ks2,E(ks1,M)))>. This mode is used by SSL.
an C<C=E(ks3,D(ks2,E(ks1,M)))>. This mode is used by SSL.

The DES_ede2_cbc_encrypt() macro implements two-key Triple-DES by
reusing I<ks1> for the final encryption. C<C=E(ks1,D(ks2,E(ks1,M)))>.
1 deps/openssl/openssl/doc/crypto/err.pod
View file
@@ -171,7 +171,6 @@ ERR_get_string_table(void) respectively.

=head1 SEE ALSO

L<CRYPTO_set_id_callback(3)|CRYPTO_set_id_callback(3)>,
L<CRYPTO_set_locking_callback(3)|CRYPTO_set_locking_callback(3)>,
L<ERR_get_error(3)|ERR_get_error(3)>,
L<ERR_GET_LIB(3)|ERR_GET_LIB(3)>,
8 deps/openssl/openssl/doc/crypto/pem.pod
View file
@@ -450,9 +450,9 @@ byte B<salt> encoded as a set of hexadecimal digits.

After this is the base64 encoded encrypted data.

The encryption key is determined using EVP_bytestokey(), using B<salt> and an
The encryption key is determined using EVP_BytesToKey(), using B<salt> and an
iteration count of 1. The IV used is the value of B<salt> and *not* the IV
returned by EVP_bytestokey().
returned by EVP_BytesToKey().

=head1 BUGS

@@ -474,3 +474,7 @@ The read routines return either a pointer to the structure read or NULL
if an error occurred.

The write routines return 1 for success or 0 for failure.

=head1 SEE ALSO

L<EVP_get_cipherbyname(3)|EVP_get_cipherbyname>, L<EVP_BytesToKey(3)|EVP_BytesToKey(3)>
2 deps/openssl/openssl/doc/crypto/ui.pod
View file
@@ -119,7 +119,7 @@ verification will fail.
UI_add_input_boolean() adds a prompt to the UI that's supposed to be answered
in a boolean way, with a single character for yes and a different character
for no. A set of characters that can be used to cancel the prompt is given
as well. The prompt itself is really divided in two, one part being the
as well. The prompt itself is divided in two, one part being the
descriptive text (given through the I<prompt> argument) and one describing
the possible answers (given through the I<action_desc> argument).

15 deps/openssl/openssl/doc/fingerprints.txt
View file
@@ -4,12 +4,11 @@ OpenSSL releases are signed with PGP/GnuPG keys. You can find the
signatures in separate files in the same location you find the
distributions themselves. The normal file name is the same as the
distribution file, with '.asc' added. For example, the signature for
the distribution of OpenSSL 0.9.7f, openssl-0.9.7f.tar.gz, is found in
the file openssl-0.9.7f.tar.gz.asc.
the distribution of OpenSSL 1.0.1h, openssl-1.0.1h.tar.gz, is found in
the file openssl-1.0.1h.tar.gz.asc.

The following is the list of fingerprints for the keys that are
currently in use (have been used since summer 2004) to sign OpenSSL
distributions:
currently in use to sign OpenSSL distributions:

pub 1024D/F709453B 2003-10-20
Key fingerprint = C4CA B749 C34F 7F4C C04F DAC9 A7AF 9E78 F709 453B
@@ -34,10 +33,6 @@ uid Mark Cox <mjc@redhat.com>
uid Mark Cox <mark@awe.com>
uid Mark Cox <mjc@apache.org>

pub 1024R/26BB437D 1997-04-28
Key fingerprint = 00 C9 21 8E D1 AB 70 37 DD 67 A2 3A 0A 6F 8D A5
uid Ralf S. Engelschall <rse@engelschall.com>

pub 1024R/9C58A66D 1997-04-03
Key fingerprint = 13 D0 B8 9D 37 30 C3 ED AC 9C 24 7D 45 8C 17 67
uid jaenicke@openssl.org
@@ -62,3 +57,7 @@ uid Bodo Moeller <3moeller@informatik.uni-hamburg.de>
uid Bodo Moeller <Bodo_Moeller@public.uni-hamburg.de>
uid Bodo Moeller <3moeller@rzdspc5.informatik.uni-hamburg.de>

pub 2048R/0E604491 2013-04-30
Key fingerprint = 8657 ABB2 60F0 56B1 E519 0839 D9C4 D26D 0E60 4491
uid Matt Caswell <frodo@baggins.org>

15 deps/openssl/openssl/doc/ssl/SSL_CIPHER_get_name.pod
View file
@@ -23,8 +23,12 @@ SSL_CIPHER_get_bits() returns the number of secret bits used for B<cipher>. If
B<alg_bits> is not NULL, it contains the number of bits processed by the
chosen algorithm. If B<cipher> is NULL, 0 is returned.

SSL_CIPHER_get_version() returns the protocol version for B<cipher>, currently
"SSLv2", "SSLv3", or "TLSv1". If B<cipher> is NULL, "(NONE)" is returned.
SSL_CIPHER_get_version() returns string which indicates the SSL/TLS protocol
version that first defined the cipher.
This is currently B<SSLv2> or B<TLSv1/SSLv3>.
In some cases it should possibly return "TLSv1.2" but does not;
use SSL_CIPHER_description() instead.
If B<cipher> is NULL, "(NONE)" is returned.

SSL_CIPHER_description() returns a textual description of the cipher used
into the buffer B<buf> of length B<len> provided. B<len> must be at least
@@ -52,7 +56,8 @@ Textual representation of the cipher name.

=item <protocol version>

Protocol version: B<SSLv2>, B<SSLv3>. The TLSv1 ciphers are flagged with SSLv3.
Protocol version: B<SSLv2>, B<SSLv3>, B<TLSv1.2>. The TLSv1.0 ciphers are
flagged with SSLv3. No new ciphers were added by TLSv1.1.

=item Kx=<key exchange>

@@ -91,6 +96,10 @@ Some examples for the output of SSL_CIPHER_description():
RC4-MD5 SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5
EXP-RC4-MD5 SSLv3 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export

A comp[lete list can be retrieved by invoking the following command:

openssl ciphers -v ALL

=head1 BUGS

If SSL_CIPHER_description() is called with B<cipher> being NULL, the
10 deps/openssl/openssl/doc/ssl/SSL_CTX_add_extra_chain_cert.pod
View file
@@ -24,6 +24,16 @@ the library will try to complete the chain from the available CA
certificates in the trusted CA storage, see
L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)>.

The B<x509> certificate provided to SSL_CTX_add_extra_chain_cert() will be freed by the library when the B<SSL_CTX> is destroyed. An application B<should not> free the B<x509> object.

=head1 RESTRICTIONS

Only one set of extra chain certificates can be specified per SSL_CTX
structure. Different chains for different certificates (for example if both
RSA and DSA certificates are specified by the same server) or different SSL
structures with the same parent SSL_CTX cannot be specified using this
function.

=head1 RETURN VALUES

SSL_CTX_add_extra_chain_cert() returns 1 on success. Check out the
2 deps/openssl/openssl/doc/ssl/SSL_CTX_add_session.pod
View file
@@ -41,7 +41,7 @@ If a server SSL_CTX is configured with the SSL_SESS_CACHE_NO_INTERNAL_STORE
flag then the internal cache will not be populated automatically by new
sessions negotiated by the SSL/TLS implementation, even though the internal
cache will be searched automatically for session-resume requests (the
latter can be surpressed by SSL_SESS_CACHE_NO_INTERNAL_LOOKUP). So the
latter can be suppressed by SSL_SESS_CACHE_NO_INTERNAL_LOOKUP). So the
application can use SSL_CTX_add_session() directly to have full control
over the sessions that can be resumed if desired.

34 deps/openssl/openssl/doc/ssl/SSL_CTX_new.pod
View file
@@ -51,22 +51,36 @@ SSLv3 client hello messages.

=item SSLv23_method(void), SSLv23_server_method(void), SSLv23_client_method(void)

A TLS/SSL connection established with these methods will understand the SSLv2,
SSLv3, and TLSv1 protocol. A client will send out SSLv2 client hello messages
and will indicate that it also understands SSLv3 and TLSv1. A server will
understand SSLv2, SSLv3, and TLSv1 client hello messages. This is the best
choice when compatibility is a concern.
A TLS/SSL connection established with these methods may understand the SSLv2,
SSLv3, TLSv1, TLSv1.1 and TLSv1.2 protocols.

If the cipher list does not contain any SSLv2 ciphersuites (the default
cipher list does not) or extensions are required (for example server name)
a client will send out TLSv1 client hello messages including extensions and
will indicate that it also understands TLSv1.1, TLSv1.2 and permits a
fallback to SSLv3. A server will support SSLv3, TLSv1, TLSv1.1 and TLSv1.2
protocols. This is the best choice when compatibility is a concern.

If any SSLv2 ciphersuites are included in the cipher list and no extensions
are required then SSLv2 compatible client hellos will be used by clients and
SSLv2 will be accepted by servers. This is B<not> recommended due to the
insecurity of SSLv2 and the limited nature of the SSLv2 client hello
prohibiting the use of extensions.

=back

The list of protocols available can later be limited using the SSL_OP_NO_SSLv2,
SSL_OP_NO_SSLv3, SSL_OP_NO_TLSv1 options of the B<SSL_CTX_set_options()> or
B<SSL_set_options()> functions. Using these options it is possible to choose
e.g. SSLv23_server_method() and be able to negotiate with all possible
clients, but to only allow newer protocols like SSLv3 or TLSv1.
SSL_OP_NO_SSLv3, SSL_OP_NO_TLSv1, SSL_OP_NO_TLSv1_1 and SSL_OP_NO_TLSv1_2
options of the SSL_CTX_set_options() or SSL_set_options() functions.
Using these options it is possible to choose e.g. SSLv23_server_method() and
be able to negotiate with all possible clients, but to only allow newer
protocols like TLSv1, TLSv1.1 or TLS v1.2.

Applications which never want to support SSLv2 (even is the cipher string
is configured to use SSLv2 ciphersuites) can set SSL_OP_NO_SSLv2.

SSL_CTX_new() initializes the list of ciphers, the session cache setting,
the callbacks, the keys and certificates, and the options to its default
the callbacks, the keys and certificates and the options to its default
values.

=head1 RETURN VALUES
4 deps/openssl/openssl/doc/ssl/SSL_CTX_set_cipher_list.pod
View file
@@ -54,6 +54,10 @@ of 512 bits and the server is not configured to use temporary RSA
keys), the "no shared cipher" (SSL_R_NO_SHARED_CIPHER) error is generated
and the handshake will fail.

If the cipher list does not contain any SSLv2 cipher suites (this is the
default) then SSLv2 is effectively disabled and neither clients nor servers
will attempt to use SSLv2.

=head1 RETURN VALUES

SSL_CTX_set_cipher_list() and SSL_set_cipher_list() return 1 if any cipher
2 deps/openssl/openssl/doc/ssl/SSL_CTX_set_client_CA_list.pod
View file
@@ -35,7 +35,7 @@ the chosen B<ssl>, overriding the setting valid for B<ssl>'s SSL_CTX object.
=head1 NOTES

When a TLS/SSL server requests a client certificate (see
B<SSL_CTX_set_verify_options()>), it sends a list of CAs, for which
B<SSL_CTX_set_verify(3)>), it sends a list of CAs, for which
it will accept certificates, to the client.

This list must explicitly be set using SSL_CTX_set_client_CA_list() for
2 deps/openssl/openssl/doc/ssl/SSL_CTX_set_client_cert_cb.pod
View file
@@ -29,7 +29,7 @@ using the B<x509> and B<pkey> arguments and "1" must be returned. The
certificate will be installed into B<ssl>, see the NOTES and BUGS sections.
If no certificate should be set, "0" has to be returned and no certificate
will be sent. A negative return value will suspend the handshake and the
handshake function will return immediatly. L<SSL_get_error(3)|SSL_get_error(3)>
handshake function will return immediately. L<SSL_get_error(3)|SSL_get_error(3)>
will return SSL_ERROR_WANT_X509_LOOKUP to indicate, that the handshake was
suspended. The next call to the handshake function will again lead to the call
of client_cert_cb(). It is the job of the client_cert_cb() to store information
2 deps/openssl/openssl/doc/ssl/SSL_CTX_set_options.pod
View file
@@ -256,7 +256,7 @@ Connections and renegotiation are always permitted by OpenSSL implementations.

=head2 Unpatched client and patched OpenSSL server

The initial connection suceeds but client renegotiation is denied by the
The initial connection succeeds but client renegotiation is denied by the
server with a B<no_renegotiation> warning alert if TLS v1.0 is used or a fatal
B<handshake_failure> alert in SSL v3.0.

195 deps/openssl/openssl/doc/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod
View file
@@ -0,0 +1,195 @@
=pod

=head1 NAME

SSL_CTX_set_tlsext_ticket_key_cb - set a callback for session ticket processing

=head1 SYNOPSIS

#include <openssl/tls1.h>

long SSL_CTX_set_tlsext_ticket_key_cb(SSL_CTX sslctx,
int (*cb)(SSL *s, unsigned char key_name[16],
unsigned char iv[EVP_MAX_IV_LENGTH],
EVP_CIPHER_CTX *ctx, HMAC_CTX *hctx, int enc));

=head1 DESCRIPTION

SSL_CTX_set_tlsext_ticket_key_cb() sets a callback fuction I<cb> for handling
session tickets for the ssl context I<sslctx>. Session tickets, defined in
RFC5077 provide an enhanced session resumption capability where the server
implementation is not required to maintain per session state. It only applies
to TLS and there is no SSLv3 implementation.

The callback is available when the OpenSSL library was built without
I<OPENSSL_NO_TLSEXT> being defined.

The callback function I<cb> will be called for every client instigated TLS
session when session ticket extension is presented in the TLS hello
message. It is the responsibility of this function to create or retrieve the
cryptographic parameters and to maintain their state.

The OpenSSL library uses your callback function to help implement a common TLS
ticket construction state according to RFC5077 Section 4 such that per session
state is unnecessary and a small set of cryptographic variables needs to be
maintained by the callback function implementation.

In order to reuse a session, a TLS client must send the a session ticket
extension to the server. The client can only send exactly one session ticket.
The server, through the callback function, either agrees to reuse the session
ticket information or it starts a full TLS handshake to create a new session
ticket.

Before the callback function is started I<ctx> and I<hctx> have been
initialised with EVP_CIPHER_CTX_init and HMAC_CTX_init respectively.

For new sessions tickets, when the client doesn't present a session ticket, or
an attempted retreival of the ticket failed, or a renew option was indicated,
the callback function will be called with I<enc> equal to 1. The OpenSSL
library expects that the function will set an arbitary I<name>, initialize
I<iv>, and set the cipher context I<ctx> and the hash context I<hctx>.

The I<name> is 16 characters long and is used as a key identifier.

The I<iv> length is the length of the IV of the corresponding cipher. The
maximum IV length is L<EVP_MAX_IV_LENGTH> bytes defined in B<evp.h>.

The initialization vector I<iv> should be a random value. The cipher context
I<ctx> should use the initialisation vector I<iv>. The cipher context can be
set using L<EVP_EncryptInit_ex>. The hmac context can be set using L<HMAC_Init_ex>.

When the client presents a session ticket, the callback function with be called
with I<enc> set to 0 indicating that the I<cb> function should retreive a set
of parameters. In this case I<name> and I<iv> have already been parsed out of
the session ticket. The OpenSSL library expects that the I<name> will be used
to retrieve a cryptographic parameters and that the cryptographic context
I<ctx> will be set with the retreived parameters and the initialization vector
I<iv>. using a function like L<EVP_DecryptInit_ex>. The I<hctx> needs to be set
using L<HMAC_Init_ex>.

If the I<name> is still valid but a renewal of the ticket is required the
callback function should return 2. The library will call the callback again
with an arguement of enc equal to 1 to set the new ticket.

The return value of the I<cb> function is used by OpenSSL to determine what
further processing will occur. The following return values have meaning:

=over 4

=item Z<>2

This indicates that the I<ctx> and I<hctx> have been set and the session can
continue on those parameters. Additionally it indicates that the session
ticket is in a renewal period and should be replaced. The OpenSSL library will
call I<cb> again with an enc argument of 1 to set the new ticket (see RFC5077
3.3 paragraph 2).

=item Z<>1

This indicates that the I<ctx> and I<hctx> have been set and the session can
continue on those parameters.

=item Z<>0

This indicates that it was not possible to set/retrieve a session ticket and
the SSL/TLS session will continue by by negiotationing a set of cryptographic
parameters or using the alternate SSL/TLS resumption mechanism, session ids.

If called with enc equal to 0 the library will call the I<cb> again to get
a new set of parameters.

=item less than 0

This indicates an error.

=back

=head1 NOTES

Session resumption shortcuts the TLS so that the client certificate
negiotation don't occur. It makes up for this by storing client certificate
an all other negotiated state information encrypted within the ticket. In a
resumed session the applications will have all this state information available
exactly as if a full negiotation had occured.

If an attacker can obtain the key used to encrypt a session ticket, they can
obtain the master secret for any ticket using that key and decrypt any traffic
using that session: even if the ciphersuite supports forward secrecy. As
a result applications may wish to use multiple keys and avoid using long term
keys stored in files.

Applications can use longer keys to maintain a consistent level of security.
For example if a ciphersuite uses 256 bit ciphers but only a 128 bit ticket key
the overall security is only 128 bits because breaking the ticket key will
enable an attacker to obtain the session keys.

=head1 EXAMPLES

Reference Implemention:
SSL_CTX_set_tlsext_ticket_key_cb(SSL,ssl_tlsext_ticket_key_cb);
....

static int ssl_tlsext_ticket_key_cb(SSL *s, unsigned char key_name[16], unsigned char *iv, EVP_CIPHER_CTX *ctx, HMAC_CTX *hctx, int enc)
{
if (enc) { /* create new session */
if (RAND_bytes(iv, EVP_MAX_IV_LENGTH) ) {
return -1; /* insufficient random */
}

key = currentkey(); /* something that you need to implement */
if ( !key ) {
/* current key doesn't exist or isn't valid */
key = createkey(); /* something that you need to implement.
* createkey needs to initialise, a name,
* an aes_key, a hmac_key and optionally
* an expire time. */
if ( !key ) { /* key couldn't be created */
return 0;
}
}
memcpy(key_name, key->name, 16);

EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key->aes_key, iv);
HMAC_Init_ex(&hctx, key->hmac_key, 16, EVP_sha256(), NULL);

return 1;

} else { /* retrieve session */
key = findkey(name);

if (!key || key->expire < now() ) {
return 0;
}

HMAC_Init_ex(&hctx, key->hmac_key, 16, EVP_sha256(), NULL);
EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key->aes_key, iv );

if (key->expire < ( now() - RENEW_TIME ) ) {
/* return 2 - this session will get a new ticket even though the current is still valid */
return 2;
}
return 1;

}
}



=head1 RETURN VALUES

returns 0 to indicate the callback function was set.

=head1 SEE ALSO

L<ssl(3)|ssl(3)>, L<SSL_set_session(3)|SSL_set_session(3)>,
L<SSL_session_reused(3)|SSL_session_reused(3)>,
L<SSL_CTX_add_session(3)|SSL_CTX_add_session(3)>,
L<SSL_CTX_sess_number(3)|SSL_CTX_sess_number(3)>,
L<SSL_CTX_sess_set_get_cb(3)|SSL_CTX_sess_set_get_cb(3)>,
L<SSL_CTX_set_session_id_context(3)|SSL_CTX_set_session_id_context(3)>,

=head1 HISTORY

This function was introduced in OpenSSL 0.9.8h

=cut
6 deps/openssl/openssl/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod
View file
@@ -12,12 +12,10 @@ SSL_CTX_set_tmp_dh_callback, SSL_CTX_set_tmp_dh, SSL_set_tmp_dh_callback, SSL_se
DH *(*tmp_dh_callback)(SSL *ssl, int is_export, int keylength));
long SSL_CTX_set_tmp_dh(SSL_CTX *ctx, DH *dh);

void SSL_set_tmp_dh_callback(SSL_CTX *ctx,
void SSL_set_tmp_dh_callback(SSL *ctx,
DH *(*tmp_dh_callback)(SSL *ssl, int is_export, int keylength));
long SSL_set_tmp_dh(SSL *ssl, DH *dh)

DH *(*tmp_dh_callback)(SSL *ssl, int is_export, int keylength));

=head1 DESCRIPTION

SSL_CTX_set_tmp_dh_callback() sets the callback function for B<ctx> to be
@@ -81,7 +79,7 @@ instead (see L<dhparam(1)|dhparam(1)>), but in this case SSL_OP_SINGLE_DH_USE
is mandatory.

Application authors may compile in DH parameters. Files dh512.pem,
dh1024.pem, dh2048.pem, and dh4096 in the 'apps' directory of current
dh1024.pem, dh2048.pem, and dh4096.pem in the 'apps' directory of current
version of the OpenSSL distribution contain the 'SKIP' DH parameters,
which use safe primes and were generated verifiably pseudo-randomly.
These files can be converted into C code using the B<-C> option of the
4 deps/openssl/openssl/doc/ssl/SSL_CTX_set_verify.pod
View file
@@ -109,8 +109,8 @@ certificates would not be present, most likely a
X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY will be issued.
The depth count is "level 0:peer certificate", "level 1: CA certificate",
"level 2: higher level CA certificate", and so on. Setting the maximum
depth to 2 allows the levels 0, 1, and 2. The default depth limit is 9,
allowing for the peer certificate and additional 9 CA certificates.
depth to 2 allows the levels 0, 1, and 2. The default depth limit is 100,
allowing for the peer certificate and additional 100 CA certificates.

The B<verify_callback> function is used to control the behaviour when the
SSL_VERIFY_PEER flag is set. It must be supplied by the application and
14 deps/openssl/openssl/doc/ssl/SSL_get_version.pod
View file
@@ -12,12 +12,12 @@ SSL_get_version - get the protocol version of a connection.

=head1 DESCRIPTION

SSL_get_cipher_version() returns the name of the protocol used for the
SSL_get_version() returns the name of the protocol used for the
connection B<ssl>.

=head1 RETURN VALUES

The following strings can occur:
The following strings can be returned:

=over 4

@@ -31,7 +31,15 @@ The connection uses the SSLv3 protocol.

=item TLSv1

The connection uses the TLSv1 protocol.
The connection uses the TLSv1.0 protocol.

=item TLSv1.1

The connection uses the TLSv1.1 protocol.

=item TLSv1.2

The connection uses the TLSv1.2 protocol.

=item unknown

10 deps/openssl/openssl/doc/ssl/d2i_SSL_SESSION.pod
View file
@@ -48,6 +48,16 @@ known limit on the size of the created ASN1 representation, so the necessary
amount of space should be obtained by first calling i2d_SSL_SESSION() with
B<pp=NULL>, and obtain the size needed, then allocate the memory and
call i2d_SSL_SESSION() again.
Note that this will advance the value contained in B<*pp> so it is necessary
to save a copy of the original allocation.
For example:
int i,j;
char *p, *temp;
i = i2d_SSL_SESSION(sess, NULL);
p = temp = malloc(i);
j = i2d_SSL_SESSION(sess, &temp);
assert(i == j);
assert(p+i == temp);

=head1 RETURN VALUES

2 deps/openssl/openssl/openssl.spec
View file
@@ -7,7 +7,7 @@ Release: 1
Summary: Secure Sockets Layer and cryptography libraries and tools
Name: openssl
#Version: %{libmaj}.%{libmin}.%{librel}
Version: 1.0.1h
Version: 1.0.1i
Source0: ftp://ftp.openssl.org/source/%{name}-%{version}.tar.gz
License: OpenSSL
Group: System Environment/Libraries
24 deps/openssl/openssl/ssl/Makefile
View file
@@ -30,7 +30,7 @@ LIBSRC= \
ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c \
ssl_ciph.c ssl_stat.c ssl_rsa.c \
ssl_asn1.c ssl_txt.c ssl_algs.c \
bio_ssl.c ssl_err.c kssl.c tls_srp.c t1_reneg.c
bio_ssl.c ssl_err.c kssl.c tls_srp.c t1_reneg.c ssl_utst.c
LIBOBJ= \
s2_meth.o s2_srvr.o s2_clnt.o s2_lib.o s2_enc.o s2_pkt.o \
s3_meth.o s3_srvr.o s3_clnt.o s3_lib.o s3_enc.o s3_pkt.o s3_both.o s3_cbc.o \
@@ -41,7 +41,7 @@ LIBOBJ= \
ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o \
ssl_ciph.o ssl_stat.o ssl_rsa.o \
ssl_asn1.o ssl_txt.o ssl_algs.o \
bio_ssl.o ssl_err.o kssl.o tls_srp.o t1_reneg.o
bio_ssl.o ssl_err.o kssl.o tls_srp.o t1_reneg.o ssl_utst.o

SRC= $(LIBSRC)

@@ -915,6 +915,26 @@ ssl_txt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
ssl_txt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
ssl_txt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
ssl_txt.o: ssl_txt.c
ssl_utst.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
ssl_utst.o: ../include/openssl/buffer.h ../include/openssl/comp.h
ssl_utst.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
ssl_utst.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
ssl_utst.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
ssl_utst.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
ssl_utst.o: ../include/openssl/evp.h ../include/openssl/hmac.h
ssl_utst.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
ssl_utst.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
ssl_utst.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
ssl_utst.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
ssl_utst.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
ssl_utst.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
ssl_utst.o: ../include/openssl/safestack.h ../include/openssl/sha.h
ssl_utst.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
ssl_utst.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
ssl_utst.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
ssl_utst.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
ssl_utst.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
ssl_utst.o: ssl_utst.c
t1_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
t1_clnt.o: ../include/openssl/buffer.h ../include/openssl/comp.h
t1_clnt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
82 deps/openssl/openssl/ssl/d1_both.c
View file
@@ -587,29 +587,32 @@ dtls1_retrieve_buffered_fragment(SSL *s, long max, int *ok)
return 0;
}

/* dtls1_max_handshake_message_len returns the maximum number of bytes
* permitted in a DTLS handshake message for |s|. The minimum is 16KB, but may
* be greater if the maximum certificate list size requires it. */
static unsigned long dtls1_max_handshake_message_len(const SSL *s)
{
unsigned long max_len = DTLS1_HM_HEADER_LENGTH + SSL3_RT_MAX_ENCRYPTED_LENGTH;
if (max_len < (unsigned long)s->max_cert_list)
return s->max_cert_list;
return max_len;
}

static int
dtls1_reassemble_fragment(SSL *s, struct hm_header_st* msg_hdr, int *ok)
dtls1_reassemble_fragment(SSL *s, const struct hm_header_st* msg_hdr, int *ok)
{
hm_fragment *frag = NULL;
pitem *item = NULL;
int i = -1, is_complete;
unsigned char seq64be[8];
unsigned long frag_len = msg_hdr->frag_len, max_len;
unsigned long frag_len = msg_hdr->frag_len;

if ((msg_hdr->frag_off+frag_len) > msg_hdr->msg_len)
if ((msg_hdr->frag_off+frag_len) > msg_hdr->msg_len ||
msg_hdr->msg_len > dtls1_max_handshake_message_len(s))
goto err;

/* Determine maximum allowed message size. Depends on (user set)
* maximum certificate length, but 16k is minimum.
*/
if (DTLS1_HM_HEADER_LENGTH + SSL3_RT_MAX_ENCRYPTED_LENGTH < s->max_cert_list)
max_len = s->max_cert_list;
else
max_len = DTLS1_HM_HEADER_LENGTH + SSL3_RT_MAX_ENCRYPTED_LENGTH;

if ((msg_hdr->frag_off+frag_len) > max_len)
goto err;
if (frag_len == 0)
return DTLS1_HM_FRAGMENT_RETRY;

/* Try to find item in queue */
memset(seq64be,0,sizeof(seq64be));
@@ -639,7 +642,8 @@ dtls1_reassemble_fragment(SSL *s, struct hm_header_st* msg_hdr, int *ok)


/* If message is already reassembled, this must be a
* retransmit and can be dropped.
* retransmit and can be dropped. In this case item != NULL and so frag
* does not need to be freed.
*/
if (frag->reassembly == NULL)
{
@@ -659,7 +663,9 @@ dtls1_reassemble_fragment(SSL *s, struct hm_header_st* msg_hdr, int *ok)
/* read the body of the fragment (header has already been read */
i = s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE,
frag->fragment + msg_hdr->frag_off,frag_len,0);
if (i<=0 || (unsigned long)i!=frag_len)
if ((unsigned long)i!=frag_len)
i=-1;
if (i<=0)
goto err;

RSMBLY_BITMASK_MARK(frag->reassembly, (long)msg_hdr->frag_off,
@@ -676,32 +682,32 @@ dtls1_reassemble_fragment(SSL *s, struct hm_header_st* msg_hdr, int *ok)

if (item == NULL)
{
memset(seq64be,0,sizeof(seq64be));
seq64be[6] = (unsigned char)(msg_hdr->seq>>8);
seq64be[7] = (unsigned char)(msg_hdr->seq);

item = pitem_new(seq64be, frag);
if (item == NULL)
{
i = -1;
goto err;
}

pqueue_insert(s->d1->buffered_messages, item);
item = pqueue_insert(s->d1->buffered_messages, item);
/* pqueue_insert fails iff a duplicate item is inserted.
* However, |item| cannot be a duplicate. If it were,
* |pqueue_find|, above, would have returned it and control
* would never have reached this branch. */
OPENSSL_assert(item != NULL);
}

return DTLS1_HM_FRAGMENT_RETRY;

err:
if (frag != NULL) dtls1_hm_fragment_free(frag);
if (item != NULL) OPENSSL_free(item);
if (frag != NULL && item == NULL) dtls1_hm_fragment_free(frag);
*ok = 0;
return i;
}


static int
dtls1_process_out_of_seq_message(SSL *s, struct hm_header_st* msg_hdr, int *ok)
dtls1_process_out_of_seq_message(SSL *s, const struct hm_header_st* msg_hdr, int *ok)
{
int i=-1;
hm_fragment *frag = NULL;
@@ -721,7 +727,7 @@ dtls1_process_out_of_seq_message(SSL *s, struct hm_header_st* msg_hdr, int *ok)
/* If we already have an entry and this one is a fragment,
* don't discard it and rather try to reassemble it.
*/
if (item != NULL && frag_len < msg_hdr->msg_len)
if (item != NULL && frag_len != msg_hdr->msg_len)
item = NULL;

/* Discard the message if sequence number was already there, is
@@ -746,9 +752,12 @@ dtls1_process_out_of_seq_message(SSL *s, struct hm_header_st* msg_hdr, int *ok)
}
else
{
if (frag_len && frag_len < msg_hdr->msg_len)
if (frag_len != msg_hdr->msg_len)
return dtls1_reassemble_fragment(s, msg_hdr, ok);

if (frag_len > dtls1_max_handshake_message_len(s))
goto err;

frag = dtls1_hm_fragment_new(frag_len, 0);
if ( frag == NULL)
goto err;
@@ -760,26 +769,31 @@ dtls1_process_out_of_seq_message(SSL *s, struct hm_header_st* msg_hdr, int *ok)
/* read the body of the fragment (header has already been read */
i = s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE,
frag->fragment,frag_len,0);
if (i<=0 || (unsigned long)i!=frag_len)
if ((unsigned long)i!=frag_len)
i = -1;
if (i<=0)
goto err;
}

memset(seq64be,0,sizeof(seq64be));
seq64be[6] = (unsigned char)(msg_hdr->seq>>8);
seq64be[7] = (unsigned char)(msg_hdr->seq);

item = pitem_new(seq64be, frag);
if ( item == NULL)
goto err;

pqueue_insert(s->d1->buffered_messages, item);
item = pqueue_insert(s->d1->buffered_messages, item);
/* pqueue_insert fails iff a duplicate item is inserted.
* However, |item| cannot be a duplicate. If it were,
* |pqueue_find|, above, would have returned it. Then, either
* |frag_len| != |msg_hdr->msg_len| in which case |item| is set
* to NULL and it will have been processed with
* |dtls1_reassemble_fragment|, above, or the record will have
* been discarded. */
OPENSSL_assert(item != NULL);
}

return DTLS1_HM_FRAGMENT_RETRY;

err:
if ( frag != NULL) dtls1_hm_fragment_free(frag);
if ( item != NULL) OPENSSL_free(item);
if (frag != NULL && item == NULL) dtls1_hm_fragment_free(frag);
*ok = 0;
return i;
}
@@ -1180,6 +1194,8 @@ dtls1_buffer_message(SSL *s, int is_ccs)
OPENSSL_assert(s->init_off == 0);

frag = dtls1_hm_fragment_new(s->init_num, 0);
if (!frag)
return 0;

memcpy(frag->fragment, s->init_buf->data, s->init_num);

31 deps/openssl/openssl/ssl/d1_clnt.c
View file
@@ -876,12 +876,18 @@ int dtls1_client_hello(SSL *s)
*(p++)=0; /* Add the NULL method */

#ifndef OPENSSL_NO_TLSEXT
/* TLS extensions*/
if (ssl_prepare_clienthello_tlsext(s) <= 0)
{
SSLerr(SSL_F_DTLS1_CLIENT_HELLO,SSL_R_CLIENTHELLO_TLSEXT);
goto err;
}
if ((p = ssl_add_clienthello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH)) == NULL)
{
SSLerr(SSL_F_DTLS1_CLIENT_HELLO,ERR_R_INTERNAL_ERROR);
goto err;
}
#endif
#endif

l=(p-d);
d=buf;
@@ -990,6 +996,13 @@ int dtls1_send_client_key_exchange(SSL *s)
RSA *rsa;
unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];

if (s->session->sess_cert == NULL)
{
/* We should always have a server certificate with SSL_kRSA. */
SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
goto err;
}

if (s->session->sess_cert->peer_rsa_tmp != NULL)
rsa=s->session->sess_cert->peer_rsa_tmp;
else
@@ -1180,6 +1193,13 @@ int dtls1_send_client_key_exchange(SSL *s)
{
DH *dh_srvr,*dh_clnt;

if (s->session->sess_cert == NULL)
{
ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE);
SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNEXPECTED_MESSAGE);
goto err;
}

if (s->session->sess_cert->peer_dh_tmp != NULL)
dh_srvr=s->session->sess_cert->peer_dh_tmp;
else
@@ -1239,6 +1259,13 @@ int dtls1_send_client_key_exchange(SSL *s)
int ecdh_clnt_cert = 0;
int field_size = 0;

if (s->session->sess_cert == NULL)
{
ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE);
SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNEXPECTED_MESSAGE);
goto err;
}

/* Did we send out the client's
* ECDH share for use in premaster
* computation as part of client certificate?
@@ -1714,5 +1741,3 @@ int dtls1_send_client_certificate(SSL *s)
/* SSL3_ST_CW_CERT_D */
return(dtls1_do_write(s,SSL3_RT_HANDSHAKE));
}


14 deps/openssl/openssl/ssl/d1_srvr.c
View file
@@ -598,10 +598,11 @@ int dtls1_accept(SSL *s)
s->state = SSL3_ST_SR_CLNT_HELLO_C;
}
else {
/* could be sent for a DH cert, even if we
* have not asked for it :-) */
ret=ssl3_get_client_certificate(s);
if (ret <= 0) goto end;
if (s->s3->tmp.cert_request)
{
ret=ssl3_get_client_certificate(s);
if (ret <= 0) goto end;
}
s->init_num=0;
s->state=SSL3_ST_SR_KEY_EXCH_A;
}
@@ -980,6 +981,11 @@ int dtls1_send_server_hello(SSL *s)
#endif

#ifndef OPENSSL_NO_TLSEXT
if (ssl_prepare_serverhello_tlsext(s) <= 0)
{
SSLerr(SSL_F_DTLS1_SEND_SERVER_HELLO,SSL_R_SERVERHELLO_TLSEXT);
return -1;
}
if ((p = ssl_add_serverhello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH)) == NULL)
{
SSLerr(SSL_F_DTLS1_SEND_SERVER_HELLO,ERR_R_INTERNAL_ERROR);
13 deps/openssl/openssl/ssl/heartbeat_test.c
View file
@@ -38,13 +38,17 @@
* http://mike-bland.com/tags/heartbleed.html
*/

#define OPENSSL_UNIT_TEST

#include "../test/testutil.h"

#include "../ssl/ssl_locl.h"
#include <ctype.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>

#if !defined(OPENSSL_NO_HEARTBEATS) && !defined(OPENSSL_SYS_WINDOWS)
#if !defined(OPENSSL_NO_HEARTBEATS) && !defined(OPENSSL_NO_UNIT_TEST)

/* As per https://tools.ietf.org/html/rfc6520#section-4 */
#define MIN_PADDING_SIZE 16
@@ -263,13 +267,10 @@ static int honest_payload_size(unsigned char payload_buf[])
}

#define SETUP_HEARTBEAT_TEST_FIXTURE(type)\
HEARTBEAT_TEST_FIXTURE fixture = set_up_##type(__func__);\
int result = 0
SETUP_TEST_FIXTURE(HEARTBEAT_TEST_FIXTURE, set_up_##type)

#define EXECUTE_HEARTBEAT_TEST()\
if (execute_heartbeat(fixture) != 0) result = 1;\
tear_down(fixture);\
return result
EXECUTE_TEST(execute_heartbeat, tear_down)

static int test_dtls1_not_bleeding()
{
7 deps/openssl/openssl/ssl/s23_lib.c
View file
@@ -107,6 +107,13 @@ int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
long l;

/* We can write SSLv2 and SSLv3 ciphers */
/* but no ECC ciphers */
if (c->algorithm_mkey == SSL_kECDHr ||
c->algorithm_mkey == SSL_kECDHe ||
c->algorithm_mkey == SSL_kEECDH ||
c->algorithm_auth == SSL_aECDH ||
c->algorithm_auth == SSL_aECDSA)
return 0;
if (p != NULL)
{
l=c->id;
30 deps/openssl/openssl/ssl/s23_srvr.c
View file
@@ -348,23 +348,19 @@ int ssl23_get_client_hello(SSL *s)
* Client Hello message, this would be difficult, and we'd have
* to read more records to find out.
* No known SSL 3.0 client fragments ClientHello like this,
* so we simply assume TLS 1.0 to avoid protocol version downgrade
* attacks. */
* so we simply reject such connections to avoid
* protocol version downgrade attacks. */
if (p[3] == 0 && p[4] < 6)
{
#if 0
SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_SMALL);
goto err;
#else
v[1] = TLS1_VERSION_MINOR;
#endif
}
/* if major version number > 3 set minor to a value
* which will use the highest version 3 we support.
* If TLS 2.0 ever appears we will need to revise
* this....
*/
else if (p[9] > SSL3_VERSION_MAJOR)
if (p[9] > SSL3_VERSION_MAJOR)
v[1]=0xff;
else
v[1]=p[10]; /* minor version according to client_version */
@@ -444,14 +440,34 @@ int ssl23_get_client_hello(SSL *s)
v[0] = p[3]; /* == SSL3_VERSION_MAJOR */
v[1] = p[4];

/* An SSLv3/TLSv1 backwards-compatible CLIENT-HELLO in an SSLv2
* header is sent directly on the wire, not wrapped as a TLS
* record. It's format is:
* Byte Content
* 0-1 msg_length
* 2 msg_type
* 3-4 version
* 5-6 cipher_spec_length
* 7-8 session_id_length
* 9-10 challenge_length
* ... ...
*/
n=((p[0]&0x7f)<<8)|p[1];
if (n > (1024*4))
{
SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_LARGE);
goto err;
}
if (n < 9)
{
SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_LENGTH_MISMATCH);
goto err;
}

j=ssl23_read_bytes(s,n+2);
/* We previously read 11 bytes, so if j > 0, we must have
* j == n+2 == s->packet_length. We have at least 11 valid
* packet bytes. */
if (j <= 0) return(j);

ssl3_finish_mac(s, s->packet+2, s->packet_length-2);
2 deps/openssl/openssl/ssl/s2_lib.c
View file
@@ -250,7 +250,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[]={
SSL_SSLV2,
SSL_NOT_EXP|SSL_HIGH,
0,
168,
112,
168,
},

24 deps/openssl/openssl/ssl/s3_clnt.c
View file
@@ -510,6 +510,7 @@ int ssl3_connect(SSL *s)
s->method->ssl3_enc->client_finished_label,
s->method->ssl3_enc->client_finished_label_len);
if (ret <= 0) goto end;
s->s3->flags |= SSL3_FLAGS_CCS_OK;
s->state=SSL3_ST_CW_FLUSH;

/* clear flags */
@@ -901,6 +902,7 @@ int ssl3_get_server_hello(SSL *s)
{
s->session->cipher = pref_cipher ?
pref_cipher : ssl_get_cipher_by_char(s, p+j);
s->s3->flags |= SSL3_FLAGS_CCS_OK;
}
}
#endif /* OPENSSL_NO_TLSEXT */
@@ -952,6 +954,15 @@ int ssl3_get_server_hello(SSL *s)
SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_WRONG_CIPHER_RETURNED);
goto f_err;
}
#ifndef OPENSSL_NO_SRP
if (((c->algorithm_mkey & SSL_kSRP) || (c->algorithm_auth & SSL_aSRP)) &&
!(s->srp_ctx.srp_Mask & SSL_kSRP))
{
al=SSL_AD_ILLEGAL_PARAMETER;
SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_WRONG_CIPHER_RETURNED);
goto f_err;
}
#endif /* OPENSSL_NO_SRP */
p+=ssl_put_cipher_by_char(s,NULL,NULL);

sk=ssl_get_ciphers_by_id(s);
@@ -1458,6 +1469,12 @@ int ssl3_get_key_exchange(SSL *s)
p+=i;
n-=param_len;

if (!srp_verify_server_param(s, &al))
{
SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SRP_PARAMETERS);
goto f_err;
}

/* We must check if there is a certificate */
#ifndef OPENSSL_NO_RSA
if (alg_a & SSL_aRSA)
@@ -2251,6 +2268,13 @@ int ssl3_send_client_key_exchange(SSL *s)
RSA *rsa;
unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];

if (s->session->sess_cert == NULL)
{
/* We should always have a server certificate with SSL_kRSA. */
SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
goto err;
}

if (s->session->sess_cert->peer_rsa_tmp != NULL)
rsa=s->session->sess_cert->peer_rsa_tmp;
else
12 deps/openssl/openssl/ssl/s3_enc.c
View file
@@ -642,10 +642,18 @@ int ssl3_cert_verify_mac(SSL *s, int md_nid, unsigned char *p)
int ssl3_final_finish_mac(SSL *s,
const char *sender, int len, unsigned char *p)
{
int ret;
int ret, sha1len;
ret=ssl3_handshake_mac(s,NID_md5,sender,len,p);
if(ret == 0)
return 0;

p+=ret;
ret+=ssl3_handshake_mac(s,NID_sha1,sender,len,p);

sha1len=ssl3_handshake_mac(s,NID_sha1,sender,len,p);
if(sha1len == 0)
return 0;

ret+=sha1len;
return(ret);
}
static int ssl3_handshake_mac(SSL *s, int md_nid,
40 deps/openssl/openssl/ssl/s3_lib.c
View file
@@ -328,7 +328,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_SSLV3,
SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
168,
112,
168,
},

@@ -377,7 +377,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_SSLV3,
SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
168,
112,
168,
},

@@ -425,7 +425,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_SSLV3,
SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
168,
112,
168,
},

@@ -474,7 +474,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_SSLV3,
SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
168,
112,
168,
},

@@ -522,7 +522,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_SSLV3,
SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
168,
112,
168,
},

@@ -602,7 +602,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_SSLV3,
SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
168,
112,
168,
},

@@ -687,7 +687,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_SSLV3,
SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
168,
112,
168,
},

@@ -751,7 +751,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_SSLV3,
SSL_NOT_EXP|SSL_HIGH,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
168,
112,
168,
},

@@ -1685,7 +1685,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
168,
112,
168,
},

@@ -2062,7 +2062,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
168,
112,
168,
},

@@ -2142,7 +2142,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
168,
112,
168,
},

@@ -2222,7 +2222,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
168,
112,
168,
},

@@ -2302,7 +2302,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
168,
112,
168,
},

@@ -2382,7 +2382,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
168,
112,
168,
},

@@ -2426,13 +2426,13 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
SSL_kSRP,
SSL_aNULL,
SSL_aSRP,
SSL_3DES,
SSL_SHA1,
SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
168,
112,
168,
},

@@ -2448,7 +2448,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
168,
112,
168,
},

@@ -2464,7 +2464,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
168,
112,
168,
},

@@ -2474,7 +2474,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA,
TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA,
SSL_kSRP,
SSL_aNULL,
SSL_aSRP,
SSL_AES128,
SSL_SHA1,
SSL_TLSV1,
@@ -2522,7 +2522,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA,
TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA,
SSL_kSRP,
SSL_aNULL,
SSL_aSRP,
SSL_AES256,
SSL_SHA1,
SSL_TLSV1,
2 deps/openssl/openssl/ssl/s3_pkt.c
View file
@@ -968,7 +968,7 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
if (!ssl3_setup_read_buffer(s))
return(-1);

if ((type && (type != SSL3_RT_APPLICATION_DATA) && (type != SSL3_RT_HANDSHAKE) && type) ||
if ((type && (type != SSL3_RT_APPLICATION_DATA) && (type != SSL3_RT_HANDSHAKE)) ||
(peek && (type != SSL3_RT_APPLICATION_DATA)))
{
SSLerr(SSL_F_SSL3_READ_BYTES, ERR_R_INTERNAL_ERROR);
9 deps/openssl/openssl/ssl/s3_srvr.c
View file
@@ -2795,6 +2795,13 @@ int ssl3_get_client_key_exchange(SSL *s)
SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,ERR_R_BN_LIB);
goto err;
}
if (BN_ucmp(s->srp_ctx.A, s->srp_ctx.N) >= 0
|| BN_is_zero(s->srp_ctx.A))
{
al=SSL_AD_ILLEGAL_PARAMETER;
SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_SRP_PARAMETERS);
goto f_err;
}
if (s->session->srp_username != NULL)
OPENSSL_free(s->session->srp_username);
s->session->srp_username = BUF_strdup(s->srp_ctx.login);
@@ -2918,7 +2925,7 @@ int ssl3_get_cert_verify(SSL *s)
SSL3_ST_SR_CERT_VRFY_A,
SSL3_ST_SR_CERT_VRFY_B,
-1,
516, /* Enough for 4096 bit RSA key with TLS v1.2 */
SSL3_RT_MAX_PLAIN_LENGTH,
&ok);

if (!ok) return((int)n);
6 deps/openssl/openssl/ssl/ssl.h
View file
@@ -264,6 +264,7 @@ extern "C" {
#define SSL_TXT_aGOST94 "aGOST94"
#define SSL_TXT_aGOST01 "aGOST01"
#define SSL_TXT_aGOST "aGOST"
#define SSL_TXT_aSRP "aSRP"

#define SSL_TXT_DSS "DSS"
#define SSL_TXT_DH "DH"
@@ -2055,6 +2056,10 @@ int SSL_set_session_secret_cb(SSL *s, tls_session_secret_cb_fn tls_session_secre
void SSL_set_debug(SSL *s, int debug);
int SSL_cache_hit(SSL *s);

#ifndef OPENSSL_NO_UNIT_TEST
const struct openssl_ssl_test_functions *SSL_test_functions(void);
#endif

/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
@@ -2320,6 +2325,7 @@ void ERR_load_SSL_strings(void);
#define SSL_R_BAD_SRP_B_LENGTH 348
#define SSL_R_BAD_SRP_G_LENGTH 349
#define SSL_R_BAD_SRP_N_LENGTH 350
#define SSL_R_BAD_SRP_PARAMETERS 371
#define SSL_R_BAD_SRP_S_LENGTH 351
#define SSL_R_BAD_SRTP_MKI_VALUE 352
#define SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST 353
44 deps/openssl/openssl/ssl/ssl_ciph.c
View file
@@ -270,6 +270,7 @@ static const SSL_CIPHER cipher_aliases[]={
{0,SSL_TXT_aGOST94,0,0,SSL_aGOST94,0,0,0,0,0,0,0},
{0,SSL_TXT_aGOST01,0,0,SSL_aGOST01,0,0,0,0,0,0,0},
{0,SSL_TXT_aGOST,0,0,SSL_aGOST94|SSL_aGOST01,0,0,0,0,0,0,0},
{0,SSL_TXT_aSRP,0, 0,SSL_aSRP, 0,0,0,0,0,0,0},

/* aliases combining key exchange and server authentication */
{0,SSL_TXT_EDH,0, SSL_kEDH,~SSL_aNULL,0,0,0,0,0,0,0},
@@ -562,7 +563,7 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
break;
}

if ((i < 0) || (i > SSL_ENC_NUM_IDX))
if ((i < 0) || (i >= SSL_ENC_NUM_IDX))
*enc=NULL;
else
{
@@ -596,7 +597,7 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
i= -1;
break;
}
if ((i < 0) || (i > SSL_MD_NUM_IDX))
if ((i < 0) || (i >= SSL_MD_NUM_IDX))
{
*md=NULL;
if (mac_pkey_type!=NULL) *mac_pkey_type = NID_undef;
@@ -925,7 +926,7 @@ static void ssl_cipher_apply_rule(unsigned long cipher_id,
int rule, int strength_bits,
CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p)
{
CIPHER_ORDER *head, *tail, *curr, *curr2, *last;
CIPHER_ORDER *head, *tail, *curr, *next, *last;
const SSL_CIPHER *cp;
int reverse = 0;

@@ -942,21 +943,25 @@ static void ssl_cipher_apply_rule(unsigned long cipher_id,

if (reverse)
{
curr = tail;
next = tail;
last = head;
}
else
{
curr = head;
next = head;
last = tail;
}

curr2 = curr;
curr = NULL;
for (;;)
{
if ((curr == NULL) || (curr == last)) break;
curr = curr2;
curr2 = reverse ? curr->prev : curr->next;
if (curr == last) break;

curr = next;

if (curr == NULL) break;

next = reverse ? curr->prev : curr->next;

cp = curr->cipher;

@@ -1598,6 +1603,9 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
case SSL_kSRP:
kx="SRP";
break;
case SSL_kGOST:
kx="GOST";
break;
default:
kx="unknown";
}
@@ -1628,6 +1636,15 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
case SSL_aPSK:
au="PSK";
break;
case SSL_aSRP:
au="SRP";
break;
case SSL_aGOST94:
au="GOST94";
break;
case SSL_aGOST01:
au="GOST01";
break;
default:
au="unknown";
break;
@@ -1675,6 +1692,9 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
case SSL_SEED:
enc="SEED(128)";
break;
case SSL_eGOST2814789CNT:
enc="GOST89(256)";
break;
default:
enc="unknown";
break;
@@ -1697,6 +1717,12 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
case SSL_AEAD:
mac="AEAD";
break;
case SSL_GOST89MAC:
mac="GOST89";
break;
case SSL_GOST94:
mac="GOST94";
break;
default:
mac="unknown";
break;
1 deps/openssl/openssl/ssl/ssl_err.c
View file
@@ -329,6 +329,7 @@ static ERR_STRING_DATA SSL_str_reasons[]=
{ERR_REASON(SSL_R_BAD_SRP_B_LENGTH) ,"bad srp b length"},
{ERR_REASON(SSL_R_BAD_SRP_G_LENGTH) ,"bad srp g length"},
{ERR_REASON(SSL_R_BAD_SRP_N_LENGTH) ,"bad srp n length"},
{ERR_REASON(SSL_R_BAD_SRP_PARAMETERS) ,"bad srp parameters"},
{ERR_REASON(SSL_R_BAD_SRP_S_LENGTH) ,"bad srp s length"},
{ERR_REASON(SSL_R_BAD_SRTP_MKI_VALUE) ,"bad srtp mki value"},
{ERR_REASON(SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST),"bad srtp protection profile list"},
5 deps/openssl/openssl/ssl/ssl_lib.c
View file
@@ -1406,6 +1406,11 @@ int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p,
s->psk_client_callback == NULL)
continue;
#endif /* OPENSSL_NO_PSK */
#ifndef OPENSSL_NO_SRP
if (((c->algorithm_mkey & SSL_kSRP) || (c->algorithm_auth & SSL_aSRP)) &&
!(s->srp_ctx.srp_Mask & SSL_kSRP))
continue;
#endif /* OPENSSL_NO_SRP */
j = put_cb ? put_cb(c,p) : ssl_put_cipher_by_char(s,c,p);
p+=j;
}
25 deps/openssl/openssl/ssl/ssl_locl.h
View file
@@ -311,6 +311,7 @@
#define SSL_aPSK 0x00000080L /* PSK auth */
#define SSL_aGOST94 0x00000100L /* GOST R 34.10-94 signature auth */
#define SSL_aGOST01 0x00000200L /* GOST R 34.10-2001 signature auth */
#define SSL_aSRP 0x00000400L /* SRP auth */


/* Bits for algorithm_enc (symmetric encryption) */
@@ -809,6 +810,16 @@ const SSL_METHOD *func_name(void) \
return &func_name##_data; \
}

struct openssl_ssl_test_functions
{
int (*p_ssl_init_wbio_buffer)(SSL *s, int push);
int (*p_ssl3_setup_buffers)(SSL *s);
int (*p_tls1_process_heartbeat)(SSL *s);
int (*p_dtls1_process_heartbeat)(SSL *s);
};

#ifndef OPENSSL_UNIT_TEST

void ssl_clear_cipher_ctx(SSL *s);
int ssl_clear_bad_session(SSL *s);
CERT *ssl_cert_new(void);
@@ -1095,8 +1106,8 @@ int tls1_ec_nid2curve_id(int nid);
#endif /* OPENSSL_NO_EC */

#ifndef OPENSSL_NO_TLSEXT
unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned char *limit);
unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned char *limit);
unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf, unsigned char *limit);
unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *buf, unsigned char *limit);
int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **data, unsigned char *d, int n, int *al);
int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **data, unsigned char *d, int n, int *al);
int ssl_prepare_clienthello_tlsext(SSL *s);
@@ -1174,4 +1185,14 @@ void tls_fips_digest_extra(
const EVP_CIPHER_CTX *cipher_ctx, EVP_MD_CTX *mac_ctx,
const unsigned char *data, size_t data_len, size_t orig_len);

int srp_verify_server_param(SSL *s, int *al);

#else

#define ssl_init_wbio_buffer SSL_test_functions()->p_ssl_init_wbio_buffer
#define ssl3_setup_buffers SSL_test_functions()->p_ssl3_setup_buffers
#define tls1_process_heartbeat SSL_test_functions()->p_tls1_process_heartbeat
#define dtls1_process_heartbeat SSL_test_functions()->p_dtls1_process_heartbeat

#endif
#endif
5 deps/openssl/openssl/ssl/ssl_stat.c
View file
@@ -212,7 +212,6 @@ case SSL3_ST_SR_CERT_VRFY_A: str="SSLv3 read certificate verify A"; break;
case SSL3_ST_SR_CERT_VRFY_B: str="SSLv3 read certificate verify B"; break;
#endif

#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
/* SSLv2/v3 compatibility states */
/* client */
case SSL23_ST_CW_CLNT_HELLO_A: str="SSLv2/v3 write client hello A"; break;
@@ -222,7 +221,6 @@ case SSL23_ST_CR_SRVR_HELLO_B: str="SSLv2/v3 read server hello B"; break;
/* server */
case SSL23_ST_SR_CLNT_HELLO_A: str="SSLv2/v3 read client hello A"; break;
case SSL23_ST_SR_CLNT_HELLO_B: str="SSLv2/v3 read client hello B"; break;
#endif

/* DTLS */
case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A: str="DTLS1 read hello verify request A"; break;
@@ -366,7 +364,6 @@ case SSL3_ST_SR_CERT_VRFY_A: str="3RCV_A"; break;
case SSL3_ST_SR_CERT_VRFY_B: str="3RCV_B"; break;
#endif

#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
/* SSLv2/v3 compatibility states */
/* client */
case SSL23_ST_CW_CLNT_HELLO_A: str="23WCHA"; break;
@@ -376,7 +373,7 @@ case SSL23_ST_CR_SRVR_HELLO_B: str="23RSHA"; break;
/* server */
case SSL23_ST_SR_CLNT_HELLO_A: str="23RCHA"; break;
case SSL23_ST_SR_CLNT_HELLO_B: str="23RCHB"; break;
#endif

/* DTLS */
case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A: str="DRCHVA"; break;
case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B: str="DRCHVB"; break;
32 deps/openssl/openssl/crypto/pkcs7/example.h → deps/openssl/openssl/ssl/ssl_utst.c
View file
@@ -1,5 +1,9 @@
/* ssl_utst.c */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project.
*/
/* ====================================================================
* Copyright (c) 1999 The OpenSSL Project. All rights reserved.
* Copyright (c) 2014 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -46,12 +50,24 @@
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/

int add_signed_time(PKCS7_SIGNER_INFO *si);
ASN1_UTCTIME *get_signed_time(PKCS7_SIGNER_INFO *si);
int get_signed_seq2string(PKCS7_SIGNER_INFO *si, char **str1, char **str2);
#include "ssl_locl.h"

#ifndef OPENSSL_NO_UNIT_TEST


static const struct openssl_ssl_test_functions ssl_test_functions =
{
ssl_init_wbio_buffer,
ssl3_setup_buffers,
tls1_process_heartbeat,
dtls1_process_heartbeat
};

const struct openssl_ssl_test_functions *SSL_test_functions(void)
{
return &ssl_test_functions;
}

#endif
2 deps/openssl/openssl/ssl/t1_enc.c
View file
@@ -1128,7 +1128,7 @@ int tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen,
int rv;

#ifdef KSSL_DEBUG
printf ("tls1_export_keying_material(%p,%p,%d,%s,%d,%p,%d)\n", s, out, olen, label, llen, p, plen);
printf ("tls1_export_keying_material(%p,%p,%d,%s,%d,%p,%d)\n", s, out, olen, label, llen, context, contextlen);
#endif /* KSSL_DEBUG */

buff = OPENSSL_malloc(olen);
73 deps/openssl/openssl/ssl/t1_lib.c
View file
@@ -352,15 +352,16 @@ int tls12_get_req_sig_algs(SSL *s, unsigned char *p)
return (int)slen;
}

unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned char *limit)
unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf, unsigned char *limit)
{
int extdatalen=0;
unsigned char *ret = p;
unsigned char *orig = buf;
unsigned char *ret = buf;

/* don't add extensions for SSLv3 unless doing secure renegotiation */
if (s->client_version == SSL3_VERSION
&& !s->s3->send_connection_binding)
return p;
return orig;

ret+=2;

@@ -409,7 +410,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha
return NULL;
}

if((limit - p - 4 - el) < 0) return NULL;
if((limit - ret - 4 - el) < 0) return NULL;

s2n(TLSEXT_TYPE_renegotiate,ret);
s2n(el,ret);
@@ -452,8 +453,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha
#endif

#ifndef OPENSSL_NO_EC
if (s->tlsext_ecpointformatlist != NULL &&
s->version != DTLS1_VERSION)
if (s->tlsext_ecpointformatlist != NULL)
{
/* Add TLS extension ECPointFormats to the ClientHello message */
long lenmax;
@@ -472,8 +472,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha
memcpy(ret, s->tlsext_ecpointformatlist, s->tlsext_ecpointformatlist_length);
ret+=s->tlsext_ecpointformatlist_length;
}
if (s->tlsext_ellipticcurvelist != NULL &&
s->version != DTLS1_VERSION)
if (s->tlsext_ellipticcurvelist != NULL)
{
/* Add TLS extension EllipticCurves to the ClientHello message */
long lenmax;
@@ -650,7 +649,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha

ssl_add_clienthello_use_srtp_ext(s, 0, &el, 0);

if((limit - p - 4 - el) < 0) return NULL;
if((limit - ret - 4 - el) < 0) return NULL;

s2n(TLSEXT_TYPE_use_srtp,ret);
s2n(el,ret);
@@ -693,24 +692,25 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha
}
}

if ((extdatalen = ret-p-2)== 0)
return p;
if ((extdatalen = ret-orig-2)== 0)
return orig;

s2n(extdatalen,p);
s2n(extdatalen, orig);
return ret;
}

unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned char *limit)
unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *buf, unsigned char *limit)
{
int extdatalen=0;
unsigned char *ret = p;
unsigned char *orig = buf;
unsigned char *ret = buf;
#ifndef OPENSSL_NO_NEXTPROTONEG
int next_proto_neg_seen;
#endif

/* don't add extensions for SSLv3, unless doing secure renegotiation */
if (s->version == SSL3_VERSION && !s->s3->send_connection_binding)
return p;
return orig;

ret+=2;
if (ret>=limit) return NULL; /* this really never occurs, but ... */
@@ -733,7 +733,7 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned cha
return NULL;
}

if((limit - p - 4 - el) < 0) return NULL;
if((limit - ret - 4 - el) < 0) return NULL;

s2n(TLSEXT_TYPE_renegotiate,ret);
s2n(el,ret);
@@ -748,8 +748,7 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned cha
}

#ifndef OPENSSL_NO_EC
if (s->tlsext_ecpointformatlist != NULL &&
s->version != DTLS1_VERSION)
if (s->tlsext_ecpointformatlist != NULL)
{
/* Add TLS extension ECPointFormats to the ServerHello message */
long lenmax;
@@ -813,7 +812,7 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned cha

ssl_add_serverhello_use_srtp_ext(s, 0, &el, 0);

if((limit - p - 4 - el) < 0) return NULL;
if((limit - ret - 4 - el) < 0) return NULL;

s2n(TLSEXT_TYPE_use_srtp,ret);
s2n(el,ret);
@@ -884,10 +883,10 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned cha
}
#endif

if ((extdatalen = ret-p-2)== 0)
return p;
if ((extdatalen = ret-orig-2)== 0)
return orig;

s2n(extdatalen,p);
s2n(extdatalen, orig);
return ret;
}

@@ -1152,8 +1151,7 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
#endif

#ifndef OPENSSL_NO_EC
else if (type == TLSEXT_TYPE_ec_point_formats &&
s->version != DTLS1_VERSION)
else if (type == TLSEXT_TYPE_ec_point_formats)
{
unsigned char *sdata = data;
int ecpointformatlist_length = *(sdata++);
@@ -1187,8 +1185,7 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
fprintf(stderr,"\n");
#endif
}
else if (type == TLSEXT_TYPE_elliptic_curves &&
s->version != DTLS1_VERSION)
else if (type == TLSEXT_TYPE_elliptic_curves)
{
unsigned char *sdata = data;
int ellipticcurvelist_length = (*(sdata++) << 8);
@@ -1547,8 +1544,7 @@ int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
}

#ifndef OPENSSL_NO_EC
else if (type == TLSEXT_TYPE_ec_point_formats &&
s->version != DTLS1_VERSION)
else if (type == TLSEXT_TYPE_ec_point_formats)
{
unsigned char *sdata = data;
int ecpointformatlist_length = *(sdata++);
@@ -1559,15 +1555,18 @@ int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
*al = TLS1_AD_DECODE_ERROR;
return 0;
}
s->session->tlsext_ecpointformatlist_length = 0;
if (s->session->tlsext_ecpointformatlist != NULL) OPENSSL_free(s->session->tlsext_ecpointformatlist);
if ((s->session->tlsext_ecpointformatlist = OPENSSL_malloc(ecpointformatlist_length)) == NULL)
if (!s->hit)
{
*al = TLS1_AD_INTERNAL_ERROR;
return 0;
s->session->tlsext_ecpointformatlist_length = 0;
if (s->session->tlsext_ecpointformatlist != NULL) OPENSSL_free(s->session->tlsext_ecpointformatlist);
if ((s->session->tlsext_ecpointformatlist = OPENSSL_malloc(ecpointformatlist_length)) == NULL)
{
*al = TLS1_AD_INTERNAL_ERROR;
return 0;
}
s->session->tlsext_ecpointformatlist_length = ecpointformatlist_length;
memcpy(s->session->tlsext_ecpointformatlist, sdata, ecpointformatlist_length);
}
s->session->tlsext_ecpointformatlist_length = ecpointformatlist_length;
memcpy(s->session->tlsext_ecpointformatlist, sdata, ecpointformatlist_length);
#if 0
fprintf(stderr,"ssl_parse_serverhello_tlsext s->session->tlsext_ecpointformatlist ");
sdata = s->session->tlsext_ecpointformatlist;
@@ -2361,7 +2360,11 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *etick, int eticklen,
}
EVP_DecryptUpdate(&ctx, sdec, &slen, p, eticklen);
if (EVP_DecryptFinal(&ctx, sdec + slen, &mlen) <= 0)
{
EVP_CIPHER_CTX_cleanup(&ctx);
OPENSSL_free(sdec);
return 2;
}
slen += mlen;
EVP_CIPHER_CTX_cleanup(&ctx);
p = sdec;
48 deps/openssl/openssl/ssl/tls_srp.c
View file
@@ -408,16 +408,46 @@ int SRP_generate_client_master_secret(SSL *s,unsigned char *master_key)
return ret;
}

int SRP_Calc_A_param(SSL *s)
int srp_verify_server_param(SSL *s, int *al)
{
unsigned char rnd[SSL_MAX_MASTER_KEY_LENGTH];
SRP_CTX *srp = &s->srp_ctx;
/* Sanity check parameters: we can quickly check B % N == 0
* by checking B != 0 since B < N
*/
if (BN_ucmp(srp->g, srp->N) >=0 || BN_ucmp(srp->B, srp->N) >= 0
|| BN_is_zero(srp->B))
{
*al = SSL3_AD_ILLEGAL_PARAMETER;
return 0;
}

if (BN_num_bits(s->srp_ctx.N) < s->srp_ctx.strength)
return -1;
if (BN_num_bits(srp->N) < srp->strength)
{
*al = TLS1_AD_INSUFFICIENT_SECURITY;
return 0;
}

if (s->srp_ctx.SRP_verify_param_callback ==NULL &&
!SRP_check_known_gN_param(s->srp_ctx.g,s->srp_ctx.N))
return -1 ;
if (srp->SRP_verify_param_callback)
{
if (srp->SRP_verify_param_callback(s, srp->SRP_cb_arg) <= 0)
{
*al = TLS1_AD_INSUFFICIENT_SECURITY;
return 0;
}
}
else if(!SRP_check_known_gN_param(srp->g, srp->N))
{
*al = TLS1_AD_INSUFFICIENT_SECURITY;
return 0;
}

return 1;
}


int SRP_Calc_A_param(SSL *s)
{
unsigned char rnd[SSL_MAX_MASTER_KEY_LENGTH];

RAND_bytes(rnd, sizeof(rnd));
s->srp_ctx.a = BN_bin2bn(rnd, sizeof(rnd), s->srp_ctx.a);
@@ -426,10 +456,6 @@ int SRP_Calc_A_param(SSL *s)
if (!(s->srp_ctx.A = SRP_Calc_A(s->srp_ctx.a,s->srp_ctx.N,s->srp_ctx.g)))
return -1;

/* We can have a callback to verify SRP param!! */
if (s->srp_ctx.SRP_verify_param_callback !=NULL)
return s->srp_ctx.SRP_verify_param_callback(s,s->srp_ctx.SRP_cb_arg);

return 1;
}

11 deps/openssl/openssl/test/Makefile
View file
@@ -370,6 +370,13 @@ FIPS_BUILD_CMD=shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
link_app.$${shlib_target}

BUILD_CMD_STATIC=shlib_target=; \
LIBRARIES="$(DLIBSSL) $(DLIBCRYPTO) $(LIBKRB5)"; \
$(MAKE) -f $(TOP)/Makefile.shared -e \
APPNAME=$$target$(EXE_EXT) OBJECTS="$$target.o" \
LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
link_app.$${shlib_target}

$(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO)
@target=$(RSATEST); $(BUILD_CMD)

@@ -476,7 +483,7 @@ $(SRPTEST)$(EXE_EXT): $(SRPTEST).o $(DLIBCRYPTO)
@target=$(SRPTEST); $(BUILD_CMD)

$(HEARTBEATTEST)$(EXE_EXT): $(HEARTBEATTEST).o $(DLIBCRYPTO)
@target=$(HEARTBEATTEST); $(BUILD_CMD)
@target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC)

#$(AESTEST).o: $(AESTEST).c
# $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c
@@ -633,7 +640,7 @@ heartbeat_test.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
heartbeat_test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
heartbeat_test.o: ../include/openssl/tls1.h ../include/openssl/x509.h
heartbeat_test.o: ../include/openssl/x509_vfy.h ../ssl/ssl_locl.h
heartbeat_test.o: heartbeat_test.c
heartbeat_test.o: ../test/testutil.h heartbeat_test.c
hmactest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
hmactest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
hmactest.o: ../include/openssl/evp.h ../include/openssl/hmac.h
63 deps/openssl/openssl/test/ectest.c
View file
@@ -199,6 +199,7 @@ static void group_order_tests(EC_GROUP *group)
EC_POINT *P = EC_POINT_new(group);
EC_POINT *Q = EC_POINT_new(group);
BN_CTX *ctx = BN_CTX_new();
int i;

n1 = BN_new(); n2 = BN_new(); order = BN_new();
fprintf(stdout, "verify group order ...");
@@ -212,21 +213,55 @@ static void group_order_tests(EC_GROUP *group)
if (!EC_POINT_mul(group, Q, order, NULL, NULL, ctx)) ABORT;
if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
fprintf(stdout, " ok\n");
fprintf(stdout, "long/negative scalar tests ... ");
if (!BN_one(n1)) ABORT;
/* n1 = 1 - order */
if (!BN_sub(n1, n1, order)) ABORT;
if(!EC_POINT_mul(group, Q, NULL, P, n1, ctx)) ABORT;
if (0 != EC_POINT_cmp(group, Q, P, ctx)) ABORT;
/* n2 = 1 + order */
if (!BN_add(n2, order, BN_value_one())) ABORT;
if(!EC_POINT_mul(group, Q, NULL, P, n2, ctx)) ABORT;
if (0 != EC_POINT_cmp(group, Q, P, ctx)) ABORT;
/* n2 = (1 - order) * (1 + order) */
if (!BN_mul(n2, n1, n2, ctx)) ABORT;
if(!EC_POINT_mul(group, Q, NULL, P, n2, ctx)) ABORT;
if (0 != EC_POINT_cmp(group, Q, P, ctx)) ABORT;
fprintf(stdout, "long/negative scalar tests ");
for (i = 1; i <= 2; i++)
{
const BIGNUM *scalars[6];
const EC_POINT *points[6];

fprintf(stdout, i == 1 ?
"allowing precomputation ... " :
"without precomputation ... ");
if (!BN_set_word(n1, i)) ABORT;
/* If i == 1, P will be the predefined generator for which
* EC_GROUP_precompute_mult has set up precomputation. */
if (!EC_POINT_mul(group, P, n1, NULL, NULL, ctx)) ABORT;

if (!BN_one(n1)) ABORT;
/* n1 = 1 - order */
if (!BN_sub(n1, n1, order)) ABORT;
if (!EC_POINT_mul(group, Q, NULL, P, n1, ctx)) ABORT;
if (0 != EC_POINT_cmp(group, Q, P, ctx)) ABORT;

/* n2 = 1 + order */
if (!BN_add(n2, order, BN_value_one())) ABORT;
if (!EC_POINT_mul(group, Q, NULL, P, n2, ctx)) ABORT;
if (0 != EC_POINT_cmp(group, Q, P, ctx)) ABORT;

/* n2 = (1 - order) * (1 + order) = 1 - order^2 */
if (!BN_mul(n2, n1, n2, ctx)) ABORT;
if (!EC_POINT_mul(group, Q, NULL, P, n2, ctx)) ABORT;
if (0 != EC_POINT_cmp(group, Q, P, ctx)) ABORT;

/* n2 = order^2 - 1 */
BN_set_negative(n2, 0);
if (!EC_POINT_mul(group, Q, NULL, P, n2, ctx)) ABORT;
/* Add P to verify the result. */
if (!EC_POINT_add(group, Q, Q, P, ctx)) ABORT;
if (!EC_POINT_is_at_infinity(group, Q)) ABORT;

/* Exercise EC_POINTs_mul, including corner cases. */
scalars[0] = n1; points[0] = Q; /* => infinity */
scalars[1] = n2; points[1] = P; /* => -P */
scalars[2] = n1; points[2] = Q; /* => infinity */
scalars[3] = n2; points[3] = Q; /* => infinity */
scalars[4] = n1; points[4] = P; /* => P */
scalars[5] = n2; points[5] = Q; /* => infinity */
if (!EC_POINTs_mul(group, Q, NULL, 5, points, scalars, ctx)) ABORT;
if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
}
fprintf(stdout, "ok\n");

EC_POINT_free(P);
EC_POINT_free(Q);
BN_free(n1);
13 deps/openssl/openssl/test/heartbeat_test.c
View file
@@ -38,13 +38,17 @@
* http://mike-bland.com/tags/heartbleed.html
*/

#define OPENSSL_UNIT_TEST

#include "../test/testutil.h"

#include "../ssl/ssl_locl.h"
#include <ctype.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>

#if !defined(OPENSSL_NO_HEARTBEATS) && !defined(OPENSSL_SYS_WINDOWS)
#if !defined(OPENSSL_NO_HEARTBEATS) && !defined(OPENSSL_NO_UNIT_TEST)

/* As per https://tools.ietf.org/html/rfc6520#section-4 */
#define MIN_PADDING_SIZE 16
@@ -263,13 +267,10 @@ static int honest_payload_size(unsigned char payload_buf[])
}

#define SETUP_HEARTBEAT_TEST_FIXTURE(type)\
HEARTBEAT_TEST_FIXTURE fixture = set_up_##type(__func__);\
int result = 0
SETUP_TEST_FIXTURE(HEARTBEAT_TEST_FIXTURE, set_up_##type)

#define EXECUTE_HEARTBEAT_TEST()\
if (execute_heartbeat(fixture) != 0) result = 1;\
tear_down(fixture);\
return result
EXECUTE_TEST(execute_heartbeat, tear_down)

static int test_dtls1_not_bleeding()
{
6 deps/openssl/openssl/test/ideatest.c
View file
@@ -199,10 +199,10 @@ static int cfb64_test(unsigned char *cfb_cipher)
}
memcpy(cfb_tmp,cfb_iv,8);
n=0;
idea_cfb64_encrypt(cfb_buf1,cfb_buf2,(long)17,&eks,
idea_cfb64_encrypt(cfb_buf1,cfb_buf2,(long)13,&eks,
cfb_tmp,&n,IDEA_DECRYPT);
idea_cfb64_encrypt(&(cfb_buf1[17]),&(cfb_buf2[17]),
(long)CFB_TEST_SIZE-17,&dks,
idea_cfb64_encrypt(&(cfb_buf1[13]),&(cfb_buf2[13]),
(long)CFB_TEST_SIZE-13,&eks,
cfb_tmp,&n,IDEA_DECRYPT);
if (memcmp(plain,cfb_buf2,CFB_TEST_SIZE) != 0)
{
116 deps/openssl/openssl/test/testutil.h
View file
@@ -0,0 +1,116 @@
/* test/testutil.h */
/*
* Utilities for writing OpenSSL unit tests.
*
* More information:
* http://wiki.openssl.org/index.php/How_To_Write_Unit_Tests_For_OpenSSL
*
* Author: Mike Bland (mbland@acm.org)
* Date: 2014-06-07
* ====================================================================
* Copyright (c) 2014 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/

#ifndef HEADER_TESTUTIL_H
#define HEADER_TESTUTIL_H

/* SETUP_TEST_FIXTURE and EXECUTE_TEST macros for test case functions.
*
* SETUP_TEST_FIXTURE will call set_up() to create a new TEST_FIXTURE_TYPE
* object called "fixture". It will also allocate the "result" variable used
* by EXECUTE_TEST. set_up() should take a const char* specifying the test
* case name and return a TEST_FIXTURE_TYPE by value.
*
* EXECUTE_TEST will pass fixture to execute_func() by value, call
* tear_down(), and return the result of execute_func(). execute_func() should
* take a TEST_FIXTURE_TYPE by value and return zero on success or one on
* failure.
*
* Unit tests can define their own SETUP_TEST_FIXTURE and EXECUTE_TEST
* variations like so:
*
* #define SETUP_FOOBAR_TEST_FIXTURE()\
* SETUP_TEST_FIXTURE(FOOBAR_TEST_FIXTURE, set_up_foobar)
*
* #define EXECUTE_FOOBAR_TEST()\
* EXECUTE_TEST(execute_foobar, tear_down_foobar)
*
* Then test case functions can take the form:
*
* static int test_foobar_feature()
* {
* SETUP_FOOBAR_TEST_FIXTURE();
* [...set individual members of fixture...]
* EXECUTE_FOOBAR_TEST();
* }
*/
#define SETUP_TEST_FIXTURE(TEST_FIXTURE_TYPE, set_up)\
TEST_FIXTURE_TYPE fixture = set_up(TEST_CASE_NAME);\
int result = 0

#define EXECUTE_TEST(execute_func, tear_down)\
if (execute_func(fixture) != 0) result = 1;\
tear_down(fixture);\
return result

/* TEST_CASE_NAME is defined as the name of the test case function where
* possible; otherwise we get by with the file name and line number.
*/
#if __STDC_VERSION__ < 199901L
#if defined(_MSC_VER)
#define TEST_CASE_NAME __FUNCTION__
#else
#define testutil_stringify_helper(s) #s
#define testutil_stringify(s) testutil_stringify_helper(s)
#define TEST_CASE_NAME __FILE__ ":" testutil_stringify(__LINE__)
#endif /* _MSC_VER */
#else
#define TEST_CASE_NAME __func__
#endif /* __STDC_VERSION__ */

#endif /* HEADER_TESTUTIL_H */
1 deps/openssl/openssl/util/mk1mf.pl
View file
@@ -1150,6 +1150,7 @@ sub read_options
"no-montasm" => 0,
"no-shared" => 0,
"no-store" => 0,
"no-unit-test" => 0,
"no-zlib" => 0,
"no-zlib-dynamic" => 0,
"fips" => \$fips
7 deps/openssl/openssl/util/mkdef.pl
View file
@@ -116,7 +116,9 @@
# Hide SSL internals
"SSL_INTERN",
# SCTP
"SCTP");
"SCTP",
# Unit testing
"UNIT_TEST");

my $options="";
open(IN,"<Makefile") || die "unable to open Makefile!\n";
@@ -137,6 +139,7 @@
my $no_rfc3779; my $no_psk; my $no_tlsext; my $no_cms; my $no_capieng;
my $no_jpake; my $no_srp; my $no_ssl2; my $no_ec2m; my $no_nistp_gcc;
my $no_nextprotoneg; my $no_sctp;
my $no_unit_test;

my $fips;

@@ -235,6 +238,7 @@
elsif (/^no-jpake$/) { $no_jpake=1; }
elsif (/^no-srp$/) { $no_srp=1; }
elsif (/^no-sctp$/) { $no_sctp=1; }
elsif (/^no-unit-test$/){ $no_unit_test=1; }
}


@@ -1205,6 +1209,7 @@ sub is_valid
if ($keyword eq "JPAKE" && $no_jpake) { return 0; }
if ($keyword eq "SRP" && $no_srp) { return 0; }
if ($keyword eq "SCTP" && $no_sctp) { return 0; }
if ($keyword eq "UNIT_TEST" && $no_unit_test) { return 0; }
if ($keyword eq "DEPRECATED" && $no_deprecated) { return 0; }

# Nothing recognise as true
4 deps/openssl/openssl/util/mkerr.pl
View file
@@ -787,15 +787,15 @@
push (@runref, $_) unless exists $urcodes{$_};
}

if($debug && defined(@funref) ) {
if($debug && @funref) {
print STDERR "The following function codes were not referenced:\n";
foreach(sort @funref)
{
print STDERR "$_\n";
}
}

if($debug && defined(@runref) ) {
if($debug && @runref) {
print STDERR "The following reason codes were not referenced:\n";
foreach(sort @runref)
{
1 deps/openssl/openssl/util/ssleay.num
View file
@@ -181,6 +181,7 @@ SSL_get_verify_depth 229 EXIST::FUNCTION:
SSL_CTX_set_session_id_context 231 EXIST::FUNCTION:
SSL_CTX_set_cert_verify_callback 232 EXIST:!VMS:FUNCTION:
SSL_CTX_set_cert_verify_cb 232 EXIST:VMS:FUNCTION:
SSL_test_functions 233 EXIST::FUNCTION:UNIT_TEST
SSL_CTX_set_default_passwd_cb_userdata 235 EXIST:!VMS:FUNCTION:
SSL_CTX_set_def_passwd_cb_ud 235 EXIST:VMS:FUNCTION:
SSL_set_purpose 236 EXIST::FUNCTION: