Nabble - OpenSSL - Dev

Bug in IBM contributed AES-CCM code (large AAD)

2009-12-20T13:50:38Z

I'll post a full patch at some point - but in the interim.
This isn't so much a bug as something I forgot to go back and fix when I
coded it originally.
CCM will fail with AAD > 0xff00 bytes as I forgot to add the formatting
bytes for the larger AAD's.
Note that it still hasn't been tested with AAD's > 2^32 bytes .

With normal use of CCM this was probably harmless, as it's typically used
with small packets.

--- openssl-0.9.8e.orig/crypto/aes/aes_ccm.c 2009-12-18
08:38:39.000000000 +1000
+++ openssl-0.9.8e/crypto/aes/aes_ccm.c 2009-12-18 10:29:51.000000000 +1000
@@ -180,7 +180,8 @@
unsigned int aadbytes = 0;
unsigned int offset = 0;
int outl = 0;
- unsigned int i,j;
+ unsigned int i,j,k;
+ int aadenc = 2;
#if defined(AES_CCM_DEBUG)
int b = 0; /* Index counters to aid formatting during debug */
int s = 0;
@@ -283,15 +284,22 @@
if(aad != NULL && aadlen > 0) {
if(aadlen < (0x10000L - 0x100L)) {
aadbytes = 2;
+ aadenc = 2;
} else if(aadlen <= 0xFFFFFFFF) {
aadbytes = 6;
+ aadenc = 4;
+ A0[0] = 0xff;
+ A0[1] = 0xfe;
} else {
aadbytes = 10;
+ aadenc = 8;
+ A0[0] = 0xff;
+ A0[1] = 0xff;
}
j = aadlen;
- for(i = aadbytes-1; i > 0; i--) {
- A0[i] = j & 0xff;
- j >>= 8;
+ for(i = 0, k = aadbytes-1; i < aadenc; i++,k--) {
+ A0[k] = j & 0xff;
+ j = j / 256;
}
/* Now roll through the aad ? */
}
@@ -364,7 +372,7 @@
/* AES_encrypt(CTR,A0,akey); */
EVP_EncryptUpdate(ctx,A0,&outl,CTR,AES_BLOCK_SIZE);
printbinCTR("S",&s,A0,AES_BLOCK_SIZE);
- /* Increment the ounter */
+ /* Increment the counter */
AES_CCM_inc(CTR,q);

/* XOR the encrypted counter with the incoming data */

______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@...
Automated List Manager majordomo@...

Re: [openssl.org #1794] [PATCH] SRP ciphersuites in 1.0.1 and 1.1.0 (updated)

2009-12-18T13:32:03Z

Wow,

You keep updating and submitting these patches. I hope you find a
core-team commit in your christmas stocking, finally :)

/r$

--
STSM, WebSphere Appliance Architect
https://www.ibm.com/developerworks/mydeveloperworks/blogs/soma/

______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@...
Automated List Manager majordomo@...

[openssl.org #1794] [PATCH] SRP ciphersuites in 1.0.1 and 1.1.0 (updated)

2009-12-18T13:07:39Z

This patch adds full RFC 5054 support in OpenSSL 1.0.1 and 1.1.0, and
has been updated to apply cleanly to the 20091218 dev snapshot. This
version of the patch supercedes the earlier patches submitted under this
ticket. Please let me know what the next steps are for the integration
of this patch into OpenSSL 1.0.1 and 1.1.0.

Thanks,
Tom

diff -ruN openssl-SNAP-20091218-orig/apps/demoSRP/srp_verifier.txt openssl-SNAP-20091218-srp/apps/demoSRP/srp_verifier.txt
--- openssl-SNAP-20091218-orig/apps/demoSRP/srp_verifier.txt 1970-01-01 00:00:00.000000000 +0000
+++ openssl-SNAP-20091218-srp/apps/demoSRP/srp_verifier.txt 2009-12-18 20:33:29.000000000 +0000
@@ -0,0 +1,6 @@
+# This is a file that will be filled by the openssl srp routine.
+# You can initialize the file with additional groups, these are
+# records starting with a I followed by the g and N values and the id.
+# The exact values ... you have to dig this out from the source of srp.c
+# or srp_vfy.c
+# The last value of an I is used as the default group for new users.
diff -ruN openssl-SNAP-20091218-orig/apps/demoSRP/srp_verifier.txt.attr openssl-SNAP-20091218-srp/apps/demoSRP/srp_verifier.txt.attr
--- openssl-SNAP-20091218-orig/apps/demoSRP/srp_verifier.txt.attr 1970-01-01 00:00:00.000000000 +0000
+++ openssl-SNAP-20091218-srp/apps/demoSRP/srp_verifier.txt.attr 2009-12-18 20:33:29.000000000 +0000
@@ -0,0 +1 @@
+unique_subject = yes
diff -ruN openssl-SNAP-20091218-orig/apps/Makefile openssl-SNAP-20091218-srp/apps/Makefile
--- openssl-SNAP-20091218-orig/apps/Makefile 2009-10-15 18:00:13.000000000 +0000
+++ openssl-SNAP-20091218-srp/apps/Makefile 2009-12-18 20:33:29.000000000 +0000
@@ -39,7 +39,7 @@
ca crl rsa rsautl dsa dsaparam ec ecparam \
x509 genrsa gendsa genpkey s_server s_client speed \
s_time version pkcs7 cms crl2pkcs7 sess_id ciphers nseq pkcs12 \
- pkcs8 pkey pkeyparam pkeyutl spkac smime rand engine ocsp prime ts
+ pkcs8 pkey pkeyparam pkeyutl spkac smime rand engine ocsp prime ts srp

PROGS= $(PROGRAM).c

@@ -56,7 +56,7 @@
x509.o genrsa.o gendsa.o genpkey.o s_server.o s_client.o speed.o \
s_time.o $(A_OBJ) $(S_OBJ) $(RAND_OBJ) version.o sess_id.o \
ciphers.o nseq.o pkcs12.o pkcs8.o pkey.o pkeyparam.o pkeyutl.o \
- spkac.o smime.o cms.o rand.o engine.o ocsp.o prime.o ts.o
+ spkac.o smime.o cms.o rand.o engine.o ocsp.o prime.o ts.o srp.o

E_SRC= verify.c asn1pars.c req.c dgst.c dh.c enc.c passwd.c gendh.c errstr.c ca.c \
pkcs7.c crl2p7.c crl.c \
@@ -64,7 +64,7 @@
x509.c genrsa.c gendsa.c genpkey.c s_server.c s_client.c speed.c \
s_time.c $(A_SRC) $(S_SRC) $(RAND_SRC) version.c sess_id.c \
ciphers.c nseq.c pkcs12.c pkcs8.c pkey.c pkeyparam.c pkeyutl.c \
- spkac.c smime.c cms.c rand.c engine.c ocsp.c prime.c ts.c
+ spkac.c smime.c cms.c rand.c engine.c ocsp.c prime.c ts.c srp.c

SRC=$(E_SRC)

diff -ruN openssl-SNAP-20091218-orig/apps/progs.h openssl-SNAP-20091218-srp/apps/progs.h
--- openssl-SNAP-20091218-orig/apps/progs.h 2009-06-30 16:00:19.000000000 +0000
+++ openssl-SNAP-20091218-srp/apps/progs.h 2009-12-18 20:33:29.000000000 +0000
@@ -44,6 +44,7 @@
extern int rand_main(int argc,char *argv[]);
extern int engine_main(int argc,char *argv[]);
extern int ocsp_main(int argc,char *argv[]);
+extern int srp_main(int argc,char *argv[]);
extern int prime_main(int argc,char *argv[]);
extern int ts_main(int argc,char *argv[]);

@@ -145,6 +146,9 @@
#ifndef OPENSSL_NO_OCSP
{FUNC_TYPE_GENERAL,"ocsp",ocsp_main},
#endif
+#ifndef OPENSSL_NO_SRP
+ {FUNC_TYPE_GENERAL,"srp",srp_main},
+#endif
{FUNC_TYPE_GENERAL,"prime",prime_main},
{FUNC_TYPE_GENERAL,"ts",ts_main},
#ifndef OPENSSL_NO_MD2
diff -ruN openssl-SNAP-20091218-orig/apps/s_client.c openssl-SNAP-20091218-srp/apps/s_client.c
--- openssl-SNAP-20091218-orig/apps/s_client.c 2009-12-16 21:00:16.000000000 +0000
+++ openssl-SNAP-20091218-srp/apps/s_client.c 2009-12-18 20:33:29.000000000 +0000
@@ -163,6 +163,9 @@
#include <openssl/rand.h>
#include <openssl/ocsp.h>
#include <openssl/bn.h>
+#ifndef OPENSSL_NO_SRP
+#include <openssl/srp.h>
+#endif
#include "s_apps.h"
#include "timeouts.h"

@@ -316,6 +319,13 @@
BIO_printf(bio_err," -jpake arg - JPAKE secret to use\n");
# endif
#endif
+#ifndef OPENSSL_NO_SRP
+ BIO_printf(bio_err," -srpuser user - SRP authentification for 'user'\n");
+ BIO_printf(bio_err," -srppass arg - password for 'user'\n");
+ BIO_printf(bio_err," -srp_lateuser - SRP username into second ClientHello message\n");
+ BIO_printf(bio_err," -srp_moregroups - Tolerate other than the known g N values.\n");
+ BIO_printf(bio_err," -srp_strength int - minimal mength in bits for N (default %d).\n",SRP_MINIMAL_N);
+#endif
BIO_printf(bio_err," -ssl2 - just use SSLv2\n");
BIO_printf(bio_err," -ssl3 - just use SSLv3\n");
BIO_printf(bio_err," -tls1_1 - just use TLSv1.1\n");
@@ -367,6 +377,112 @@

return SSL_TLSEXT_ERR_OK;
}
+
+#ifndef OPENSSL_NO_SRP
+
+/* This is a context that we pass to all callbacks */
+typedef struct srp_arg_st
+ {
+ char *srppassin;
+ char *srplogin;
+ int msg; /* copy from c_msg */
+ int debug; /* copy from c_debug */
+ int amp; /* allow more groups */
+ int strength /* minimal size for N */ ;
+ } SRP_ARG;
+
+#define SRP_NUMBER_ITERATIONS_FOR_PRIME 64
+
+int SRP_Verify_N_and_g(BIGNUM *N, BIGNUM *g)
+ {
+ BN_CTX *bn_ctx = BN_CTX_new();
+ BIGNUM *p = BN_new();
+ BIGNUM *r = BN_new();
+ int ret =
+ g != NULL && N != NULL && bn_ctx != NULL && BN_is_odd(N) &&
+ BN_is_prime(N,SRP_NUMBER_ITERATIONS_FOR_PRIME,NULL,bn_ctx,NULL) &&
+ p != NULL && BN_rshift1(p, N) &&
+
+ /* p = (N-1)/2 */
+ BN_is_prime(p,SRP_NUMBER_ITERATIONS_FOR_PRIME,NULL,bn_ctx,NULL) &&
+ r != NULL &&
+
+ /* verify g^((N-1)/2) == -1 (mod N) */
+ BN_mod_exp(r, g, p, N, bn_ctx) &&
+ BN_add_word(r, 1) &&
+ BN_cmp(r, N) == 0;
+
+ if(r)
+ BN_free(r);
+ if(p)
+ BN_free(p);
+ if(bn_ctx)
+ BN_CTX_free(bn_ctx);
+ return ret;
+ }
+
+static int MS_CALLBACK ssl_srp_verify_param_cb(SSL *s, void *arg)
+ {
+ SRP_ARG *srp_arg = (SRP_ARG *)arg;
+ BIGNUM *N = NULL, *g = NULL;
+ if (!(N = SSL_get_srp_N(s)) || !(g = SSL_get_srp_g(s)))
+ return 0;
+ if (srp_arg->debug || srp_arg->msg || srp_arg->amp == 1)
+ {
+ BIO_printf(bio_err, "SRP parameters:\n");
+ BIO_printf(bio_err,"\tN="); BN_print(bio_err,N);
+ BIO_printf(bio_err,"\n\tg="); BN_print(bio_err,g);
+ BIO_printf(bio_err,"\n");
+ }
+
+ if (SRP_check_known_gN_param(g,N))
+ return 1;
+
+ if (srp_arg->amp == 1)
+ {
+ if (srp_arg->debug)
+ BIO_printf(bio_err, "SRP param N and g are not known params, going to check deeper.\n");
+
+/* The srp_moregroups must be used with caution, testing primes costs time.
+ Implementors should rather add the value to the known ones.
+ The minimal size has already been tested.
+*/
+ if (BN_num_bits(g) <= BN_BITS && SRP_Verify_N_and_g(N,g))
+ return 1;
+ }
+ BIO_printf(bio_err, "SRP param N and g rejected.\n");
+ return 0;
+ }
+
+#define PWD_STRLEN 1024
+
+static char * MS_CALLBACK ssl_give_srp_client_pwd_cb(SSL *s, void *arg)
+ {
+ SRP_ARG *srp_arg = (SRP_ARG *)arg;
+ char *pass = (char *)OPENSSL_malloc(PWD_STRLEN+1);
+ PW_CB_DATA cb_tmp;
+ int l;
+
+ cb_tmp.password = (char *)srp_arg->srppassin;
+ cb_tmp.prompt_info = "SRP user";
+ if ((l = password_callback(pass, PWD_STRLEN, 0, &cb_tmp))<0)
+ {
+ BIO_printf (bio_err, "Can't read Password\n");
+ OPENSSL_free(pass);
+ return NULL;
+ }
+ *(pass+l)= '\0';
+
+ return pass;
+ }
+
+static char * MS_CALLBACK missing_srp_username_callback(SSL *s, void *arg)
+ {
+ SRP_ARG *srp_arg = (SRP_ARG *)arg;
+ return BUF_strdup(srp_arg->srplogin);
+ }
+
+#endif
#endif

enum
@@ -440,6 +556,11 @@
#ifndef OPENSSL_NO_JPAKE
char *jpake_secret = NULL;
#endif
+#ifndef OPENSSL_NO_SRP
+ char * srppass = NULL;
+ int srp_lateuser = 0;
+ SRP_ARG srp_arg = {NULL,NULL,0,0,0,1024};
+#endif

#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
meth=SSLv23_client_method();
@@ -589,6 +710,37 @@
}
}
#endif
+#ifndef OPENSSL_NO_SRP
+ else if (strcmp(*argv,"-srpuser") == 0)
+ {
+ if (--argc < 1) goto bad;
+ srp_arg.srplogin= *(++argv);
+ meth=TLSv1_client_method();
+ }
+ else if (strcmp(*argv,"-srppass") == 0)
+ {
+ if (--argc < 1) goto bad;
+ srppass= *(++argv);
+ meth=TLSv1_client_method();
+ }
+ else if (strcmp(*argv,"-srp_strength") == 0)
+ {
+ if (--argc < 1) goto bad;
+ srp_arg.strength=atoi(*(++argv));
+ BIO_printf(bio_err,"SRP minimal length for N is %d\n",srp_arg.strength);
+ meth=TLSv1_client_method();
+ }
+ else if (strcmp(*argv,"-srp_lateuser") == 0)
+ {
+ srp_lateuser= 1;
+ meth=TLSv1_client_method();
+ }
+ else if (strcmp(*argv,"-srp_moregroups") == 0)
+ {
+ srp_arg.amp=1;
+ meth=TLSv1_client_method();
+ }
+#endif
#ifndef OPENSSL_NO_SSL2
else if (strcmp(*argv,"-ssl2") == 0)
meth=SSLv2_client_method();
@@ -840,6 +992,14 @@
}
}

+#ifndef OPENSSL_NO_SRP
+ if(!app_passwd(bio_err, srppass, NULL, &srp_arg.srppassin, NULL))
+ {
+ BIO_printf(bio_err, "Error getting password\n");
+ goto end;
+ }
+#endif
+
ctx=SSL_CTX_new(meth);
if (ctx == NULL)
{
@@ -919,6 +1079,26 @@
SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb);
SSL_CTX_set_tlsext_servername_arg(ctx, &tlsextcbp);
}
+#ifndef OPENSSL_NO_SRP
+ if (srp_arg.srplogin)
+ {
+ if (srp_lateuser)
+ SSL_CTX_set_srp_missing_srp_username_callback(ctx,missing_srp_username_callback);
+ else if (!SSL_CTX_set_srp_username(ctx, srp_arg.srplogin))
+ {
+ BIO_printf(bio_err,"Unable to set SRP username\n");
+ goto end;
+ }
+ srp_arg.msg = c_msg;
+ srp_arg.debug = c_debug ;
+ SSL_CTX_set_srp_cb_arg(ctx,&srp_arg);
+ SSL_CTX_set_srp_client_pwd_callback(ctx, ssl_give_srp_client_pwd_cb);
+ SSL_CTX_set_srp_strength(ctx, srp_arg.strength);
+ if (c_msg || c_debug || srp_arg.amp == 0)
+ SSL_CTX_set_srp_verify_param_callback(ctx, ssl_srp_verify_param_cb);
+ }
+
+#endif
#endif

con=SSL_new(ctx);
diff -ruN openssl-SNAP-20091218-orig/apps/srp.c openssl-SNAP-20091218-srp/apps/srp.c
--- openssl-SNAP-20091218-orig/apps/srp.c 1970-01-01 00:00:00.000000000 +0000
+++ openssl-SNAP-20091218-srp/apps/srp.c 2009-12-18 20:33:29.000000000 +0000
@@ -0,0 +1,753 @@
+/* apps/srp.c */
+/* Written by Peter Sylvester (peter.sylvester@...)
+ * for the EdelKey project and contributed to the OpenSSL project 2004.
+ */
+/* ====================================================================
+ * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@....
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@...). This product includes software written by Tim
+ * Hudson (tjh@...).
+ *
+ */
+#include <openssl/opensslconf.h>
+
+#ifndef OPENSSL_NO_SRP
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <openssl/conf.h>
+#include <openssl/bio.h>
+#include <openssl/err.h>
+#include <openssl/txt_db.h>
+#include <openssl/buffer.h>
+#include <openssl/srp.h>
+
+#include "apps.h"
+
+#undef PROG
+#define PROG srp_main
+
+#define BASE_SECTION "srp"
+#define CONFIG_FILE "openssl.cnf"
+
+#define ENV_RANDFILE "RANDFILE"
+
+#define ENV_DATABASE "srpvfile"
+#define ENV_DEFAULT_SRP "default_srp"
+
+static char *srp_usage[]={
+"usage: srp [args] [user] \n",
+"\n",
+" -verbose Talk alot while doing things\n",
+" -config file A config file\n",
+" -name arg The particular srp definition to use\n",
+" -srpvfile arg The srp verifier file name\n",
+" -add add an user and srp verifier\n",
+" -modify modify the srp verifier of an existing user\n",
+" -delete delete user from verifier file\n",
+" -list list user\n",
+" -gn arg g and N values to be used for new verifier\n",
+" -userinfo arg additional info to be set for user\n",
+" -passin arg input file pass phrase source\n",
+" -passout arg output file pass phrase source\n",
+#ifndef OPENSSL_NO_ENGINE
+" -engine e - use engine e, possibly a hardware device.\n",
+#endif
+NULL
+};
+
+#ifdef EFENCE
+extern int EF_PROTECT_FREE;
+extern int EF_PROTECT_BELOW;
+extern int EF_ALIGNMENT;
+#endif
+
+static CONF *conf=NULL;
+static char *section=NULL;
+
+#define VERBOSE if (verbose)
+#define VVERBOSE if (verbose>1)
+
+
+int MAIN(int, char **);
+
+int get_index(CA_DB *db, char* id, char type)
+ {
+ char ** pp;
+ int i;
+ if (id == NULL) return -1;
+ if (type == DB_SRP_INDEX)
+ for (i = 0; i < sk_num(db->db->data); i++)
+ {
+ pp=(char **)sk_value(db->db->data,i);
+ if (pp[DB_srptype][0] == DB_SRP_INDEX && !strcmp(id,pp[DB_srpid]))
+ return i;
+ }
+ else for (i = 0; i < sk_num(db->db->data); i++)
+ {
+ pp=(char **)sk_value(db->db->data,i);
+
+ if (pp[DB_srptype][0] != DB_SRP_INDEX && !strcmp(id,pp[DB_srpid]))
+ return i;
+ }
+
+ return -1 ;
+ }
+
+void print_entry(CA_DB *db, BIO * bio, int index,int verbose, char * s)
+ {
+ if (index >= 0 && verbose)
+ {
+ int j;
+ char ** pp=(char **)sk_value(db->db->data,index);
+ BIO_printf(bio,"%s \"%s\"\n",s,pp[DB_srpid]);
+ for (j = 0; j < DB_NUMBER; j++)
+ {
+ BIO_printf(bio_err," %d = \"%s\"\n",j,pp[j]);
+ }
+ }
+ }
+
+void print_index(CA_DB *db, BIO * bio, int indexindex,int verbose)
+ {
+ print_entry(db,bio,indexindex, verbose, "g N entry") ;
+ }
+
+void print_user(CA_DB *db, BIO * bio, int userindex,int verbose)
+ {
+ if (verbose > 0)
+ {
+ char ** pp= (char **)sk_value(db->db->data,userindex);
+
+ if (pp[DB_srptype][0] != 'I')
+ {
+ print_entry(db,bio,userindex, verbose, "User entry");
+ print_entry(db,bio,get_index(db, pp[DB_srpgN],'I'),verbose,"g N entry") ;
+ }
+
+ }
+ }
+
+int update_index(CA_DB *db, BIO * bio, char ** row)
+ {
+ char ** irow;
+ int i;
+
+ if ((irow=(char **)OPENSSL_malloc(sizeof(char *)*(DB_NUMBER+1))) == NULL)
+ {
+ BIO_printf(bio_err,"Memory allocation failure\n");
+ return 0;
+ }
+
+ for (i=0; i<DB_NUMBER; i++)
+ {
+ irow[i]=row[i];
+ row[i]=NULL;
+ }
+ irow[DB_NUMBER]=NULL;
+
+ if (!TXT_DB_insert(db->db,irow))
+ {
+ BIO_printf(bio,"failed to update srpvfile\n");
+ BIO_printf(bio,"TXT_DB error number %ld\n",db->db->error);
+ OPENSSL_free(irow);
+ return 0;
+ }
+ return 1;
+ }
+
+static void lookup_fail(char *name, char *tag)
+ {
+ BIO_printf(bio_err,"variable lookup failed for %s::%s\n",name,tag);
+ }
+
+
+char * srp_verify_user(char * user,char * srp_verifier, char * srp_usersalt,char * g, char * N, char * passin, BIO *bio, int verbose)
+ {
+ char password[1024];
+ PW_CB_DATA cb_tmp;
+ char *verifier = NULL;
+ char *gNid = NULL;
+ cb_tmp.prompt_info = user;
+ cb_tmp.password = passin;
+
+ if (password_callback(password,1024,0,&cb_tmp) >0)
+ {
+ VERBOSE BIO_printf(bio,"Validating\n user=\"%s\"\n srp_verifier=\"%s\"\n srp_usersalt=\"%s\"\n g=\"%s\"\n N=\"%s\"\n",user,srp_verifier,srp_usersalt,g,N);
+BIO_printf(bio,"Pass %s\n",password);
+
+ if (!(gNid=SRP_create_verifier(user, password, &srp_usersalt, &verifier, N, g)))
+ {
+ BIO_printf(bio,"Internal error validating SRP verifier\n");
+ }
+ else
+ {
+ if (strcmp(verifier,srp_verifier))
+ gNid = NULL;
+ OPENSSL_free(verifier);
+ }
+ }
+ return gNid;
+ }
+
+char * srp_create_user(char * user,char **srp_verifier, char **srp_usersalt,char *g, char *N, char *passout, BIO *bio, int verbose)
+ {
+ char password[1024];
+ PW_CB_DATA cb_tmp;
+ char *gNid = NULL;
+ char *salt = NULL;
+ cb_tmp.prompt_info = user;
+ cb_tmp.password = passout;
+
+ if (password_callback(password,1024,1,&cb_tmp) >0)
+ {
+ VERBOSE BIO_printf(bio,"Creating\n user=\"%s\"\n g=\"%s\"\n N=\"%s\"\n",user,g,N);
+ if (!(gNid =SRP_create_verifier(user, password, &salt, srp_verifier, N, g)))
+ {
+ BIO_printf(bio,"Internal error creating SRP verifier\n");
+ }
+ else
+ *srp_usersalt = salt;
+ VVERBOSE BIO_printf(bio,"gNid=%s salt =\"%s\"\n verifier =\"%s\"\n", gNid,salt, *srp_verifier);
+
+ }
+ return gNid;
+ }
+
+int MAIN(int argc, char **argv)
+ {
+#ifndef OPENSSL_NO_ENGINE
+ ENGINE *e = NULL;
+#endif
+ int add_user = 0;
+ int list_user= 0;
+ int delete_user= 0;
+ int modify_user= 0;
+ char * user = NULL;
+
+ char *passargin = NULL, *passargout = NULL;
+ char *passin = NULL, *passout = NULL;
+ char * gN = NULL;
+ int gNindex = -1;
+ char ** gNrow = NULL;
+ int maxgN = -1;
+
+ char * userinfo = NULL;
+
+ int badops=0;
+ int ret=1;
+ int errors=0;
+ int verbose=0;
+ int doupdatedb=0;
+ char *configfile=NULL;
+ char *dbfile=NULL;
+ CA_DB *db=NULL;
+ char **pp ;
+ int i;
+ long errorline = -1;
+ char *randfile=NULL;
+#ifndef OPENSSL_NO_ENGINE
+ char *engine = NULL;
+#endif
+ char *tofree=NULL;
+ DB_ATTR db_attr;
+
+#ifdef EFENCE
+EF_PROTECT_FREE=1;
+EF_PROTECT_BELOW=1;
+EF_ALIGNMENT=0;
+#endif
+
+ apps_startup();
+
+ conf = NULL;
+ section = NULL;
+
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+
+ argc--;
+ argv++;
+ while (argc >= 1 && badops == 0)
+ {
+ if (strcmp(*argv,"-verbose") == 0)
+ verbose++;
+ else if (strcmp(*argv,"-config") == 0)
+ {
+ if (--argc < 1) goto bad;
+ configfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-name") == 0)
+ {
+ if (--argc < 1) goto bad;
+ section= *(++argv);
+ }
+ else if (strcmp(*argv,"-srpvfile") == 0)
+ {
+ if (--argc < 1) goto bad;
+ dbfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-add") == 0)
+ add_user=1;
+ else if (strcmp(*argv,"-delete") == 0)
+ delete_user=1;
+ else if (strcmp(*argv,"-modify") == 0)
+ modify_user=1;
+ else if (strcmp(*argv,"-list") == 0)
+ list_user=1;
+ else if (strcmp(*argv,"-gn") == 0)
+ {
+ if (--argc < 1) goto bad;
+ gN= *(++argv);
+ }
+ else if (strcmp(*argv,"-userinfo") == 0)
+ {
+ if (--argc < 1) goto bad;
+ userinfo= *(++argv);
+ }
+ else if (strcmp(*argv,"-passin") == 0)
+ {
+ if (--argc < 1) goto bad;
+ passargin= *(++argv);
+ }
+ else if (strcmp(*argv,"-passout") == 0)
+ {
+ if (--argc < 1) goto bad;
+ passargout= *(++argv);
+ }
+#ifndef OPENSSL_NO_ENGINE
+ else if (strcmp(*argv,"-engine") == 0)
+ {
+ if (--argc < 1) goto bad;
+ engine= *(++argv);
+ }
+#endif
+
+ else if (**argv == '-')
+ {
+bad:
+ BIO_printf(bio_err,"unknown option %s\n",*argv);
+ badops=1;
+ break;
+ }
+ else
+ break;
+
+ argc--;
+ argv++;
+ }
+
+ if (dbfile && configfile)
+ {
+ BIO_printf(bio_err,"-dbfile and -configfile cannot be specified together.\n");
+ badops = 1;
+ }
+ if (add_user+delete_user+modify_user+list_user != 1)
+ {
+ BIO_printf(bio_err,"Exactly one of the options -add, -delete, -modify -list must be specified.\n");
+ badops = 1;
+ }
+ if (delete_user+modify_user+delete_user== 1 && argc <= 0)
+ {
+ BIO_printf(bio_err,"Need at least one user for options -add, -delete, -modify. \n");
+ badops = 1;
+ }
+ if ((passin || passout) && argc != 1 )
+ {
+ BIO_printf(bio_err,"-passin, -passout arguments only valid with one user.\n");
+ badops = 1;
+ }
+
+ if (badops)
+ {
+ for (pp=srp_usage; (*pp != NULL); pp++)
+ BIO_printf(bio_err,"%s",*pp);
+
+ BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
+ BIO_printf(bio_err," load the file (or the files in the directory) into\n");
+ BIO_printf(bio_err," the random number generator\n");
+ goto err;
+ }
+
+ ERR_load_crypto_strings();
+
+#ifndef OPENSSL_NO_ENGINE
+ e = setup_engine(bio_err, engine, 0);
+#endif
+
+ if(!app_passwd(bio_err, passargin, passargout, &passin, &passout))
+ {
+ BIO_printf(bio_err, "Error getting passwords\n");
+ goto err;
+ }
+
+ if (!dbfile)
+ {
+
+
+ /*****************************************************************/
+ tofree=NULL;
+ if (configfile == NULL) configfile = getenv("OPENSSL_CONF");
+ if (configfile == NULL) configfile = getenv("SSLEAY_CONF");
+ if (configfile == NULL)
+ {
+ const char *s=X509_get_default_cert_area();
+ size_t len;
+
+#ifdef OPENSSL_SYS_VMS
+ len = strlen(s)+sizeof(CONFIG_FILE);
+ tofree=OPENSSL_malloc(len);
+ strcpy(tofree,s);
+#else
+ len = strlen(s)+sizeof(CONFIG_FILE)+1;
+ tofree=OPENSSL_malloc(len);
+ BUF_strlcpy(tofree,s,len);
+ BUF_strlcat(tofree,"/",len);
+#endif
+ BUF_strlcat(tofree,CONFIG_FILE,len);
+ configfile=tofree;
+ }
+
+ VERBOSE BIO_printf(bio_err,"Using configuration from %s\n",configfile);
+ conf = NCONF_new(NULL);
+ if (NCONF_load(conf,configfile,&errorline) <= 0)
+ {
+ if (errorline <= 0)
+ BIO_printf(bio_err,"error loading the config file '%s'\n",
+ configfile);
+ else
+ BIO_printf(bio_err,"error on line %ld of config file '%s'\n"
+ ,errorline,configfile);
+ goto err;
+ }
+ if(tofree)
+ {
+ OPENSSL_free(tofree);
+ tofree = NULL;
+ }
+
+ if (!load_config(bio_err, conf))
+ goto err;
+
+ /* Lets get the config section we are using */
+ if (section == NULL)
+ {
+ VERBOSE BIO_printf(bio_err,"trying to read " ENV_DEFAULT_SRP " in \" BASE_SECTION \"\n");
+
+ section=NCONF_get_string(conf,BASE_SECTION,ENV_DEFAULT_SRP);
+ if (section == NULL)
+ {
+ lookup_fail(BASE_SECTION,ENV_DEFAULT_SRP);
+ goto err;
+ }
+ }
+
+ if (randfile == NULL && conf)
+ randfile = NCONF_get_string(conf, BASE_SECTION, "RANDFILE");
+
+
+ VERBOSE BIO_printf(bio_err,"trying to read " ENV_DATABASE " in section \"%s\"\n",section);
+
+ if ((dbfile=NCONF_get_string(conf,section,ENV_DATABASE)) == NULL)
+ {
+ lookup_fail(section,ENV_DATABASE);
+ goto err;
+ }
+
+ }
+ if (randfile == NULL)
+ ERR_clear_error();
+ else
+ app_RAND_load_file(randfile, bio_err, 0);
+
+ VERBOSE BIO_printf(bio_err,"Trying to read SRP verifier file \"%s\"\n",dbfile);
+
+ db = load_index(dbfile, &db_attr);
+ if (db == NULL) goto err;
+
+ /* Lets check some fields */
+ for (i=0; i<sk_num(db->db->data); i++)
+ {
+ pp=(char **)sk_value(db->db->data,i);
+
+ if (pp[DB_srptype][0] == DB_SRP_INDEX)
+ {
+ maxgN = i;
+ if (gNindex < 0 && gN != NULL && !strcmp(gN,pp[DB_srpid]))
+ gNindex = i;
+
+ print_index(db,bio_err,i,verbose>1) ;
+ }
+ }
+
+ VERBOSE BIO_printf(bio_err,"Database initialised\n");
+
+ if (gNindex >= 0)
+ {
+ gNrow=(char **)sk_value(db->db->data,gNindex);
+ print_entry(db,bio_err,gNindex,verbose>1,"Default g and N") ;
+ }
+ else if (maxgN > 0 && !SRP_get_default_gN(gN))
+ {
+ BIO_printf(bio_err,"No g and N value for index \"%s\"\n",gN);
+ goto err;
+ }
+ else
+ {
+ VERBOSE BIO_printf(bio_err,"Database has no g N information.\n");
+ gNrow = NULL;
+ }
+
+
+ VVERBOSE BIO_printf(bio_err,"Starting user processing\n");
+
+ if (argc > 0)
+ user = *(argv++) ;
+
+ while (list_user || user)
+ {
+ int userindex = -1;
+ if (user)
+ VVERBOSE BIO_printf(bio_err,"Processing user \"%s\"\n",user);
+ if ((userindex = get_index(db, user, 'U')) >= 0)
+ {
+ print_user(db,bio_err,userindex,(verbose >0) || list_user) ;
+ }
+
+ if (list_user)
+ {
+ if (user == NULL)
+ {
+ BIO_printf(bio_err,"List all users\n");
+
+ for (i=0; i<sk_num(db->db->data); i++)
+ {
+ print_user(db,bio_err,i,1) ;
+ }
+ list_user = 0;
+ }
+ else if (userindex < 0)
+ {
+ BIO_printf(bio_err,"user \"%s\" does not exist, ignored. t\n",user);
+ errors++;
+ }
+ }
+ else if (add_user)
+ {
+ if (userindex>=0)
+ {
+ /* reactivation of a new user */
+ char ** row= (char **)sk_value(db->db->data,userindex);
+ BIO_printf(bio_err,"user \"%s\" reactivated.\n",user);
+ row[DB_srptype][0] = 'V' ;
+
+ doupdatedb = 1;
+ }
+ else
+ {
+ char *row[DB_NUMBER] ; char * gNid;
+ row[DB_srpverifier] = NULL;
+ row[DB_srpsalt] = NULL;
+ row[DB_srpinfo] = NULL;
+ if (!(gNid = srp_create_user(user,&(row[DB_srpverifier]), &(row[DB_srpsalt]),gNrow?gNrow[DB_srpsalt]:gN,gNrow?gNrow[DB_srpverifier]:NULL, passout, bio_err,verbose)))
+ {
+ BIO_printf(bio_err,"Cannot create srp verifier for user \"%s\", operation abandoned .\n",user);
+ errors++ ;
+ goto err;
+ }
+ row[DB_srpid] = BUF_strdup(user);
+ row[DB_srptype] = BUF_strdup("v");
+ row[DB_srpgN] = BUF_strdup(gNid);
+
+ if (!row[DB_srpid] || !row[DB_srpgN] || !row[DB_srptype] || !row[DB_srpverifier] || !row[DB_srpsalt] ||
+ (userinfo && (!(row[DB_srpinfo] = BUF_strdup(userinfo)))) ||
+ !update_index(db, bio_err, row))
+ {
+ if (row[DB_srpid]) OPENSSL_free(row[DB_srpid]);
+ if (row[DB_srpgN]) OPENSSL_free(row[DB_srpgN]);
+ if (row[DB_srpinfo]) OPENSSL_free(row[DB_srpinfo]);
+ if (row[DB_srptype]) OPENSSL_free(row[DB_srptype]);
+ if (row[DB_srpverifier]) OPENSSL_free(row[DB_srpverifier]);
+ if (row[DB_srpsalt]) OPENSSL_free(row[DB_srpsalt]);
+ goto err;
+ }
+ doupdatedb = 1;
+ }
+ }
+ else if (modify_user)
+ {
+ if (userindex<0)
+ {
+ BIO_printf(bio_err,"user \"%s\" does not exist, operation ignored.\n",user);
+ errors++ ;
+ }
+ else
+ {
+
+ char ** row=(char **)sk_value(db->db->data,userindex);
+ char type = row[DB_srptype][0] ;
+ if (type == 'v')
+ {
+ BIO_printf(bio_err,"user \"%s\" already updated, operation ignored.\n",user);
+ errors++ ;
+ }
+ else
+ {
+ char * gNid ;
+
+ if (row[DB_srptype][0] == 'V')
+ {
+ int user_gN ;
+ char ** irow = NULL;
+ VERBOSE BIO_printf(bio_err,"Verifying password for user \"%s\"\n",user);
+ if ( (user_gN = get_index(db, row[DB_srpgN],DB_SRP_INDEX)) >= 0)
+ irow=(char **)sk_value(db->db->data,userindex);
+
+ if (!srp_verify_user(user,row[DB_srpverifier], row[DB_srpsalt],irow?irow[DB_srpsalt]:row[DB_srpgN], irow?irow[DB_srpverifier]:NULL, passin, bio_err,verbose))
+ {
+ BIO_printf(bio_err,"Invalid password for user \"%s\", operation abandoned.\n",user);
+ errors++ ;
+ goto err;
+ }
+ }
+ VERBOSE BIO_printf(bio_err,"Password for user \"%s\" ok.\n",user);
+
+ if (!(gNid=srp_create_user(user,&(row[DB_srpverifier]), &(row[DB_srpsalt]),gNrow?gNrow[DB_srpsalt]:NULL, gNrow?gNrow[DB_srpverifier]:NULL, passout, bio_err,verbose)))
+ {
+ BIO_printf(bio_err,"Cannot create srp verifier for user \"%s\", operation abandonned .\n");
+ errors++ ;
+ goto err;
+ }
+
+ row[DB_srptype][0] = 'v';
+ row[DB_srpgN] = BUF_strdup(gNid);
+
+ if (!row[DB_srpid] || !row[DB_srpgN] || !row[DB_srptype] || !row[DB_srpverifier] || !row[DB_srpsalt] ||
+ (userinfo && (!(row[DB_srpinfo] = BUF_strdup(userinfo)))))
+ goto err;
+
+ doupdatedb = 1;
+ }
+ }
+ }
+ else if (delete_user)
+ {
+ if (userindex<0)
+ {
+ BIO_printf(bio_err,"user \"%s\" does not exist, operation ignored. t\n",user);
+ errors++;
+ }
+ else
+ {
+ char ** pp= (char **)sk_value(db->db->data,userindex);
+ BIO_printf(bio_err,"user \"%s\" revoked. t\n",user);
+
+ pp[DB_srptype][0] = 'R' ;
+
+ doupdatedb = 1;
+ }
+ }
+ if (--argc > 0)
+ user = *(argv++) ;
+ else
+ {
+ user = NULL;
+ list_user = 0;
+ }
+ }
+
+ VERBOSE BIO_printf(bio_err,"User procession done.\n");
+
+
+ if (doupdatedb)
+ {
+ /* Lets check some fields */
+ for (i=0; i<sk_num(db->db->data); i++)
+ {
+ pp=(char **)sk_value(db->db->data,i);
+
+ if (pp[DB_srptype][0] == 'v')
+ {
+ pp[DB_srptype][0] = 'V';
+ print_user(db,bio_err,i,verbose) ;
+ }
+ }
+
+ VERBOSE BIO_printf(bio_err,"Trying to update srpvfile.\n");
+ if (!save_index(dbfile,"new",db)) goto err;
+
+ VERBOSE BIO_printf(bio_err,"Temporary srpvfile created.\n");
+ if (!rotate_index(dbfile,"new","old")) goto err;
+
+ VERBOSE BIO_printf(bio_err,"srpvfile updated.\n");
+ }
+
+ ret = (errors != 0);
+err:
+ if (errors != 0)
+ VERBOSE BIO_printf(bio_err,"User errors %d.\n",errors);
+
+ VERBOSE BIO_printf(bio_err,"SRP terminating with code %d.\n",ret);
+ if(tofree)
+ OPENSSL_free(tofree);
+ if (ret) ERR_print_errors(bio_err);
+ if (randfile) app_RAND_write_file(randfile, bio_err);
+ if (conf) NCONF_free(conf);
+ if (db) free_index(db);
+
+ OBJ_cleanup();
+ apps_shutdown();
+ OPENSSL_EXIT(ret);
+ }
+
+
+
+#endif
+
diff -ruN openssl-SNAP-20091218-orig/apps/s_server.c openssl-SNAP-20091218-srp/apps/s_server.c
--- openssl-SNAP-20091218-orig/apps/s_server.c 2009-12-08 14:00:08.000000000 +0000
+++ openssl-SNAP-20091218-srp/apps/s_server.c 2009-12-18 20:33:29.000000000 +0000
@@ -186,6 +186,9 @@
#ifndef OPENSSL_NO_RSA
#include <openssl/rsa.h>
#endif
+#ifndef OPENSSL_NO_SRP
+#include <openssl/srp.h>
+#endif
#include "s_apps.h"
#include "timeouts.h"

@@ -369,6 +372,39 @@
}
#endif

+#ifndef OPENSSL_NO_SRP
+/* This is a context that we pass to callbacks */
+typedef struct srpsrvparm_st
+ {
+ int verbose;
+ char *login;
+ SRP_VBASE *vb;
+ } srpsrvparm;
+
+static int MS_CALLBACK ssl_srp_server_param_cb(SSL *s, int *ad, void *arg)
+ {
+ srpsrvparm * p = (srpsrvparm *) arg;
+ SRP_user_pwd *user;
+
+ p->login = BUF_strdup(SSL_get_srp_username(s));
+ BIO_printf(bio_err,"SRP username = \"%s\"\n",p->login);
+
+ user = SRP_VBASE_get_by_user(p->vb,p->login);
+ if (user == NULL)
+ {
+ BIO_printf(bio_err, "User %s doesn't exist\n", p->login);
+ return SSL3_AL_FATAL;
+ }
+ if (SSL_set_srp_server_param(s,user->N,user->g,user->s,user->v, user->info)<0)
+ {
+ *ad = SSL_AD_INTERNAL_ERROR;
+ return SSL3_AL_FATAL;
+ }
+ return SSL_ERROR_NONE;
+ }
+
+#endif
+
#ifdef MONOLITH
static void s_server_init(void)
{
@@ -456,6 +492,10 @@
BIO_printf(bio_err," -jpake arg - JPAKE secret to use\n");
# endif
#endif
+#ifndef OPENSSL_NO_SRP
+ BIO_printf(bio_err," -srpvfile file - The verifier file for SRP\n");
+ BIO_printf(bio_err," -srpuserseed string - A seed string for a default user salt.\n");
+#endif
BIO_printf(bio_err," -ssl2 - Just talk SSLv2\n");
BIO_printf(bio_err," -ssl3 - Just talk SSLv3\n");
BIO_printf(bio_err," -tls1_1 - Just talk TLSv1_1\n");
@@ -874,12 +914,21 @@
/* by default do not send a PSK identity hint */
static char *psk_identity_hint=NULL;
#endif
+#ifndef OPENSSL_NO_SRP
+ char * srpuserseed = NULL;
+ char * srp_verifier_file = NULL;
+ srpsrvparm p;
+#endif
#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
meth=SSLv23_server_method();
#elif !defined(OPENSSL_NO_SSL3)
meth=SSLv3_server_method();
#elif !defined(OPENSSL_NO_SSL2)
meth=SSLv2_server_method();
+#elif !defined(OPENSSL_NO_TLS1)
+ meth=TLSv1_server_method();
+#else
+ /* #error no SSL version enabled */
#endif

local_argc=argc;
@@ -1112,6 +1161,20 @@
}
}
#endif
+#ifndef OPENSSL_NO_SRP
+ else if (strcmp(*argv,"-srpvfile") == 0)
+ {
+ if (--argc < 1) goto bad;
+ srp_verifier_file= *(++argv);
+ meth=TLSv1_server_method();
+ }
+ else if (strcmp(*argv,"-srpuserseed") == 0)
+ {
+ if (--argc < 1) goto bad;
+ srpuserseed= *(++argv);
+ meth=TLSv1_server_method();
+ }
+#endif
else if (strcmp(*argv,"-www") == 0)
{ www=1; }
else if (strcmp(*argv,"-WWW") == 0)
@@ -1690,6 +1753,21 @@
}
#endif

+#ifndef OPENSSL_NO_SRP
+ if (srp_verifier_file != NULL)
+ {
+ p.vb = SRP_VBASE_new(srpuserseed);
+ if ((ret = SRP_VBASE_init(p.vb, srp_verifier_file)) != SRP_NO_ERROR)
+ {
+ BIO_printf(bio_err,"Cannot initialize SRP verifier file \"%s\":ret=%d\n",srp_verifier_file,ret);
+ goto end;
+ }
+ SSL_CTX_set_verify(ctx,SSL_VERIFY_NONE,verify_callback);
+ SSL_CTX_set_srp_cb_arg(ctx, &p);
+ SSL_CTX_set_srp_username_callback(ctx, ssl_srp_server_param_cb);
+ }
+ else
+#endif
if (CAfile != NULL)
{
SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(CAfile));
diff -ruN openssl-SNAP-20091218-orig/Configure openssl-SNAP-20091218-srp/Configure
--- openssl-SNAP-20091218-orig/Configure 2009-12-09 16:00:20.000000000 +0000
+++ openssl-SNAP-20091218-srp/Configure 2009-12-18 20:33:29.000000000 +0000
@@ -943,6 +943,12 @@
$disabled{"gost"} = "forced";
}

+# SRP requires TLSEXT
+if (defined($disabled{"tlsext"}))
+ {
+ $disabled{"srp"} = "forced";
+ }
+
if ($target eq "TABLE") {
foreach $target (sort keys %table) {
print_table_entry($target);
diff -ruN openssl-SNAP-20091218-orig/crypto/srp/Makefile openssl-SNAP-20091218-srp/crypto/srp/Makefile
--- openssl-SNAP-20091218-orig/crypto/srp/Makefile 1970-01-01 00:00:00.000000000 +0000
+++ openssl-SNAP-20091218-srp/crypto/srp/Makefile 2009-12-18 20:33:29.000000000 +0000
@@ -0,0 +1,91 @@
+DIR= srp
+TOP= ../..
+CC= cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR= /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE= make -f Makefile.ssl
+MAKEDEPPROG= makedepend
+MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE= Makefile.ssl
+AR= ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=srptest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=srp_lib.c srp_vfy.c
+LIBOBJ=srp_lib.o srp_vfy.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= srp.h
+HEADER= $(EXHEADER)
+
+top:
+ (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all: lib
+
+lib: $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
+ $(RANLIB) $(LIB) || echo Never mind.
+ @touch lib
+
+links:
+ @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+ @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+ @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+ @for i in $(EXHEADER) ; \
+ do \
+ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+ chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+ done;
+
+tags:
+ ctags $(SRC)
+
+tests:
+
+srptest: top srptest.c $(LIB)
+ $(CC) $(CFLAGS) -Wall -Werror -g -o srptest srptest.c $(LIB)
+
+lint:
+ lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+ $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+ $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+ mv -f Makefile.new $(MAKEFILE)
+
+clean:
+ rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+srp_lib.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+srp_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+srp_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+srp_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+srp_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+srp_lib.o: ../../include/openssl/sha.h ../../include/openssl/srp.h
+srp_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+srp_lib.o: ../cryptlib.h srp_grps.h srp_lcl.h srp_lib.c
+srp_vfy.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+srp_vfy.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+srp_vfy.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+srp_vfy.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+srp_vfy.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+srp_vfy.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+srp_vfy.o: ../../include/openssl/sha.h ../../include/openssl/srp.h
+srp_vfy.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+srp_vfy.o: ../../include/openssl/txt_db.h ../cryptlib.h srp_lcl.h srp_vfy.c
diff -ruN openssl-SNAP-20091218-orig/crypto/srp/srp_grps.h openssl-SNAP-20091218-srp/crypto/srp/srp_grps.h
--- openssl-SNAP-20091218-orig/crypto/srp/srp_grps.h 1970-01-01 00:00:00.000000000 +0000
+++ openssl-SNAP-20091218-srp/crypto/srp/srp_grps.h 2009-12-18 20:33:29.000000000 +0000
@@ -0,0 +1,517 @@
+/* start of generated data */
+
+static BN_ULONG bn_group_1024_value[] = {
+ bn_pack4(9FC6,1D2F,C0EB,06E3),
+ bn_pack4(FD51,38FE,8376,435B),
+ bn_pack4(2FD4,CBF4,976E,AA9A),
+ bn_pack4(68ED,BC3C,0572,6CC0),
+ bn_pack4(C529,F566,660E,57EC),
+ bn_pack4(8255,9B29,7BCF,1885),
+ bn_pack4(CE8E,F4AD,69B1,5D49),
+ bn_pack4(5DC7,D7B4,6154,D6B6),
+ bn_pack4(8E49,5C1D,6089,DAD1),
+ bn_pack4(E0D5,D8E2,50B9,8BE4),
+ bn_pack4(383B,4813,D692,C6E0),
+ bn_pack4(D674,DF74,96EA,81D3),
+ bn_pack4(9EA2,314C,9C25,6576),
+ bn_pack4(6072,6187,75FF,3C0B),
+ bn_pack4(9C33,F80A,FA8F,C5E8),
+ bn_pack4(EEAF,0AB9,ADB3,8DD6)
+};
+static BIGNUM bn_group_1024 = {
+ bn_group_1024_value,
+ (sizeof bn_group_1024_value)/sizeof(BN_ULONG),
+ (sizeof bn_group_1024_value)/sizeof(BN_ULONG),
+ 0,
+ BN_FLG_STATIC_DATA
+};
+
+static BN_ULONG bn_group_1536_value[] = {
+ bn_pack4(CF76,E3FE,D135,F9BB),
+ bn_pack4(1518,0F93,499A,234D),
+ bn_pack4(8CE7,A28C,2442,C6F3),
+ bn_pack4(5A02,1FFF,5E91,479E),
+ bn_pack4(7F8A,2FE9,B8B5,292E),
+ bn_pack4(837C,264A,E3A9,BEB8),
+ bn_pack4(E442,734A,F7CC,B7AE),
+ bn_pack4(6577,2E43,7D6C,7F8C),
+ bn_pack4(DB2F,D53D,24B7,C486),
+ bn_pack4(6EDF,0195,3934,9627),
+ bn_pack4(158B,FD3E,2B9C,8CF5),
+ bn_pack4(764E,3F4B,53DD,9DA1),
+ bn_pack4(4754,8381,DBC5,B1FC),
+ bn_pack4(9B60,9E0B,E3BA,B63D),
+ bn_pack4(8134,B1C8,B979,8914),
+ bn_pack4(DF02,8A7C,EC67,F0D0),
+ bn_pack4(80B6,55BB,9A22,E8DC),
+ bn_pack4(1558,903B,A0D0,F843),
+ bn_pack4(51C6,A94B,E460,7A29),
+ bn_pack4(5F4F,5F55,6E27,CBDE),
+ bn_pack4(BEEE,A961,4B19,CC4D),
+ bn_pack4(DBA5,1DF4,99AC,4C80),
+ bn_pack4(B1F1,2A86,17A4,7BBB),
+ bn_pack4(9DEF,3CAF,B939,277A)
+};
+static BIGNUM bn_group_1536 = {
+ bn_group_1536_value,
+ (sizeof bn_group_1536_value)/sizeof(BN_ULONG),
+ (sizeof bn_group_1536_value)/sizeof(BN_ULONG),
+ 0,
+ BN_FLG_STATIC_DATA
+};
+
+static BN_ULONG bn_group_2048_value[] = {
+ bn_pack4(0FA7,111F,9E4A,FF73),
+ bn_pack4(9B65,E372,FCD6,8EF2),
+ bn_pack4(35DE,236D,525F,5475),
+ bn_pack4(94B5,C803,D89F,7AE4),
+ bn_pack4(71AE,35F8,E9DB,FBB6),
+ bn_pack4(2A56,98F3,A8D0,C382),
+ bn_pack4(9CCC,041C,7BC3,08D8),
+ bn_pack4(AF87,4E73,03CE,5329),
+ bn_pack4(6160,2790,04E5,7AE6),
+ bn_pack4(032C,FBDB,F52F,B378),
+ bn_pack4(5EA7,7A27,75D2,ECFA),
+ bn_pack4(5445,23B5,24B0,D57D),
+ bn_pack4(5B9D,32E6,88F8,7748),
+ bn_pack4(F1D2,B907,8717,461A),
+ bn_pack4(76BD,207A,436C,6481),
+ bn_pack4(CA97,B43A,23FB,8016),
+ bn_pack4(1D28,1E44,6B14,773B),
+ bn_pack4(7359,D041,D5C3,3EA7),
+ bn_pack4(A80D,740A,DBF4,FF74),
+ bn_pack4(55F9,7993,EC97,5EEA),
+ bn_pack4(2918,A996,2F0B,93B8),
+ bn_pack4(661A,05FB,D5FA,AAE8),
+ bn_pack4(CF60,9517,9A16,3AB3),
+ bn_pack4(E808,3969,EDB7,67B0),
+ bn_pack4(CD7F,48A9,DA04,FD50),
+ bn_pack4(D523,12AB,4B03,310D),
+ bn_pack4(8193,E075,7767,A13D),
+ bn_pack4(A373,29CB,B4A0,99ED),
+ bn_pack4(FC31,9294,3DB5,6050),
+ bn_pack4(AF72,B665,1987,EE07),
+ bn_pack4(F166,DE5E,1389,582F),
+ bn_pack4(AC6B,DB41,324A,9A9B)
+};
+static BIGNUM bn_group_2048 = {
+ bn_group_2048_value,
+ (sizeof bn_group_2048_value)/sizeof(BN_ULONG),
+ (sizeof bn_group_2048_value)/sizeof(BN_ULONG),
+ 0,
+ BN_FLG_STATIC_DATA
+};
+
+static BN_ULONG bn_group_3072_value[] = {
+ bn_pack4(FFFF,FFFF,FFFF,FFFF),
+ bn_pack4(4B82,D120,A93A,D2CA),
+ bn_pack4(43DB,5BFC,E0FD,108E),
+ bn_pack4(08E2,4FA0,74E5,AB31),
+ bn_pack4(7709,88C0,BAD9,46E2),
+ bn_pack4(BBE1,1757,7A61,5D6C),
+ bn_pack4(521F,2B18,177B,200C),
+ bn_pack4(D876,0273,3EC8,6A64),
+ bn_pack4(F12F,FA06,D98A,0864),
+ bn_pack4(CEE3,D226,1AD2,EE6B),
+ bn_pack4(1E8C,94E0,4A25,619D),
+ bn_pack4(ABF5,AE8C,DB09,33D7),
+ bn_pack4(B397,0F85,A6E1,E4C7),
+ bn_pack4(8AEA,7157,5D06,0C7D),
+ bn_pack4(ECFB,8504,58DB,EF0A),
+ bn_pack4(A855,21AB,DF1C,BA64),
+ bn_pack4(AD33,170D,0450,7A33),
+ bn_pack4(1572,8E5A,8AAA,C42D),
+ bn_pack4(15D2,2618,98FA,0510),
+ bn_pack4(3995,497C,EA95,6AE5),
+ bn_pack4(DE2B,CBF6,9558,1718),
+ bn_pack4(B5C5,5DF0,6F4C,52C9),
+ bn_pack4(9B27,83A2,EC07,A28F),
+ bn_pack4(E39E,772C,180E,8603),
+ bn_pack4(3290,5E46,2E36,CE3B),
+ bn_pack4(F174,6C08,CA18,217C),
+ bn_pack4(670C,354E,4ABC,9804),
+ bn_pack4(9ED5,2907,7096,966D),
+ bn_pack4(1C62,F356,2085,52BB),
+ bn_pack4(8365,5D23,DCA3,AD96),
+ bn_pack4(6916,3FA8,FD24,CF5F),
+ bn_pack4(98DA,4836,1C55,D39A),
+ bn_pack4(C200,7CB8,A163,BF05),
+ bn_pack4(4928,6651,ECE4,5B3D),
+ bn_pack4(AE9F,2411,7C4B,1FE6),
+ bn_pack4(EE38,6BFB,5A89,9FA5),
+ bn_pack4(0BFF,5CB6,F406,B7ED),
+ bn_pack4(F44C,42E9,A637,ED6B),
+ bn_pack4(E485,B576,625E,7EC6),
+ bn_pack4(4FE1,356D,6D51,C245),
+ bn_pack4(302B,0A6D,F25F,1437),
+ bn_pack4(EF95,19B3,CD3A,431B),
+ bn_pack4(514A,0879,8E34,04DD),
+ bn_pack4(020B,BEA6,3B13,9B22),
+ bn_pack4(2902,4E08,8A67,CC74),
+ bn_pack4(C4C6,628B,80DC,1CD1),
+ bn_pack4(C90F,DAA2,2168,C234),
+ bn_pack4(FFFF,FFFF,FFFF,FFFF)
+};
+static BIGNUM bn_group_3072 = {
+ bn_group_3072_value,
+ (sizeof bn_group_3072_value)/sizeof(BN_ULONG),
+ (sizeof bn_group_3072_value)/sizeof(BN_ULONG),
+ 0,
+ BN_FLG_STATIC_DATA
+};
+
+static BN_ULONG bn_group_4096_value[] = {
+ bn_pack4(FFFF,FFFF,FFFF,FFFF),
+ bn_pack4(4DF4,35C9,3406,3199),
+ bn_pack4(86FF,B7DC,90A6,C08F),
+ bn_pack4(93B4,EA98,8D8F,DDC1),
+ bn_pack4(D006,9127,D5B0,5AA9),
+ bn_pack4(B81B,DD76,2170,481C),
+ bn_pack4(1F61,2970,CEE2,D7AF),
+ bn_pack4(233B,A186,515B,E7ED),
+ bn_pack4(99B2,964F,A090,C3A2),
+ bn_pack4(287C,5947,4E6B,C05D),
+ bn_pack4(2E8E,FC14,1FBE,CAA6),
+ bn_pack4(DBBB,C2DB,04DE,8EF9),
+ bn_pack4(2583,E9CA,2AD4,4CE8),
+ bn_pack4(1A94,6834,B615,0BDA),
+ bn_pack4(99C3,2718,6AF4,E23C),
+ bn_pack4(8871,9A10,BDBA,5B26),
+ bn_pack4(1A72,3C12,A787,E6D7),
+ bn_pack4(4B82,D120,A921,0801),
+ bn_pack4(43DB,5BFC,E0FD,108E),
+ bn_pack4(08E2,4FA0,74E5,AB31),
+ bn_pack4(7709,88C0,BAD9,46E2),
+ bn_pack4(BBE1,1757,7A61,5D6C),
+ bn_pack4(521F,2B18,177B,200C),
+ bn_pack4(D876,0273,3EC8,6A64),
+ bn_pack4(F12F,FA06,D98A,0864),
+ bn_pack4(CEE3,D226,1AD2,EE6B),
+ bn_pack4(1E8C,94E0,4A25,619D),
+ bn_pack4(ABF5,AE8C,DB09,33D7),
+ bn_pack4(B397,0F85,A6E1,E4C7),
+ bn_pack4(8AEA,7157,5D06,0C7D),
+ bn_pack4(ECFB,8504,58DB,EF0A),
+ bn_pack4(A855,21AB,DF1C,BA64),
+ bn_pack4(AD33,170D,0450,7A33),
+ bn_pack4(1572,8E5A,8AAA,C42D),
+ bn_pack4(15D2,2618,98FA,0510),
+ bn_pack4(3995,497C,EA95,6AE5),
+ bn_pack4(DE2B,CBF6,9558,1718),
+ bn_pack4(B5C5,5DF0,6F4C,52C9),
+ bn_pack4(9B27,83A2,EC07,A28F),
+ bn_pack4(E39E,772C,180E,8603),
+ bn_pack4(3290,5E46,2E36,CE3B),
+ bn_pack4(F174,6C08,CA18,217C),
+ bn_pack4(670C,354E,4ABC,9804),
+ bn_pack4(9ED5,2907,7096,966D),
+ bn_pack4(1C62,F356,2085,52BB),
+ bn_pack4(8365,5D23,DCA3,AD96),
+ bn_pack4(6916,3FA8,FD24,CF5F),
+ bn_pack4(98DA,4836,1C55,D39A),
+ bn_pack4(C200,7CB8,A163,BF05),
+ bn_pack4(4928,6651,ECE4,5B3D),
+ bn_pack4(AE9F,2411,7C4B,1FE6),
+ bn_pack4(EE38,6BFB,5A89,9FA5),
+ bn_pack4(0BFF,5CB6,F406,B7ED),
+ bn_pack4(F44C,42E9,A637,ED6B),
+ bn_pack4(E485,B576,625E,7EC6),
+ bn_pack4(4FE1,356D,6D51,C245),
+ bn_pack4(302B,0A6D,F25F,1437),
+ bn_pack4(EF95,19B3,CD3A,431B),
+ bn_pack4(514A,0879,8E34,04DD),
+ bn_pack4(020B,BEA6,3B13,9B22),
+ bn_pack4(2902,4E08,8A67,CC74),
+ bn_pack4(C4C6,628B,80DC,1CD1),
+ bn_pack4(C90F,DAA2,2168,C234),
+ bn_pack4(FFFF,FFFF,FFFF,FFFF)
+};
+static BIGNUM bn_group_4096 = {
+ bn_group_4096_value,
+ (sizeof bn_group_4096_value)/sizeof(BN_ULONG),
+ (sizeof bn_group_4096_value)/sizeof(BN_ULONG),
+ 0,
+ BN_FLG_STATIC_DATA
+};
+
+static BN_ULONG bn_group_6144_value[] = {
+ bn_pack4(FFFF,FFFF,FFFF,FFFF),
+ bn_pack4(E694,F91E,6DCC,4024),
+ bn_pack4(12BF,2D5B,0B74,74D6),
+ bn_pack4(043E,8F66,3F48,60EE),
+ bn_pack4(387F,E8D7,6E3C,0468),
+ bn_pack4(DA56,C9EC,2EF2,9632),
+ bn_pack4(EB19,CCB1,A313,D55C),
+ bn_pack4(F550,AA3D,8A1F,BFF0),
+ bn_pack4(06A1,D58B,B7C5,DA76),
+ bn_pack4(A797,15EE,F29B,E328),
+ bn_pack4(14CC,5ED2,0F80,37E0),
+ bn_pack4(CC8F,6D7E,BF48,E1D8),
+ bn_pack4(4BD4,07B2,2B41,54AA),
+ bn_pack4(0F1D,45B7,FF58,5AC5),
+ bn_pack4(23A9,7A7E,36CC,88BE),
+ bn_pack4(59E7,C97F,BEC7,E8F3),
+ bn_pack4(B5A8,4031,900B,1C9E),
+ bn_pack4(D55E,702F,4698,0C82),
+ bn_pack4(F482,D7CE,6E74,FEF6),
+ bn_pack4(F032,EA15,D172,1D03),
+ bn_pack4(5983,CA01,C64B,92EC),
+ bn_pack4(6FB8,F401,378C,D2BF),
+ bn_pack4(3320,5151,2BD7,AF42),
+ bn_pack4(DB7F,1447,E6CC,254B),
+ bn_pack4(44CE,6CBA,CED4,BB1B),
+ bn_pack4(DA3E,DBEB,CF9B,14ED),
+ bn_pack4(1797,27B0,865A,8918),
+ bn_pack4(B06A,53ED,9027,D831),
+ bn_pack4(E5DB,382F,4130,01AE),
+ bn_pack4(F8FF,9406,AD9E,530E),
+ bn_pack4(C975,1E76,3DBA,37BD),
+ bn_pack4(C1D4,DCB2,6026,46DE),
+ bn_pack4(36C3,FAB4,D27C,7026),
+ bn_pack4(4DF4,35C9,3402,8492),
+ bn_pack4(86FF,B7DC,90A6,C08F),
+ bn_pack4(93B4,EA98,8D8F,DDC1),
+ bn_pack4(D006,9127,D5B0,5AA9),
+ bn_pack4(B81B,DD76,2170,481C),
+ bn_pack4(1F61,2970,CEE2,D7AF),
+ bn_pack4(233B,A186,515B,E7ED),
+ bn_pack4(99B2,964F,A090,C3A2),
+ bn_pack4(287C,5947,4E6B,C05D),
+ bn_pack4(2E8E,FC14,1FBE,CAA6),
+ bn_pack4(DBBB,C2DB,04DE,8EF9),
+ bn_pack4(2583,E9CA,2AD4,4CE8),
+ bn_pack4(1A94,6834,B615,0BDA),
+ bn_pack4(99C3,2718,6AF4,E23C),
+ bn_pack4(8871,9A10,BDBA,5B26),
+ bn_pack4(1A72,3C12,A787,E6D7),
+ bn_pack4(4B82,D120,A921,0801),
+ bn_pack4(43DB,5BFC,E0FD,108E),
+ bn_pack4(08E2,4FA0,74E5,AB31),
+ bn_pack4(7709,88C0,BAD9,46E2),
+ bn_pack4(BBE1,1757,7A61,5D6C),
+ bn_pack4(521F,2B18,177B,200C),
+ bn_pack4(D876,0273,3EC8,6A64),
+ bn_pack4(F12F,FA06,D98A,0864),
+ bn_pack4(CEE3,D226,1AD2,EE6B),
+ bn_pack4(1E8C,94E0,4A25,619D),
+ bn_pack4(ABF5,AE8C,DB09,33D7),
+ bn_pack4(B397,0F85,A6E1,E4C7),
+ bn_pack4(8AEA,7157,5D06,0C7D),
+ bn_pack4(ECFB,8504,58DB,EF0A),
+ bn_pack4(A855,21AB,DF1C,BA64),
+ bn_pack4(AD33,170D,0450,7A33),
+ bn_pack4(1572,8E5A,8AAA,C42D),
+ bn_pack4(15D2,2618,98FA,0510),
+ bn_pack4(3995,497C,EA95,6AE5),
+ bn_pack4(DE2B,CBF6,9558,1718),
+ bn_pack4(B5C5,5DF0,6F4C,52C9),
+ bn_pack4(9B27,83A2,EC07,A28F),
+ bn_pack4(E39E,772C,180E,8603),
+ bn_pack4(3290,5E46,2E36,CE3B),
+ bn_pack4(F174,6C08,CA18,217C),
+ bn_pack4(670C,354E,4ABC,9804),
+ bn_pack4(9ED5,2907,7096,966D),
+ bn_pack4(1C62,F356,2085,52BB),
+ bn_pack4(8365,5D23,DCA3,AD96),
+ bn_pack4(6916,3FA8,FD24,CF5F),
+ bn_pack4(98DA,4836,1C55,D39A),
+ bn_pack4(C200,7CB8,A163,BF05),
+ bn_pack4(4928,6651,ECE4,5B3D),
+ bn_pack4(AE9F,2411,7C4B,1FE6),
+ bn_pack4(EE38,6BFB,5A89,9FA5),
+ bn_pack4(0BFF,5CB6,F406,B7ED),
+ bn_pack4(F44C,42E9,A637,ED6B),
+ bn_pack4(E485,B576,625E,7EC6),
+ bn_pack4(4FE1,356D,6D51,C245),
+ bn_pack4(302B,0A6D,F25F,1437),
+ bn_pack4(EF95,19B3,CD3A,431B),
+ bn_pack4(514A,0879,8E34,04DD),
+ bn_pack4(020B,BEA6,3B13,9B22),
+ bn_pack4(2902,4E08,8A67,CC74),
+ bn_pack4(C4C6,628B,80DC,1CD1),
+ bn_pack4(C90F,DAA2,2168,C234),
+ bn_pack4(FFFF,FFFF,FFFF,FFFF)
+};
+static BIGNUM bn_group_6144 = {
+ bn_group_6144_value,
+ (sizeof bn_group_6144_value)/sizeof(BN_ULONG),
+ (sizeof bn_group_6144_value)/sizeof(BN_ULONG),
+ 0,
+ BN_FLG_STATIC_DATA
+};
+
+static BN_ULONG bn_group_8192_value[] = {
+ bn_pack4(FFFF,FFFF,FFFF,FFFF),
+ bn_pack4(60C9,80DD,98ED,D3DF),
+ bn_pack4(C81F,56E8,80B9,6E71),
+ bn_pack4(9E30,50E2,7656,94DF),
+ bn_pack4(9558,E447,5677,E9AA),
+ bn_pack4(C919,0DA6,FC02,6E47),
+ bn_pack4(889A,002E,D5EE,382B),
+ bn_pack4(4009,438B,481C,6CD7),
+ bn_pack4(3590,46F4,EB87,9F92),
+ bn_pack4(FAF3,6BC3,1ECF,A268),
+ bn_pack4(B1D5,10BD,7EE7,4D73),
+ bn_pack4(F9AB,4819,5DED,7EA1),
+ bn_pack4(64F3,1CC5,0846,851D),
+ bn_pack4(4597,E899,A025,5DC1),
+ bn_pack4(DF31,0EE0,74AB,6A36),
+ bn_pack4(6D2A,13F8,3F44,F82D),
+ bn_pack4(062B,3CF5,B3A2,78A6),
+ bn_pack4(7968,3303,ED5B,DD3A),
+ bn_pack4(FA9D,4B7F,A2C0,87E8),
+ bn_pack4(4BCB,C886,2F83,85DD),
+ bn_pack4(3473,FC64,6CEA,306B),
+ bn_pack4(13EB,57A8,1A23,F0C7),
+ bn_pack4(2222,2E04,A403,7C07),
+ bn_pack4(E3FD,B8BE,FC84,8AD9),
+ bn_pack4(238F,16CB,E39D,652D),
+ bn_pack4(3423,B474,2BF1,C978),
+ bn_pack4(3AAB,639C,5AE4,F568),
+ bn_pack4(2576,F693,6BA4,2466),
+ bn_pack4(741F,A7BF,8AFC,47ED),
+ bn_pack4(3BC8,32B6,8D9D,D300),
+ bn_pack4(D8BE,C4D0,73B9,31BA),
+ bn_pack4(3877,7CB6,A932,DF8C),
+ bn_pack4(74A3,926F,12FE,E5E4),
+ bn_pack4(E694,F91E,6DBE,1159),
+ bn_pack4(12BF,2D5B,0B74,74D6),
+ bn_pack4(043E,8F66,3F48,60EE),
+ bn_pack4(387F,E8D7,6E3C,0468),
+ bn_pack4(DA56,C9EC,2EF2,9632),
+ bn_pack4(EB19,CCB1,A313,D55C),
+ bn_pack4(F550,AA3D,8A1F,BFF0),
+ bn_pack4(06A1,D58B,B7C5,DA76),
+ bn_pack4(A797,15EE,F29B,E328),
+ bn_pack4(14CC,5ED2,0F80,37E0),
+ bn_pack4(CC8F,6D7E,BF48,E1D8),
+ bn_pack4(4BD4,07B2,2B41,54AA),
+ bn_pack4(0F1D,45B7,FF58,5AC5),
+ bn_pack4(23A9,7A7E,36CC,88BE),
+ bn_pack4(59E7,C97F,BEC7,E8F3),
+ bn_pack4(B5A8,4031,900B,1C9E),
+ bn_pack4(D55E,702F,4698,0C82),
+ bn_pack4(F482,D7CE,6E74,FEF6),
+ bn_pack4(F032,EA15,D172,1D03),
+ bn_pack4(5983,CA01,C64B,92EC),
+ bn_pack4(6FB8,F401,378C,D2BF),
+ bn_pack4(3320,5151,2BD7,AF42),
+ bn_pack4(DB7F,1447,E6CC,254B),
+ bn_pack4(44CE,6CBA,CED4,BB1B),
+ bn_pack4(DA3E,DBEB,CF9B,14ED),
+ bn_pack4(1797,27B0,865A,8918),
+ bn_pack4(B06A,53ED,9027,D831),
+ bn_pack4(E5DB,382F,4130,01AE),
+ bn_pack4(F8FF,9406,AD9E,530E),
+ bn_pack4(C975,1E76,3DBA,37BD),
+ bn_pack4(C1D4,DCB2,6026,46DE),
+ bn_pack4(36C3,FAB4,D27C,7026),
+ bn_pack4(4DF4,35C9,3402,8492),
+ bn_pack4(86FF,B7DC,90A6,C08F),
+ bn_pack4(93B4,EA98,8D8F,DDC1),
+ bn_pack4(D006,9127,D5B0,5AA9),
+ bn_pack4(B81B,DD76,2170,481C),
+ bn_pack4(1F61,2970,CEE2,D7AF),
+ bn_pack4(233B,A186,515B,E7ED),
+ bn_pack4(99B2,964F,A090,C3A2),
+ bn_pack4(287C,5947,4E6B,C05D),
+ bn_pack4(2E8E,FC14,1FBE,CAA6),
+ bn_pack4(DBBB,C2DB,04DE,8EF9),
+ bn_pack4(2583,E9CA,2AD4,4CE8),
+ bn_pack4(1A94,6834,B615,0BDA),
+ bn_pack4(99C3,2718,6AF4,E23C),
+ bn_pack4(8871,9A10,BDBA,5B26),
+ bn_pack4(1A72,3C12,A787,E6D7),
+ bn_pack4(4B82,D120,A921,0801),
+ bn_pack4(43DB,5BFC,E0FD,108E),
+ bn_pack4(08E2,4FA0,74E5,AB31),
+ bn_pack4(7709,88C0,BAD9,46E2),
+ bn_pack4(BBE1,1757,7A61,5D6C),
+ bn_pack4(521F,2B18,177B,200C),
+ bn_pack4(D876,0273,3EC8,6A64),
+ bn_pack4(F12F,FA06,D98A,0864),
+ bn_pack4(CEE3,D226,1AD2,EE6B),
+ bn_pack4(1E8C,94E0,4A25,619D),
+ bn_pack4(ABF5,AE8C,DB09,33D7),
+ bn_pack4(B397,0F85,A6E1,E4C7),
+ bn_pack4(8AEA,7157,5D06,0C7D),
+ bn_pack4(ECFB,8504,58DB,EF0A),
+ bn_pack4(A855,21AB,DF1C,BA64),
+ bn_pack4(AD33,170D,0450,7A33),
+ bn_pack4(1572,8E5A,8AAA,C42D),
+ bn_pack4(15D2,2618,98FA,0510),
+ bn_pack4(3995,497C,EA95,6AE5),
+ bn_pack4(DE2B,CBF6,9558,1718),
+ bn_pack4(B5C5,5DF0,6F4C,52C9),
+ bn_pack4(9B27,83A2,EC07,A28F),
+ bn_pack4(E39E,772C,180E,8603),
+ bn_pack4(3290,5E46,2E36,CE3B),
+ bn_pack4(F174,6C08,CA18,217C),
+ bn_pack4(670C,354E,4ABC,9804),
+ bn_pack4(9ED5,2907,7096,966D),
+ bn_pack4(1C62,F356,2085,52BB),
+ bn_pack4(8365,5D23,DCA3,AD96),
+ bn_pack4(6916,3FA8,FD24,CF5F),
+ bn_pack4(98DA,4836,1C55,D39A),
+ bn_pack4(C200,7CB8,A163,BF05),
+ bn_pack4(4928,6651,ECE4,5B3D),
+ bn_pack4(AE9F,2411,7C4B,1FE6),
+ bn_pack4(EE38,6BFB,5A89,9FA5),
+ bn_pack4(0BFF,5CB6,F406,B7ED),
+ bn_pack4(F44C,42E9,A637,ED6B),
+ bn_pack4(E485,B576,625E,7EC6),
+ bn_pack4(4FE1,356D,6D51,C245),
+ bn_pack4(302B,0A6D,F25F,1437),
+ bn_pack4(EF95,19B3,CD3A,431B),
+ bn_pack4(514A,0879,8E34,04DD),
+ bn_pack4(020B,BEA6,3B13,9B22),
+ bn_pack4(2902,4E08,8A67,CC74),
+ bn_pack4(C4C6,628B,80DC,1CD1),
+ bn_pack4(C90F,DAA2,2168,C234),
+ bn_pack4(FFFF,FFFF,FFFF,FFFF)
+};
+static BIGNUM bn_group_8192 = {
+ bn_group_8192_value,
+ (sizeof bn_group_8192_value)/sizeof(BN_ULONG),
+ (sizeof bn_group_8192_value)/sizeof(BN_ULONG),
+ 0,
+ BN_FLG_STATIC_DATA
+};
+
+static BN_ULONG bn_generator_19_value[] = {19} ;
+static BIGNUM bn_generator_19 = {
+ bn_generator_19_value,
+ 1,
+ 1,
+ 0,
+ BN_FLG_STATIC_DATA
+};
+static BN_ULONG bn_generator_5_value[] = {5} ;
+static BIGNUM bn_generator_5 = {
+ bn_generator_5_value,
+ 1,
+ 1,
+ 0,
+ BN_FLG_STATIC_DATA
+};
+static BN_ULONG bn_generator_2_value[] = {2} ;
+static BIGNUM bn_generator_2 = {
+ bn_generator_2_value,
+ 1,
+ 1,
+ 0,
+ BN_FLG_STATIC_DATA
+};
+
+static SRP_gN knowngN[] = {
+ {"8192",&bn_generator_19 , &bn_group_8192},
+ {"6144",&bn_generator_5 , &bn_group_6144},
+ {"4096",&bn_generator_5 , &bn_group_4096},
+ {"3072",&bn_generator_5 , &bn_group_3072},
+ {"2048",&bn_generator_2 , &bn_group_2048},
+ {"1536",&bn_generator_2 , &bn_group_1536},
+ {"1024",&bn_generator_2 , &bn_group_1024},
+};
+#define KNOWN_GN_NUMBER sizeof(knowngN) / sizeof(SRP_gN)
+
+/* end of generated data */
diff -ruN openssl-SNAP-20091218-orig/crypto/srp/srp.h openssl-SNAP-20091218-srp/crypto/srp/srp.h
--- openssl-SNAP-20091218-orig/crypto/srp/srp.h 1970-01-01 00:00:00.000000000 +0000
+++ openssl-SNAP-20091218-srp/crypto/srp/srp.h 2009-12-18 20:33:29.000000000 +0000
@@ -0,0 +1,171 @@
+/* crypto/srp/srp.h */
+/* Written by Christophe Renou (christophe.renou@...) with
+ * the precious help of Peter Sylvester (peter.sylvester@...)
+ * for the EdelKey project and contributed to the OpenSSL project 2004.
+ */
+/* ====================================================================
+ * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@....
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@...). This product includes software written by Tim
+ * Hudson (tjh@...).
+ *
+ */
+#ifndef __SRP_H__
+#define __SRP_H__
+
+#ifndef OPENSSL_NO_SRP
+
+#include <stdio.h>
+#include <string.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include <openssl/safestack.h>
+#include <openssl/bn.h>
+#include <openssl/crypto.h>
+
+typedef struct SRP_gN_cache_st
+ {
+ char *b64_bn;
+ BIGNUM *bn;
+ } SRP_gN_cache;
+
+
+DECLARE_STACK_OF(SRP_gN_cache);
+
+typedef struct SRP_user_pwd_st
+ {
+ char *id;
+ BIGNUM *s;
+ BIGNUM *v;
+ BIGNUM *g;
+ BIGNUM *N;
+ char *info;
+ } SRP_user_pwd;
+
+DECLARE_STACK_OF(SRP_user_pwd);
+
+typedef struct SRP_VBASE_st
+ {
+ STACK_OF(SRP_user_pwd) *users_pwd;
+ STACK_OF(SRP_gN_cache) *gN_cache;
+/* to simulate a user */
+ char *seed_key;
+ BIGNUM *default_g;
+ BIGNUM *default_N;
+ } SRP_VBASE;
+
+
+/*Structure interne pour retenir les couples N et g*/
+typedef struct SRP_gN_st
+ {
+ char *id;
+ BIGNUM *g;
+ BIGNUM *N;
+ } SRP_gN;
+
+DECLARE_STACK_OF(SRP_gN);
+
+SRP_VBASE *SRP_VBASE_new(char *seed_key);
+int SRP_VBASE_free(SRP_VBASE *vb);
+int SRP_VBASE_init(SRP_VBASE *vb, char * verifier_file);
+SRP_user_pwd *SRP_VBASE_get_by_user(SRP_VBASE *vb, char *username);
+char * SRP_create_verifier(const char *user, const char *pass, char **salt, char **verifier, char *N, char *g);
+int SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt, BIGNUM **verifier, BIGNUM *N, BIGNUM *g);
+
+
+#define SRP_NO_ERROR 0
+#define SRP_ERR_VBASE_INCOMPLETE_FILE 1
+#define SRP_ERR_VBASE_BN_LIB 2
+#define SRP_ERR_OPEN_FILE 3
+#define SRP_ERR_MEMORY 4
+
+#define DB_srptype 0
+#define DB_srpverifier 1
+#define DB_srpsalt 2
+#define DB_srpid 3
+#define DB_srpgN 4
+#define DB_srpinfo 5
+#undef DB_NUMBER
+#define DB_NUMBER 6
+
+#define DB_SRP_INDEX 'I'
+#define DB_SRP_VALID 'V'
+#define DB_SRP_REVOKED 'R'
+#define DB_SRP_MODIF 'v'
+
+
+/* see srp.c */
+char * SRP_check_known_gN_param(BIGNUM* g, BIGNUM* N);
+SRP_gN *SRP_get_default_gN(const char * id) ;
+
+/* server side .... */
+BIGNUM *SRP_Calc_server_key(BIGNUM *A, BIGNUM *v, BIGNUM *u, BIGNUM *b, BIGNUM *N);
+BIGNUM *SRP_Calc_B(BIGNUM *b, BIGNUM *N, BIGNUM *g, BIGNUM *v);
+int SRP_Verify_A_mod_N(BIGNUM *A, BIGNUM *N);
+BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N) ;
+
+
+
+/* client side .... */
+BIGNUM *SRP_Calc_x(BIGNUM *s, const char *user, const char *pass);
+BIGNUM *SRP_Calc_A(BIGNUM *a, BIGNUM *N, BIGNUM *g);
+BIGNUM *SRP_Calc_client_key(BIGNUM *N, BIGNUM *B, BIGNUM *g, BIGNUM *x, BIGNUM *a, BIGNUM *u);
+int SRP_Verify_B_mod_N(BIGNUM *B, BIGNUM *N);
+
+#define SRP_MINIMAL_N 1024
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
+#endif
diff -ruN openssl-SNAP-20091218-orig/crypto/srp/srp_lcl.h openssl-SNAP-20091218-srp/crypto/srp/srp_lcl.h
--- openssl-SNAP-20091218-orig/crypto/srp/srp_lcl.h 1970-01-01 00:00:00.000000000 +0000
+++ openssl-SNAP-20091218-srp/crypto/srp/srp_lcl.h 2009-12-18 20:33:30.000000000 +0000
@@ -0,0 +1,83 @@
+/* crypto/srp/srp_lcl.h */
+/* Written by Peter Sylvester (peter.sylvester@...)
+ * for the EdelKey project and contributed to the OpenSSL project 2004.
+ */
+/* ====================================================================
+ * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@....
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@...). This product includes software written by Tim
+ * Hudson (tjh@...).
+ *
+ */
+#ifndef HEADER_SRP_LCL_H
+#define HEADER_SRP_LCL_H
+
+#include <openssl/srp.h>
+#include <openssl/sha.h>
+
+#if 0
+#define srp_bn_print(a) {fprintf(stderr, #a "="); BN_print_fp(stderr,a); \
+ fprintf(stderr,"\n");}
+#else
+#define srp_bn_print(a)
+#endif
+
+
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff -ruN openssl-SNAP-20091218-orig/crypto/srp/srp_lib.c openssl-SNAP-20091218-srp/crypto/srp/srp_lib.c
--- openssl-SNAP-20091218-orig/crypto/srp/srp_lib.c 1970-01-01 00:00:00.000000000 +0000
+++ openssl-SNAP-20091218-srp/crypto/srp/srp_lib.c 2009-12-18 20:33:30.000000000 +0000
@@ -0,0 +1,357 @@
+/* crypto/srp/srp_lib.c */
+/* Written by Christophe Renou (christophe.renou@...) with
+ * the precious help of Peter Sylvester (peter.sylvester@...)
+ * for the EdelKey project and contributed to the OpenSSL project 2004.
+ */
+/* ====================================================================
+ * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@....
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@...). This product includes software written by Tim
+ * Hudson (tjh@...).
+ *
+ */
+#ifndef OPENSSL_NO_SRP
+#include "cryptlib.h"
+#include "srp_lcl.h"
+#include <openssl/srp.h>
+#include <openssl/evp.h>
+
+#if (BN_BYTES == 8)
+#define bn_pack4(a1,a2,a3,a4) 0x##a1##a2##a3##a4##ul
+#endif
+#if (BN_BYTES == 4)
+#define bn_pack4(a1,a2,a3,a4) 0x##a3##a4##ul, 0x##a1##a2##ul
+#endif
+#if (BN_BYTES == 2)
+#define bn_pack4(a1,a2,a3,a4) 0x##a4##u,0x##a3##u,0x##a2##u,0x##a1##u
+#endif
+
+
+#include "srp_grps.h"
+
+static BIGNUM *srp_Calc_k(BIGNUM *N, BIGNUM *g)
+ {
+ /* k = SHA1(N | PAD(g)) -- tls-srp draft 8 */
+
+ unsigned char digest[SHA_DIGEST_LENGTH];
+ unsigned char *tmp;
+ EVP_MD_CTX ctxt;
+ int longg ;
+ int longN = BN_num_bytes(N);
+
+ if ((tmp = OPENSSL_malloc(longN)) == NULL)
+ return NULL;
+ BN_bn2bin(N,tmp) ;
+
+ EVP_MD_CTX_init(&ctxt);
+ EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
+ EVP_DigestUpdate(&ctxt, tmp, longN);
+
+ memset(tmp, 0, longN);
+ longg = BN_bn2bin(g,tmp) ;
+ /* use the zeros behind to pad on left */
+ EVP_DigestUpdate(&ctxt, tmp + longg, longN-longg);
+ EVP_DigestUpdate(&ctxt, tmp, longg);
+ OPENSSL_free(tmp);
+
+ EVP_DigestFinal_ex(&ctxt, digest, NULL);
+ EVP_MD_CTX_cleanup(&ctxt);
+ return BN_bin2bn(digest, sizeof(digest), NULL);
+ }
+
+BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N)
+ {
+ /* k = SHA1(PAD(A) || PAD(B) ) -- tls-srp draft 8 */
+
+ BIGNUM *u;
+ unsigned char cu[SHA_DIGEST_LENGTH];
+ unsigned char *cAB;
+ EVP_MD_CTX ctxt;
+ int longN;
+ if ((A == NULL) ||(B == NULL) || (N == NULL))
+ return NULL;
+
+ longN= BN_num_bytes(N);
+
+ if ((cAB = OPENSSL_malloc(2*longN)) == NULL)
+ return NULL;
+
+ memset(cAB, 0, longN);
+
+ EVP_MD_CTX_init(&ctxt);
+ EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
+ EVP_DigestUpdate(&ctxt, cAB + BN_bn2bin(A,cAB+longN), longN);
+ EVP_DigestUpdate(&ctxt, cAB + BN_bn2bin(B,cAB+longN), longN);
+ OPENSSL_free(cAB);
+ EVP_DigestFinal_ex(&ctxt, cu, NULL);
+ EVP_MD_CTX_cleanup(&ctxt);
+
+ if (!(u = BN_bin2bn(cu, sizeof(cu), NULL)))
+ return NULL;
+ if (!BN_is_zero(u))
+ return u;
+ BN_free(u);
+ return NULL;
+}
+
+BIGNUM *SRP_Calc_server_key(BIGNUM *A, BIGNUM *v, BIGNUM *u, BIGNUM *b, BIGNUM *N)
+ {
+ BIGNUM *tmp = NULL, *S = NULL;
+ BN_CTX *bn_ctx;
+
+ if (u == NULL || A == NULL || v == NULL || b == NULL || N == NULL)
+ return NULL;
+
+ if ((bn_ctx = BN_CTX_new()) == NULL ||
+ (tmp = BN_new()) == NULL ||
+ (S = BN_new()) == NULL )
+ goto err;
+
+ /* S = (A*v**u) ** b */
+
+ if (!BN_mod_exp(tmp,v,u,N,bn_ctx))
+ goto err;
+ if (!BN_mod_mul(tmp,A,tmp,N,bn_ctx))
+ goto err;
+ if (!BN_mod_exp(S,tmp,b,N,bn_ctx))
+ goto err;
+err:
+ BN_CTX_free(bn_ctx);
+ BN_clear_free(tmp);
+ return S;
+ }
+
+BIGNUM *SRP_Calc_B(BIGNUM *b, BIGNUM *N, BIGNUM *g, BIGNUM *v)
+ {
+ BIGNUM *kv = NULL, *gb = NULL;
+ BIGNUM *B = NULL, *k = NULL;
+ BN_CTX *bn_ctx;
+
+ if (b == NULL || N == NULL || g == NULL || v == NULL ||
+ (bn_ctx = BN_CTX_new()) == NULL)
+ return NULL;
+
+ if ( (kv = BN_new()) == NULL ||
+ (gb = BN_new()) == NULL ||
+ (B = BN_new())== NULL)
+ goto err;
+
+ /* B = g**b + k*v */
+
+ if (!BN_mod_exp(gb,g,b,N,bn_ctx) ||
+ !(k = srp_Calc_k(N,g)) ||
+ !BN_mod_mul(kv,v,k,N,bn_ctx) ||
+ !BN_mod_add(B,gb,kv,N,bn_ctx))
+ {
+ BN_free(B);
+ B = NULL;
+ }
+err:
+ BN_CTX_free(bn_ctx);
+ BN_clear_free(kv);
+ BN_clear_free(gb);
+ BN_free(k);
+ return B;
+ }
+
+BIGNUM *SRP_Calc_x(BIGNUM *s, const char *user, const char *pass)
+ {
+ unsigned char dig[SHA_DIGEST_LENGTH];
+ EVP_MD_CTX ctxt;
+ unsigned char *cs;
+
+ if ((s == NULL) ||
+ (user == NULL) ||
+ (pass == NULL))
+ return NULL;
+
+ if ((cs = OPENSSL_malloc(BN_num_bytes(s))) == NULL)
+ return NULL;
+
+ EVP_MD_CTX_init(&ctxt);
+ EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
+ EVP_DigestUpdate(&ctxt, user, strlen(user));
+ EVP_DigestUpdate(&ctxt, ":", 1);
+ EVP_DigestUpdate(&ctxt, pass, strlen(pass));
+ EVP_DigestFinal_ex(&ctxt, dig, NULL);
+
+ EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
+ BN_bn2bin(s,cs);
+ EVP_DigestUpdate(&ctxt, cs, BN_num_bytes(s));
+ OPENSSL_free(cs);
+ EVP_DigestUpdate(&ctxt, dig, sizeof(dig));
+ EVP_DigestFinal_ex(&ctxt, dig, NULL);
+ EVP_MD_CTX_cleanup(&ctxt);
+
+ return BN_bin2bn(dig, sizeof(dig), NULL);
+ }
+
+BIGNUM *SRP_Calc_A(BIGNUM *a, BIGNUM *N, BIGNUM *g)
+ {
+ BN_CTX *bn_ctx;
+ BIGNUM * A = NULL;
+
+ if (a == NULL || N == NULL || g == NULL ||
+ (bn_ctx = BN_CTX_new()) == NULL)
+ return NULL;
+
+ if ((A = BN_new()) != NULL &&
+ !BN_mod_exp(A,g,a,N,bn_ctx))
+ {
+ BN_free(A);
+ A = NULL;
+ }
+ BN_CTX_free(bn_ctx);
+ return A;
+ }
+
+
+BIGNUM *SRP_Calc_client_key(BIGNUM *N, BIGNUM *B, BIGNUM *g, BIGNUM *x, BIGNUM *a, BIGNUM *u)
+ {
+ BIGNUM *tmp = NULL, *tmp2 = NULL, *tmp3 = NULL , *k = NULL, *K = NULL;
+ BN_CTX *bn_ctx;
+
+ if (u == NULL || B == NULL || N == NULL || g == NULL || x == NULL || a == NULL ||
+ (bn_ctx = BN_CTX_new()) == NULL)
+ return NULL;
+
+ if ((tmp = BN_new()) == NULL ||
+ (tmp2 = BN_new())== NULL ||
+ (tmp3 = BN_new())== NULL ||
+ (K = BN_new()) == NULL)
+ goto err;
+
+ if (!BN_mod_exp(tmp,g,x,N,bn_ctx))
+ goto err;
+ if (!(k = srp_Calc_k(N,g)))
+ goto err;
+ if (!BN_mod_mul(tmp2,tmp,k,N,bn_ctx))
+ goto err;
+ if (!BN_mod_sub(tmp,B,tmp2,N,bn_ctx))
+ goto err;
+
+ if (!BN_mod_mul(tmp3,u,x,N,bn_ctx))
+ goto err;
+ if (!BN_mod_add(tmp2,a,tmp3,N,bn_ctx))
+ goto err;
+ if (!BN_mod_exp(K,tmp,tmp2,N,bn_ctx))
+ goto err;
+
+err :
+ BN_CTX_free(bn_ctx);
+ BN_clear_free(tmp);
+ BN_clear_free(tmp2);
+ BN_clear_free(tmp3);
+ BN_free(k);
+ return K;
+ }
+
+int SRP_Verify_B_mod_N(BIGNUM *B, BIGNUM *N)
+ {
+ BIGNUM *r;
+ BN_CTX *bn_ctx;
+ int ret = 0;
+
+ if (B == NULL || N == NULL ||
+ (bn_ctx = BN_CTX_new()) == NULL)
+ return 0;
+
+ if ((r = BN_new()) == NULL)
+ goto err;
+ /* Checks if B % N == 0 */
+ if (!BN_nnmod(r,B,N,bn_ctx))
+ goto err;
+ ret = !BN_is_zero(r);
+err:
+ BN_CTX_free(bn_ctx);
+ BN_free(r);
+ return ret;
+ }
+
+int SRP_Verify_A_mod_N(BIGNUM *A, BIGNUM *N)
+ {
+ /* Checks if A % N == 0 */
+ return SRP_Verify_B_mod_N(A,N) ;
+ }
+
+
+/* Check if G and N are kwown parameters.
+ The values have been generated from the ietf-tls-srp draft version 8
+*/
+char * SRP_check_known_gN_param(BIGNUM* g, BIGNUM* N)
+ {
+ int i;
+ if ((g == NULL) || (N == NULL))
+ return 0;
+
+ srp_bn_print(g);
+ srp_bn_print(N);
+
+ for(i = 0; i < KNOWN_GN_NUMBER; i++)
+ {
+ if (BN_cmp(knowngN[i].g,g) == 0 && BN_cmp(knowngN[i].N,N) == 0)
+ return knowngN[i].id;
+ }
+ return NULL;
+ }
+
+SRP_gN *SRP_get_default_gN(const char * id)
+ {
+ int i;
+
+ if (id == NULL)
+ return knowngN;
+ for(i = 0; i < KNOWN_GN_NUMBER; i++)
+ {
+ if (strcmp(knowngN[i].id,id)==0)
+ return knowngN+i;
+ }
+ return NULL;
+ }
+#endif
diff -ruN openssl-SNAP-20091218-orig/crypto/srp/srptest.c openssl-SNAP-20091218-srp/crypto/srp/srptest.c
--- openssl-SNAP-20091218-orig/crypto/srp/srptest.c 1970-01-01 00:00:00.000000000 +0000
+++ openssl-SNAP-20091218-srp/crypto/srp/srptest.c 2009-12-18 20:33:30.000000000 +0000
@@ -0,0 +1,161 @@
+#include <openssl/opensslconf.h>
+#ifdef OPENSSL_NO_SRP
+
+#include <stdio.h>
+
+int main(int argc, char *argv[])
+ {
+ printf("No SRP support\n");
+ return(0);
+ }
+
+#else
+
+#include <openssl/srp.h>
+#include <openssl/rand.h>
+#include <openssl/err.h>
+
+static void showbn(const char *name, const BIGNUM *bn)
+ {
+ fputs(name, stdout);
+ fputs(" = ", stdout);
+ BN_print_fp(stdout, bn);
+ putc('\n', stdout);
+ }
+
+#define RANDOM_SIZE 32 /* use 256 bits on each side */
+
+static int run_srp(const char *username, const char *client_pass, const char *server_pass)
+ {
+ int ret=-1;
+ BIGNUM *s = NULL;
+ BIGNUM *v = NULL;
+ BIGNUM *a = NULL;
+ BIGNUM *b = NULL;
+ BIGNUM *u = NULL;
+ BIGNUM *x = NULL;
+ BIGNUM *Apub = NULL;
+ BIGNUM *Bpub = NULL;
+ BIGNUM *Kclient = NULL;
+ BIGNUM *Kserver = NULL;
+ unsigned char rand_tmp[RANDOM_SIZE];
+ SRP_gN *GN = SRP_get_default_gN("1024"); // use builtin 1024-bit params
+
+ if(GN == NULL)
+ {
+ fprintf(stderr, "Failed to get SRP parameters\n");
+ return -1;
+ }
+ /* Set up server's password entry */
+ if(!SRP_create_verifier_BN(username, server_pass, &s, &v, GN->N, GN->g))
+ {
+ fprintf(stderr, "Failed to create SRP verifier\n");
+ return -1;
+ }
+
+ showbn("N", GN->N);
+ showbn("g", GN->g);
+ showbn("Salt", s);
+ showbn("Verifier", v);
+
+ /* Server random */
+ RAND_pseudo_bytes(rand_tmp, sizeof(rand_tmp));
+ b = BN_bin2bn(rand_tmp, sizeof(rand_tmp), NULL);
+ /* TODO - check b != 0 */
+ showbn("b", b);
+
+ /* Server's first message */
+ Bpub = SRP_Calc_B(b, GN->N, GN->g, v);
+ showbn("B", Bpub);
+
+ if(!SRP_Verify_B_mod_N(Bpub, GN->N))
+ {
+ fprintf(stderr, "Invalid B\n");
+ return -1;
+ }
+
+ /* Client random */
+ RAND_pseudo_bytes(rand_tmp, sizeof(rand_tmp));
+ a = BN_bin2bn(rand_tmp, sizeof(rand_tmp), NULL);
+ /* TODO - check a != 0 */
+ showbn("a", a);
+
+ /* Client's response */
+ Apub = SRP_Calc_A(a, GN->N, GN->g);
+ showbn("A", Apub);
+
+ if(!SRP_Verify_A_mod_N(Apub, GN->N))
+ {
+ fprintf(stderr, "Invalid A\n");
+ return -1;
+ }
+
+ /* Both sides calculate u */
+ u = SRP_Calc_u(Apub, Bpub, GN->N);
+
+ /* Client's key */
+ x = SRP_Calc_x(s, username, client_pass);
+ Kclient = SRP_Calc_client_key(GN->N, Bpub, GN->g, x, a, u);
+ showbn("Client's key", Kclient);
+
+ /* Server's key */
+ Kserver = SRP_Calc_server_key(Apub, v, u, b, GN->N);
+ showbn("Server's key", Kserver);
+
+ if(BN_cmp(Kclient, Kserver) == 0)
+ {
+ ret = 0;
+ }
+ else
+ {
+ fprintf(stderr, "Keys mismatch\n");
+ ret = 1;
+ }
+
+ BN_clear_free(Kclient);
+ BN_clear_free(Kserver);
+ BN_clear_free(x);
+ BN_free(u);
+ BN_free(Apub);
+ BN_clear_free(a);
+ BN_free(Bpub);
+ BN_clear_free(b);
+ BN_free(s);
+ BN_clear_free(v);
+
+ return ret;
+ }
+
+int main(int argc, char **argv)
+ {
+ BIO *bio_err;
+ bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+
+ CRYPTO_malloc_debug_init();
+ CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
+ CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+
+ ERR_load_crypto_strings();
+
+ /* "Negative" test, expect a mismatch */
+ if(run_srp("alice", "password1", "password2") == 0)
+ {
+ fprintf(stderr, "Mismatched SRP run failed\n");
+ return 1;
+ }
+
+ /* "Positive" test, should pass */
+ if(run_srp("alice", "password", "password") != 0)
+ {
+ fprintf(stderr, "Plain SRP run failed\n");
+ return 1;
+ }
+
+ CRYPTO_cleanup_all_ex_data();
+ ERR_remove_thread_state(NULL);
+ ERR_free_strings();
+ CRYPTO_mem_leaks(bio_err);
+
+ return 0;
+ }
+#endif
diff -ruN openssl-SNAP-20091218-orig/crypto/srp/srp_vfy.c openssl-SNAP-20091218-srp/crypto/srp/srp_vfy.c
--- openssl-SNAP-20091218-orig/crypto/srp/srp_vfy.c 1970-01-01 00:00:00.000000000 +0000
+++ openssl-SNAP-20091218-srp/crypto/srp/srp_vfy.c 2009-12-18 20:33:30.000000000 +0000
@@ -0,0 +1,650 @@
+/* crypto/srp/srp_vfy.c */
+/* Written by Christophe Renou (christophe.renou@...) with
+ * the precious help of Peter Sylvester (peter.sylvester@...)
+ * for the EdelKey project and contributed to the OpenSSL project 2004.
+ */
+/* ====================================================================
+ * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@....
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@...). This product includes software written by Tim
+ * Hudson (tjh@...).
+ *
+ */
+#ifndef OPENSSL_NO_SRP
+#include "cryptlib.h"
+#include "srp_lcl.h"
+#include <openssl/srp.h>
+#include <openssl/evp.h>
+#include <openssl/buffer.h>
+#include <openssl/rand.h>
+#include <openssl/txt_db.h>
+
+#define SRP_RANDOM_SALT_LEN 20
+#define MAX_LEN 2500
+
+static char b64table[] =
+ "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz./";
+
+/* the following two conversion routines have been inspired by code from Stanford */
+
+/*
+ * Convert a base64 string into raw byte array representation.
+ */
+static int t_fromb64(char * a, const char * src)
+ {
+ char *loc;
+ int i, j;
+ int size;
+
+ while(*src && (*src == ' ' || *src == '\t' || *src == '\n'))
+ ++src;
+ size = strlen(src);
+ i = 0;
+ while(i < size)
+ {
+ loc = strchr(b64table, src[i]);
+ if(loc == (char *) 0) break;
+ else a[i] = loc - b64table;
+ ++i;
+ }
+ size = i;
+ i = size - 1;
+ j = size;
+ while(1)
+ {
+ a[j] = a[i];
+ if(--i < 0) break;
+ a[j] |= (a[i] & 3) << 6;
+ --j;
+ a[j] = (unsigned char) ((a[i] & 0x3c) >> 2);
+ if(--i < 0) break;
+ a[j] |= (a[i] & 0xf) << 4;
+ --j;
+ a[j] = (unsigned char) ((a[i] & 0x30) >> 4);
+ if(--i < 0) break;
+ a[j] |= (a[i] << 2);
+
+ a[--j] = 0;
+ if(--i < 0) break;
+ }
+ while(a[j] == 0 && j <= size) ++j;
+ i = 0;
+ while (j <= size) a[i++] = a[j++];
+ return i;
+ }
+
+
+/*
+ * Convert a raw byte string into a null-terminated base64 ASCII string.
+ */
+static char *t_tob64(char * dst, const char * src, int size)
+ {
+ int c, pos = size % 3;
+ unsigned char b0 = 0, b1 = 0, b2 = 0, notleading = 0;
+ char *olddst = dst;
+
+ switch(pos)
+ {
+ case 1:
+ b2 = src[0];
+ break;
+ case 2:
+ b1 = src[0];
+ b2 = src[1];
+ break;
+ }
+
+ while(1)
+ {
+ c = (b0 & 0xfc) >> 2;
+ if(notleading || c != 0)
+ {
+ *dst++ = b64table[c];
+ notleading = 1;
+ }
+ c = ((b0 & 3) << 4) | ((b1 & 0xf0) >> 4);
+ if(notleading || c != 0)
+ {
+ *dst++ = b64table[c];
+ notleading = 1;
+ }
+ c = ((b1 & 0xf) << 2) | ((b2 & 0xc0) >> 6);
+ if(notleading || c != 0)
+ {
+ *dst++ = b64table[c];
+ notleading = 1;
+ }
+ c = b2 & 0x3f;
+ if(notleading || c != 0)
+ {
+ *dst++ = b64table[c];
+ notleading = 1;
+ }
+ if(pos >= size) break;
+ else
+ {
+ b0 = src[pos++];
+ b1 = src[pos++];
+ b2 = src[pos++];
+ }
+ }
+
+ *dst++ = '\0';
+ return olddst;
+ }
+
+void SRP_user_pwd_free(SRP_user_pwd *user_pwd)
+ {
+ if (user_pwd == NULL)
+ return;
+ BN_free(user_pwd->s);
+ BN_clear_free(user_pwd->v);
+ OPENSSL_free(user_pwd->id);
+ OPENSSL_free(user_pwd->info);
+ OPENSSL_free(user_pwd);
+ }
+
+SRP_user_pwd * SRP_user_pwd_new()
+ {
+ SRP_user_pwd * ret = OPENSSL_malloc(sizeof(SRP_user_pwd));
+ if (ret == NULL)
+ return NULL;
+ ret->N = NULL;
+ ret->g = NULL;
+ ret->s = NULL;
+ ret->v = NULL;
+ ret->id = NULL ;
+ ret->info = NULL;
+ return ret;
+ }
+
+void SRP_user_pwd_set_gN(SRP_user_pwd * vinfo, BIGNUM * g, BIGNUM * N)
+ {
+ vinfo->N = N;
+ vinfo->g = g;
+ }
+
+int SRP_user_pwd_set_ids(SRP_user_pwd * vinfo, char * id, char * info)
+ {
+ if (id != NULL && NULL == (vinfo->id = BUF_strdup(id)))
+ return 0;
+ return (info == NULL || NULL != (vinfo->info = BUF_strdup(info))) ;
+ }
+
+int SRP_user_pwd_set_sv(SRP_user_pwd * vinfo, char * s, char * v)
+ {
+ char tmp[MAX_LEN];
+ int len ;
+ if (strlen(s) > MAX_LEN || strlen(v) > MAX_LEN)
+ return 0;
+ len = t_fromb64(tmp,v);
+ if (NULL == (vinfo->v = BN_bin2bn(tmp,len,NULL)) )
+ return 0;
+ len = t_fromb64(tmp,s);
+ return ((vinfo->s = BN_bin2bn(tmp,len,NULL)) != NULL) ;
+ }
+
+int SRP_user_pwd_set_sv_BN(SRP_user_pwd * vinfo, BIGNUM * s, BIGNUM * v)
+ {
+ vinfo->v = v;
+ vinfo->s = s;
+ return (vinfo->s != NULL && vinfo->v != NULL) ;
+ }
+
+SRP_VBASE *SRP_VBASE_new(char *seed_key)
+ {
+ SRP_VBASE *vb = (SRP_VBASE *) OPENSSL_malloc(sizeof(SRP_VBASE));
+
+ if (vb == NULL)
+ return NULL;
+ if (!(vb->users_pwd = sk_SRP_user_pwd_new_null()) ||
+ !(vb->gN_cache = sk_SRP_gN_cache_new_null()))
+ {
+ OPENSSL_free(vb);
+ return NULL;
+ }
+ vb->default_g = NULL;
+ vb->default_N = NULL;
+ vb->seed_key = NULL;
+ if ((seed_key != NULL) &&
+ (vb->seed_key = BUF_strdup(seed_key)) == NULL)
+ {
+ sk_SRP_user_pwd_free(vb->users_pwd);
+ sk_SRP_gN_cache_free(vb->gN_cache);
+ OPENSSL_free(vb);
+ return NULL;
+ }
+ return vb;
+ }
+
+
+int SRP_VBASE_free(SRP_VBASE *vb)
+ {
+ sk_SRP_user_pwd_pop_free(vb->users_pwd,SRP_user_pwd_free);
+ sk_SRP_gN_cache_free(vb->gN_cache);
+ OPENSSL_free(vb->seed_key);
+ OPENSSL_free(vb);
+ return 0;
+ }
+
+
+SRP_gN_cache *SRP_gN_new_init(char *ch)
+ {
+ char tmp[MAX_LEN];
+ int len;
+
+ SRP_gN_cache *newgN = (SRP_gN_cache *)OPENSSL_malloc(sizeof(SRP_gN_cache));
+ if (newgN == NULL)
+ return NULL;
+
+ if ((newgN->b64_bn = BUF_strdup(ch)) == NULL)
+ goto err;
+
+ len = t_fromb64(tmp,ch);
+ if ((newgN->bn = BN_bin2bn(tmp,len,NULL)))
+ return newgN;
+
+ OPENSSL_free(newgN->b64_bn);
+err:
+ OPENSSL_free(newgN);
+ return NULL;
+ }
+
+
+void SRP_gN_free(SRP_gN_cache *gN_cache)
+ {
+ if (gN_cache == NULL)
+ return;
+ OPENSSL_free(gN_cache->b64_bn);
+ BN_free(gN_cache->bn);
+ OPENSSL_free(gN_cache);
+ }
+
+SRP_gN *SRP_get_gN_by_id(char *id, STACK_OF(SRP_gN) *gN_tab)
+ {
+ int i;
+
+ SRP_gN *gN;
+ if (gN_tab != NULL)
+ for(i = 0; i < sk_SRP_gN_num(gN_tab); i++)
+ {
+ gN = sk_SRP_gN_value(gN_tab, i);
+ if (gN && (id == NULL || strcmp(gN->id,id)==0))
+ return gN;
+ }
+
+ return SRP_get_default_gN(id);
+ }
+
+BIGNUM *SRP_gN_place_bn(STACK_OF(SRP_gN_cache) *gN_cache, char *ch)
+ {
+ int i;
+ if (gN_cache == NULL)
+ return NULL;
+
+ /* search if we have already one... */
+ for(i = 0; i < sk_SRP_gN_cache_num(gN_cache); i++)
+ {
+ SRP_gN_cache *cache = sk_SRP_gN_cache_value(gN_cache, i);
+ if (strcmp(cache->b64_bn,ch)==0)
+ return cache->bn;
+ }
+ { /* it is the first time that we find it */
+ SRP_gN_cache *newgN = SRP_gN_new_init(ch);
+ if (newgN)
+ {
+ if (sk_SRP_gN_cache_insert(gN_cache,newgN,0)>0)
+ return newgN->bn;
+ SRP_gN_free(newgN);
+ }
+ }
+ return NULL;
+ }
+
+/* this function parses verifier file. Format is:
+ * string(index):base64(N):base64(g):0
+ * string(username):base64(v):base64(salt):int(index)
+ */
+
+
+int SRP_VBASE_init(SRP_VBASE *vb, char * verifier_file)
+ {
+ int error_code ;
+ STACK_OF(SRP_gN) *SRP_gN_tab = sk_SRP_gN_new_null();
+ char * last_index = NULL;
+ int i;
+ char ** pp;
+
+ SRP_gN *gN = NULL;
+ SRP_user_pwd *user_pwd = NULL ;
+
+ TXT_DB *tmpdb = NULL;
+ BIO *in = BIO_new(BIO_s_file());
+
+ error_code = SRP_ERR_OPEN_FILE;
+
+ if (in == NULL || BIO_read_filename(in,verifier_file) <= 0)
+ goto err;
+
+ error_code = SRP_ERR_VBASE_INCOMPLETE_FILE;
+
+ if ((tmpdb =TXT_DB_read(in,DB_NUMBER)) == NULL)
+ goto err;
+
+ error_code = SRP_ERR_MEMORY;
+
+
+ if (vb->seed_key)
+ {
+ last_index = SRP_get_default_gN(NULL)->id;
+ }
+ for (i=0; i<sk_num(tmpdb->data); i++)
+ {
+ pp=(char **)sk_value(tmpdb->data,i);
+ if (pp[DB_srptype][0] == DB_SRP_INDEX)
+ {
+ /*we add this couple in the internal Stack */
+
+ if ((gN = (SRP_gN *)OPENSSL_malloc(sizeof(SRP_gN))) == NULL)
+ goto err;
+
+ if (!(gN->id = BUF_strdup(pp[DB_srpid]))
+ || !(gN->N = SRP_gN_place_bn(vb->gN_cache,pp[DB_srpverifier]))
+ || !(gN->g = SRP_gN_place_bn(vb->gN_cache,pp[DB_srpsalt]))
+ || sk_SRP_gN_insert(SRP_gN_tab,gN,0) == 0)
+ goto err;
+
+ gN = NULL;
+
+ if (vb->seed_key != NULL)
+ {
+ last_index = pp[DB_srpid];
+ }
+ }
+ else if (pp[DB_srptype][0] == DB_SRP_VALID)
+ {
+ /* it is a user .... */
+ SRP_gN *gN;
+ if ((gN = SRP_get_gN_by_id(pp[DB_srpgN],SRP_gN_tab))!=NULL)
+ {
+ error_code = SRP_ERR_MEMORY;
+ if ((user_pwd = SRP_user_pwd_new()) == NULL)
+ goto err;
+
+ SRP_user_pwd_set_gN(user_pwd,gN->g,gN->N);
+ if (!SRP_user_pwd_set_ids(user_pwd,pp[DB_srpid],pp[DB_srpinfo]))
+ goto err;
+
+ error_code = SRP_ERR_VBASE_BN_LIB;
+ if (!SRP_user_pwd_set_sv(user_pwd,pp[DB_srpsalt],pp[DB_srpverifier]))
+ goto err;
+
+ if (sk_SRP_gN_insert(vb->users_pwd,user_pwd,0) == 0)
+ goto err;
+ user_pwd = NULL; /* abandon responsability */
+ }
+ }
+ }
+
+ if (last_index != NULL)
+ {
+ /* this means that we want to simulate a default user */
+
+ if (((gN = SRP_get_gN_by_id(last_index,SRP_gN_tab))==NULL))
+ {
+ error_code = SRP_ERR_VBASE_BN_LIB;
+ goto err;
+ }
+ vb->default_g = gN->g ;
+ vb->default_N = gN->N ;
+ gN = NULL ;
+ }
+ error_code = SRP_NO_ERROR;
+
+ err:
+ /* there may be still some leaks to fix, if this fails, the application terminates most likely */
+
+ if (gN != NULL)
+ {
+ OPENSSL_free(gN->id);
+ OPENSSL_free(gN);
+ }
+
+ SRP_user_pwd_free(user_pwd);
+
+ if (tmpdb) TXT_DB_free(tmpdb);
+ if (in) BIO_free_all(in);
+
+ sk_SRP_gN_free(SRP_gN_tab);
+
+ return error_code;
+
+ }
+
+
+SRP_user_pwd *SRP_VBASE_get_by_user(SRP_VBASE *vb, char *username)
+ {
+ int i;
+ SRP_user_pwd *user;
+ unsigned char digv[SHA_DIGEST_LENGTH];
+ unsigned char digs[SHA_DIGEST_LENGTH];
+ EVP_MD_CTX ctxt;
+
+ if (vb == NULL)
+ return NULL;
+ for(i = 0; i < sk_SRP_user_pwd_num(vb->users_pwd); i++)
+ {
+ user = sk_SRP_user_pwd_value(vb->users_pwd, i);
+ if (strcmp(user->id,username)==0)
+ return user;
+ }
+ if ((vb->seed_key == NULL) ||
+ (vb->default_g == NULL) ||
+ (vb->default_N == NULL))
+ return NULL;
+
+/* if the user is unknown we set parameters as well if we have a seed_key */
+
+ if ((user = SRP_user_pwd_new()) == NULL)
+ return NULL;
+
+ SRP_user_pwd_set_gN(user,vb->default_g,vb->default_N);
+
+ if (!SRP_user_pwd_set_ids(user,username,NULL))
+ goto err;
+
+ RAND_pseudo_bytes(digv, SHA_DIGEST_LENGTH);
+ EVP_MD_CTX_init(&ctxt);
+ EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
+ EVP_DigestUpdate(&ctxt, vb->seed_key, strlen(vb->seed_key));
+ EVP_DigestUpdate(&ctxt, username, strlen(username));
+ EVP_DigestFinal_ex(&ctxt, digs, NULL);
+ EVP_MD_CTX_cleanup(&ctxt);
+ if (SRP_user_pwd_set_sv_BN(user, BN_bin2bn(digs,SHA_DIGEST_LENGTH,NULL), BN_bin2bn(digv,SHA_DIGEST_LENGTH, NULL)))
+ return user;
+
+err: SRP_user_pwd_free(user);
+ return NULL;
+ }
+
+
+/*
+ create a verifier (*salt,*verifier,g and N are in base64)
+*/
+char * SRP_create_verifier(const char *user, const char *pass, char **salt, char **verifier, char *N, char *g)
+ {
+ int len;
+ char * result=NULL;
+ char *vf;
+ BIGNUM *N_bn = NULL, *g_bn = NULL, *s = NULL, *v = NULL;
+ char tmp[MAX_LEN];
+ char tmp2[MAX_LEN];
+ char * defgNid = NULL;
+
+ if ((user == NULL)||
+ (pass == NULL)||
+ (salt == NULL)||
+ (verifier == NULL))
+ goto err;
+
+ if (N)
+ {
+ if (!(len = t_fromb64(tmp,N))) goto err;
+ N_bn = BN_bin2bn(tmp,len,NULL);
+ if (!(len = t_fromb64(tmp,g))) goto err;
+ g_bn = BN_bin2bn(tmp,len,NULL);
+ defgNid = "*";
+ }
+ else
+ {
+ SRP_gN * gN = SRP_get_gN_by_id(g, NULL) ;
+ if (gN == NULL)
+ goto err;
+ N_bn = gN->N;
+ g_bn = gN->g;
+ defgNid = gN->id;
+ }
+
+ if (*salt == NULL)
+ {
+ RAND_pseudo_bytes(tmp2, SRP_RANDOM_SALT_LEN);
+
+ s = BN_bin2bn(tmp2,SRP_RANDOM_SALT_LEN,NULL);
+ }
+ else
+ {
+ if (!(len = t_fromb64(tmp2,*salt)))
+ goto err;
+ s = BN_bin2bn(tmp2,len,NULL);
+ }
+
+
+ if(!SRP_create_verifier_BN(user, pass, &s, &v, N_bn, g_bn)) goto err;
+
+ BN_bn2bin(v,tmp);
+ if (((vf = OPENSSL_malloc(BN_num_bytes(v)*2)) == NULL))
+ goto err;
+ t_tob64(vf,tmp,BN_num_bytes(v));
+
+ *verifier = vf;
+ if (*salt == NULL)
+ {
+ if ((*salt = (char *)OPENSSL_malloc(SRP_RANDOM_SALT_LEN*2)) == NULL)
+ {
+ OPENSSL_free(vf);
+ goto err;
+ }
+ t_tob64(*salt,tmp2,SRP_RANDOM_SALT_LEN);
+ }
+
+ result=defgNid;
+
+err:
+ if(N)
+ {
+ BN_free(N_bn);
+ BN_free(g_bn);
+ }
+ return result;
+ }
+
+/*
+ create a verifier (*salt,*verifier,g and N are BIGNUMs)
+*/
+int SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt, BIGNUM **verifier, BIGNUM *N, BIGNUM *g)
+ {
+ int result=0;
+ BIGNUM *x = NULL;
+ BN_CTX *bn_ctx = BN_CTX_new();
+ char tmp2[MAX_LEN];
+
+ if ((user == NULL)||
+ (pass == NULL)||
+ (salt == NULL)||
+ (verifier == NULL)||
+ (N == NULL)||
+ (g == NULL)||
+ (bn_ctx == NULL))
+ goto err;
+
+ srp_bn_print(N);
+ srp_bn_print(g);
+
+ if (*salt == NULL)
+ {
+ RAND_pseudo_bytes(tmp2, SRP_RANDOM_SALT_LEN);
+
+ *salt = BN_bin2bn(tmp2,SRP_RANDOM_SALT_LEN,NULL);
+ }
+
+ x = SRP_Calc_x(*salt,user,pass);
+
+ *verifier = BN_new();
+ if(*verifier == NULL) goto err;
+
+ if (!BN_mod_exp(*verifier,g,x,N,bn_ctx))
+ {
+ BN_clear_free(*verifier);
+ goto err;
+ }
+
+ srp_bn_print(*verifier);
+
+ result=1;
+
+err:
+
+ BN_clear_free(x);
+ BN_CTX_free(bn_ctx);
+ return result;
+ }
+
+
+
+#endif
diff -ruN openssl-SNAP-20091218-orig/crypto/stack/safestack.h openssl-SNAP-20091218-srp/crypto/stack/safestack.h
--- openssl-SNAP-20091218-orig/crypto/stack/safestack.h 2009-07-27 22:00:50.000000000 +0000
+++ openssl-SNAP-20091218-srp/crypto/stack/safestack.h 2009-12-18 20:33:30.000000000 +0000
@@ -1458,6 +1458,66 @@
#define sk_POLICY_MAPPING_sort(st) SKM_sk_sort(POLICY_MAPPING, (st))
#define sk_POLICY_MAPPING_is_sorted(st) SKM_sk_is_sorted(POLICY_MAPPING, (st))

+#define sk_SRP_gN_new(st) SKM_sk_new(SRP_gN, (st))
+#define sk_SRP_gN_new_null() SKM_sk_new_null(SRP_gN)
+#define sk_SRP_gN_free(st) SKM_sk_free(SRP_gN, (st))
+#define sk_SRP_gN_num(st) SKM_sk_num(SRP_gN, (st))
+#define sk_SRP_gN_value(st, i) SKM_sk_value(SRP_gN, (st), (i))
+#define sk_SRP_gN_set(st, i, val) SKM_sk_set(SRP_gN, (st), (i), (val))
+#define sk_SRP_gN_zero(st) SKM_sk_zero(SRP_gN, (st))
+#define sk_SRP_gN_push(st, val) SKM_sk_push(SRP_gN, (st), (val))
+#define sk_SRP_gN_unshift(st, val) SKM_sk_unshift(SRP_gN, (st), (val))
+#define sk_SRP_gN_find(st, val) SKM_sk_find(SRP_gN, (st), (val))
+#define sk_SRP_gN_delete(st, i) SKM_sk_delete(SRP_gN, (st), (i))
+#define sk_SRP_gN_delete_ptr(st, ptr) SKM_sk_delete_ptr(SRP_gN, (st), (ptr))
+#define sk_SRP_gN_insert(st, val, i) SKM_sk_insert(SRP_gN, (st), (val), (i))
+#define sk_SRP_gN_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SRP_gN, (st), (cmp))
+#define sk_SRP_gN_dup(st) SKM_sk_dup(SRP_gN, st)
+#define sk_SRP_gN_pop_free(st, free_func) SKM_sk_pop_free(SRP_gN, (st), (free_func))
+#define sk_SRP_gN_shift(st) SKM_sk_shift(SRP_gN, (st))
+#define sk_SRP_gN_pop(st) SKM_sk_pop(SRP_gN, (st))
+#define sk_SRP_gN_sort(st) SKM_sk_sort(SRP_gN, (st))
+
+#define sk_SRP_gN_cache_new(st) SKM_sk_new(SRP_gN_cache, (st))
+#define sk_SRP_gN_cache_new_null() SKM_sk_new_null(SRP_gN_cache)
+#define sk_SRP_gN_cache_free(st) SKM_sk_free(SRP_gN_cache, (st))
+#define sk_SRP_gN_cache_num(st) SKM_sk_num(SRP_gN_cache, (st))
+#define sk_SRP_gN_cache_value(st, i) SKM_sk_value(SRP_gN_cache, (st), (i))
+#define sk_SRP_gN_cache_set(st, i, val) SKM_sk_set(SRP_gN_cache, (st), (i), (val))
+#define sk_SRP_gN_cache_zero(st) SKM_sk_zero(SRP_gN_cache, (st))
+#define sk_SRP_gN_cache_push(st, val) SKM_sk_push(SRP_gN_cache, (st), (val))
+#define sk_SRP_gN_cache_unshift(st, val) SKM_sk_unshift(SRP_gN_cache, (st), (val))
+#define sk_SRP_gN_cache_find(st, val) SKM_sk_find(SRP_gN_cache, (st), (val))
+#define sk_SRP_gN_cache_delete(st, i) SKM_sk_delete(SRP_gN_cache, (st), (i))
+#define sk_SRP_gN_cache_delete_ptr(st, ptr) SKM_sk_delete_ptr(SRP_gN_cache, (st), (ptr))
+#define sk_SRP_gN_cache_insert(st, val, i) SKM_sk_insert(SRP_gN_cache, (st), (val), (i))
+#define sk_SRP_gN_cache_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SRP_gN_cache, (st), (cmp))
+#define sk_SRP_gN_cache_dup(st) SKM_sk_dup(SRP_gN_cache, st)
+#define sk_SRP_gN_cache_pop_free(st, free_func) SKM_sk_pop_free(SRP_gN_cache, (st), (free_func))
+#define sk_SRP_gN_cache_shift(st) SKM_sk_shift(SRP_gN_cache, (st))
+#define sk_SRP_gN_cache_pop(st) SKM_sk_pop(SRP_gN_cache, (st))
+#define sk_SRP_gN_cache_sort(st) SKM_sk_sort(SRP_gN_cache, (st))
+
+#define sk_SRP_user_pwd_new(st) SKM_sk_new(SRP_user_pwd, (st))
+#define sk_SRP_user_pwd_new_null() SKM_sk_new_null(SRP_user_pwd)
+#define sk_SRP_user_pwd_free(st) SKM_sk_free(SRP_user_pwd, (st))
+#define sk_SRP_user_pwd_num(st) SKM_sk_num(SRP_user_pwd, (st))
+#define sk_SRP_user_pwd_value(st, i) SKM_sk_value(SRP_user_pwd, (st), (i))
+#define sk_SRP_user_pwd_set(st, i, val) SKM_sk_set(SRP_user_pwd, (st), (i), (val))
+#define sk_SRP_user_pwd_zero(st) SKM_sk_zero(SRP_user_pwd, (st))
+#define sk_SRP_user_pwd_push(st, val) SKM_sk_push(SRP_user_pwd, (st), (val))
+#define sk_SRP_user_pwd_unshift(st, val) SKM_sk_unshift(SRP_user_pwd, (st), (val))
+#define sk_SRP_user_pwd_find(st, val) SKM_sk_find(SRP_user_pwd, (st), (val))
+#define sk_SRP_user_pwd_delete(st, i) SKM_sk_delete(SRP_user_pwd, (st), (i))
+#define sk_SRP_user_pwd_delete_ptr(st, ptr) SKM_sk_delete_ptr(SRP_user_pwd, (st), (ptr))
+#define sk_SRP_user_pwd_insert(st, val, i) SKM_sk_insert(SRP_user_pwd, (st), (val), (i))
+#define sk_SRP_user_pwd_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SRP_user_pwd, (st), (cmp))
+#define sk_SRP_user_pwd_dup(st) SKM_sk_dup(SRP_user_pwd, st)
+#define sk_SRP_user_pwd_pop_free(st, free_func) SKM_sk_pop_free(SRP_user_pwd, (st), (free_func))
+#define sk_SRP_user_pwd_shift(st) SKM_sk_shift(SRP_user_pwd, (st))
+#define sk_SRP_user_pwd_pop(st) SKM_sk_pop(SRP_user_pwd, (st))
+#define sk_SRP_user_pwd_sort(st) SKM_sk_sort(SRP_user_pwd, (st))
+
#define sk_SSL_CIPHER_new(cmp) SKM_sk_new(SSL_CIPHER, (cmp))
#define sk_SSL_CIPHER_new_null() SKM_sk_new_null(SSL_CIPHER)
#define sk_SSL_CIPHER_free(st) SKM_sk_free(SSL_CIPHER, (st))
diff -ruN openssl-SNAP-20091218-orig/Makefile.org openssl-SNAP-20091218-srp/Makefile.org
--- openssl-SNAP-20091218-orig/Makefile.org 2009-10-16 00:00:17.000000000 +0000
+++ openssl-SNAP-20091218-srp/Makefile.org 2009-12-18 20:33:30.000000000 +0000
@@ -121,7 +121,7 @@
bn ec rsa dsa ecdsa dh ecdh dso engine \
buffer bio stack lhash rand err \
evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 \
- cms pqueue ts jpake store
+ cms pqueue ts jpake srp store
# keep in mind that the above list is adjusted by ./Configure
# according to no-xxx arguments...

diff -ruN openssl-SNAP-20091218-orig/ssl/Makefile openssl-SNAP-20091218-srp/ssl/Makefile
--- openssl-SNAP-20091218-orig/ssl/Makefile 2009-11-09 20:01:01.000000000 +0000
+++ openssl-SNAP-20091218-srp/ssl/Makefile 2009-12-18 20:34:18.000000000 +0000
@@ -30,7 +30,7 @@
ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c \
ssl_ciph.c ssl_stat.c ssl_rsa.c \
ssl_asn1.c ssl_txt.c ssl_algs.c \
- bio_ssl.c ssl_err.c kssl.c t1_reneg.c
+ bio_ssl.c ssl_err.c kssl.c t1_reneg.c tls_srp.c
LIBOBJ= \
s2_meth.o s2_srvr.o s2_clnt.o s2_lib.o s2_enc.o s2_pkt.o \
s3_meth.o s3_srvr.o s3_clnt.o s3_lib.o s3_enc.o s3_pkt.o s3_both.o \
@@ -41,7 +41,7 @@
ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o \
ssl_ciph.o ssl_stat.o ssl_rsa.o \
ssl_asn1.o ssl_txt.o ssl_algs.o \
- bio_ssl.o ssl_err.o kssl.o t1_reneg.o
+ bio_ssl.o ssl_err.o kssl.o t1_reneg.o tls_srp.o

SRC= $(LIBSRC)

diff -ruN openssl-SNAP-20091218-orig/ssl/s3_clnt.c openssl-SNAP-20091218-srp/ssl/s3_clnt.c
--- openssl-SNAP-20091218-orig/ssl/s3_clnt.c 2009-12-08 14:00:27.000000000 +0000
+++ openssl-SNAP-20091218-srp/ssl/s3_clnt.c 2009-12-18 20:33:30.000000000 +0000
@@ -278,6 +278,20 @@
case SSL3_ST_CR_SRVR_HELLO_A:
case SSL3_ST_CR_SRVR_HELLO_B:
ret=ssl3_get_server_hello(s);
+#ifndef OPENSSL_NO_SRP
+ if ((ret == 0) && (s->s3->warn_alert == SSL_AD_MISSING_SRP_USERNAME))
+ {
+ if (!SRP_have_to_put_srp_username(s))
+ {
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_MISSING_SRP_USERNAME);
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_USER_CANCELLED);
+ goto end;
+ }
+ s->state=SSL3_ST_CW_CLNT_HELLO_A;
+ if (!ssl_init_wbio_buffer(s,0)) { ret= -1; goto end; }
+ break;
+ }
+#endif
if (ret <= 0) goto end;

if (s->hit)
@@ -359,6 +373,17 @@
case SSL3_ST_CR_SRVR_DONE_B:
ret=ssl3_get_server_done(s);
if (ret <= 0) goto end;
+#ifndef OPENSSL_NO_SRP
+ if (s->s3->tmp.new_cipher->algorithm_mkey & SSL_kSRP)
+ {
+ if ((ret = SRP_Calc_A_param(s))<=0)
+ {
+ SSLerr(SSL_F_SSL3_GET_SERVER_DONE,SSL_R_SRP_A_CALC);
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_INTERNAL_ERROR);
+ goto end;
+ }
+ }
+#endif
if (s->s3->tmp.cert_req)
s->state=SSL3_ST_CW_CERT_A;
else
@@ -1260,6 +1285,86 @@
}
else
#endif /* !OPENSSL_NO_PSK */
+#ifndef OPENSSL_NO_SRP
+ if (alg_k & SSL_kSRP)
+ {
+ n2s(p,i);
+ param_len=i+2;
+ if (param_len > n)
+ {
+ al=SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SRP_N_LENGTH);
+ goto f_err;
+ }
+ if (!(s->srp_ctx.N=BN_bin2bn(p,i,NULL)))
+ {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
+ goto err;
+ }
+ p+=i;
+
+ n2s(p,i);
+ param_len+=i+2;
+ if (param_len > n)
+ {
+ al=SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SRP_G_LENGTH);
+ goto f_err;
+ }
+ if (!(s->srp_ctx.g=BN_bin2bn(p,i,NULL)))
+ {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
+ goto err;
+ }
+ p+=i;
+
+ i = (unsigned int)(p[0]);
+ p++;
+ param_len+=i+1;
+ if (param_len > n)
+ {
+ al=SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SRP_S_LENGTH);
+ goto f_err;
+ }
+ if (!(s->srp_ctx.s=BN_bin2bn(p,i,NULL)))
+ {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
+ goto err;
+ }
+ p+=i;
+
+ n2s(p,i);
+ param_len+=i+2;
+ if (param_len > n)
+ {
+ al=SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SRP_B_LENGTH);
+ goto f_err;
+ }
+ if (!(s->srp_ctx.B=BN_bin2bn(p,i,NULL)))
+ {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
+ goto err;
+ }
+ p+=i;
+ n-=param_len;
+
+/* We must check if there is a certificate */
+#ifndef OPENSSL_NO_RSA
+ if (alg_a & SSL_aRSA)
+ pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
+#else
+ if (0)
+ ;
+#endif
+#ifndef OPENSSL_NO_DSA
+ else if (alg_a & SSL_aDSS)
+ pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_DSA_SIGN].x509);
+#endif
+ }
+ else
+#endif /* !OPENSSL_NO_SRP */
#ifndef OPENSSL_NO_RSA
if (alg_k & SSL_kRSA)
{
@@ -2528,6 +2633,39 @@
EVP_PKEY_free(pub_key);

}
+#ifndef OPENSSL_NO_SRP
+ else if (alg_k & SSL_kSRP)
+ {
+ if (s->srp_ctx.A != NULL)
+ {
+ /* send off the data */
+ n=BN_num_bytes(s->srp_ctx.A);
+ s2n(n,p);
+ BN_bn2bin(s->srp_ctx.A,p);
+ n+=2;
+ }
+ else
+ {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ if (s->session->srp_username != NULL)
+ OPENSSL_free(s->session->srp_username);
+ s->session->srp_username = BUF_strdup(s->srp_ctx.login);
+ if (s->session->srp_username == NULL)
+ {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ if ((s->session->master_key_length = SRP_generate_client_master_secret(s,s->session->master_key))<0)
+ {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ }
+#endif
#ifndef OPENSSL_NO_PSK
else if (alg_k & SSL_kPSK)
{
diff -ruN openssl-SNAP-20091218-orig/ssl/s3_lib.c openssl-SNAP-20091218-srp/ssl/s3_lib.c
--- openssl-SNAP-20091218-orig/ssl/s3_lib.c 2009-10-16 16:01:27.000000000 +0000
+++ openssl-SNAP-20091218-srp/ssl/s3_lib.c 2009-12-18 20:33:30.000000000 +0000
@@ -2012,6 +2012,152 @@
},
#endif /* OPENSSL_NO_ECDH */

+#ifndef OPENSSL_NO_SRP
+ /* Cipher C01A */
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
+ TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
+ SSL_kSRP,
+ SSL_aNULL,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP|SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+ 168,
+ 168,
+ },
+
+ /* Cipher C01B */
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
+ TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
+ SSL_kSRP,
+ SSL_aRSA,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP|SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+ 168,
+ 168,
+ },
+
+ /* Cipher C01C */
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
+ TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
+ SSL_kSRP,
+ SSL_aDSS,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP|SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+ 168,
+ 168,
+ },
+
+ /* Cipher C01D */
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA,
+ TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA,
+ SSL_kSRP,
+ SSL_aNULL,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP|SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher C01E */
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
+ TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
+ SSL_kSRP,
+ SSL_aRSA,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP|SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher C01F */
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
+ TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
+ SSL_kSRP,
+ SSL_aDSS,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP|SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher C020 */
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA,
+ TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA,
+ SSL_kSRP,
+ SSL_aNULL,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP|SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+ 256,
+ 256,
+ },
+
+ /* Cipher C021 */
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
+ TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
+ SSL_kSRP,
+ SSL_aRSA,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP|SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+ 256,
+ 256,
+ },
+
+ /* Cipher C022 */
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
+ TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
+ SSL_kSRP,
+ SSL_aDSS,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP|SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+ 256,
+ 256,
+ },
+#endif /* OPENSSL_NO_SRP */
+
#ifdef TEMP_GOST_TLS
/* Cipher FF00 */
{
@@ -2128,6 +2274,9 @@

s->s3=s3;

+#ifndef OPENSSL_NO_SRP
+ SSL_SRP_CTX_init(s);
+#endif
s->method->ssl_clear(s);
return(1);
err:
@@ -2168,6 +2317,9 @@
BIO_free(s->s3->handshake_buffer);
}
if (s->s3->handshake_dgst) ssl3_free_digest_list(s);
+#ifndef OPENSSL_NO_SRP
+ SSL_SRP_CTX_free(s);
+#endif
OPENSSL_cleanse(s->s3,sizeof *s->s3);
OPENSSL_free(s->s3);
s->s3=NULL;
@@ -2232,6 +2384,13 @@
s->version=SSL3_VERSION;
}

+#ifndef OPENSSL_NO_SRP
+static char * MS_CALLBACK srp_password_from_info_cb(SSL *s, void *arg)
+ {
+ return BUF_strdup(s->srp_ctx.info) ;
+ }
+#endif
+
long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
{
int ret=0;
@@ -2709,6 +2868,38 @@
return 1;
break;

+#ifndef OPENSSL_NO_SRP
+ case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME:
+ ctx->srp_ctx.srp_Mask|=SSL_kSRP;
+ if (ctx->srp_ctx.login != NULL)
+ OPENSSL_free(ctx->srp_ctx.login);
+ ctx->srp_ctx.login = NULL;
+ if (parg == NULL)
+ break;
+ if (strlen((char *)parg) > 254)
+ {
+ SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_SRP_USERNAME);
+ return 0;
+ }
+ if ((ctx->srp_ctx.login = BUF_strdup((char *)parg)) == NULL)
+ {
+ SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR);
+ return 0;
+ }
+ break;
+ case SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD:
+ ctx->srp_ctx.SRP_give_srp_client_pwd_callback=srp_password_from_info_cb;
+ ctx->srp_ctx.info=parg;
+ break;
+ case SSL_CTRL_SET_SRP_ARG:
+ ctx->srp_ctx.srp_Mask|=SSL_kSRP;
+ ctx->srp_ctx.SRP_cb_arg=parg;
+ break;
+
+ case SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH:
+ ctx->srp_ctx.strength=larg;
+ break;
+#endif
#endif /* !OPENSSL_NO_TLSEXT */

/* A Thawte special :-) */
@@ -2778,6 +2969,24 @@
HMAC_CTX *, int))fp;
break;

+#ifndef OPENSSL_NO_SRP
+ case SSL_CTRL_SET_SRP_VERIFY_PARAM_CB:
+ ctx->srp_ctx.srp_Mask|=SSL_kSRP;
+ ctx->srp_ctx.SRP_verify_param_callback=(int (*)(SSL *,void *))fp;
+ break;
+ case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB:
+ ctx->srp_ctx.srp_Mask|=SSL_kSRP;
+ ctx->srp_ctx.TLS_ext_srp_username_callback=(int (*)(SSL *,int *,void *))fp;
+ break;
+ case SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB:
+ ctx->srp_ctx.srp_Mask|=SSL_kSRP;
+ ctx->srp_ctx.SRP_give_srp_client_pwd_callback=(char *(*)(SSL *,void *))fp;
+ break;
+ case SSL_CTRL_SET_TLS_EXT_SRP_MISSING_CLIENT_USERNAME_CB:
+ ctx->srp_ctx.srp_Mask|=SSL_kSRP;
+ ctx->srp_ctx.SRP_TLS_ext_missing_srp_client_username_callback=(char *(*)(SSL *,void *))fp;
+ break;
+#endif
#endif
default:
return(0);
@@ -2878,6 +3087,10 @@
mask_a = cert->mask_a;
emask_k = cert->export_mask_k;
emask_a = cert->export_mask_a;
+#ifndef OPENSSL_NO_SRP
+ mask_k=cert->mask_k | s->srp_ctx.srp_Mask;
+ emask_k=cert->export_mask_k | s->srp_ctx.srp_Mask;
+#endif

#ifdef KSSL_DEBUG
/* printf("ssl3_choose_cipher %d alg= %lx\n", i,c->algorithms);*/
diff -ruN openssl-SNAP-20091218-orig/ssl/s3_pkt.c openssl-SNAP-20091218-srp/ssl/s3_pkt.c
--- openssl-SNAP-20091218-orig/ssl/s3_pkt.c 2009-12-09 16:01:31.000000000 +0000
+++ openssl-SNAP-20091218-srp/ssl/s3_pkt.c 2009-12-18 20:51:22.000000000 +0000
@@ -1202,6 +1202,10 @@
SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_NO_RENEGOTIATION);
goto f_err;
}
+#ifdef SSL_AD_MISSING_SRP_USERNAME
+ else if (alert_descr == SSL_AD_MISSING_SRP_USERNAME)
+ return(0);
+#endif
}
else if (alert_level == 2) /* fatal */
{
diff -ruN openssl-SNAP-20091218-orig/ssl/s3_srvr.c openssl-SNAP-20091218-srp/ssl/s3_srvr.c
--- openssl-SNAP-20091218-orig/ssl/s3_srvr.c 2009-12-08 14:00:27.000000000 +0000
+++ openssl-SNAP-20091218-srp/ssl/s3_srvr.c 2009-12-18 20:33:30.000000000 +0000
@@ -179,6 +179,31 @@
return(NULL);
}

+#ifndef OPENSSL_NO_SRP
+int SSL_check_srp_ext_ClientHello(SSL *s,int *ad)
+ {
+ int ret = SSL_ERROR_NONE;
+
+ *ad = SSL_AD_UNRECOGNIZED_NAME;
+
+ if ((s->s3->tmp.new_cipher->algorithm_mkey & SSL_kSRP) &&
+ (s->srp_ctx.TLS_ext_srp_username_callback != NULL))
+ {
+ if(s->srp_ctx.login == NULL)
+ {
+ /* There isn't any srp login extension !!! */
+ ret = SSL3_AL_WARNING;
+ *ad = SSL_AD_MISSING_SRP_USERNAME;
+ }
+ else
+ {
+ ret = SSL_srp_server_param_with_username(s,ad);
+ }
+ }
+ return ret;
+ }
+#endif
+
IMPLEMENT_ssl3_meth_func(SSLv3_server_method,
ssl3_accept,
ssl_undefined_function,
@@ -192,6 +217,9 @@
long num1;
int ret= -1;
int new_state,state,skip=0;
+#ifndef OPENSSL_NO_SRP
+ int srp_no_username =0;
+#endif

RAND_add(&Time,sizeof(Time),0);
ERR_clear_error();
@@ -300,10 +328,35 @@
case SSL3_ST_SR_CLNT_HELLO_A:
case SSL3_ST_SR_CLNT_HELLO_B:
case SSL3_ST_SR_CLNT_HELLO_C:
+#ifndef OPENSSL_NO_SRP
+ case SSL3_ST_SR_CLNT_HELLO_SRP_USERNAME:
+#endif

s->shutdown=0;
ret=ssl3_get_client_hello(s);
if (ret <= 0) goto end;
+#ifndef OPENSSL_NO_SRP
+ int extension_error = 0,al;
+
+ if ((al = SSL_check_srp_ext_ClientHello(s,&extension_error)) != SSL_ERROR_NONE)
+ {
+ ssl3_send_alert(s,al,extension_error);
+ if (extension_error == SSL_AD_MISSING_SRP_USERNAME)
+ {
+ if (srp_no_username) goto end;
+ ERR_clear_error();
+ srp_no_username = 1;
+ s->state=SSL3_ST_SR_CLNT_HELLO_SRP_USERNAME;
+ if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
+ if ((ret=BIO_flush(s->wbio)) <= 0) goto end;
+ s->init_num=0;
+ break;
+ }
+ ret = -1;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_CLIENTHELLO_TLSEXT);
+ goto end;
+ }
+#endif

s->new_session = 2;
s->state=SSL3_ST_SW_SRVR_HELLO_A;
@@ -334,7 +387,7 @@
case SSL3_ST_SW_CERT_A:
case SSL3_ST_SW_CERT_B:
/* Check if it is anon DH or anon ECDH, */
- /* normal PSK or KRB5 */
+ /* normal PSK or KRB5 or SRP */
if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL)
&& !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)
&& !(s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5))
@@ -399,6 +452,10 @@
#ifndef OPENSSL_NO_PSK
|| ((alg_k & SSL_kPSK) && s->ctx->psk_identity_hint)
#endif
+#ifndef OPENSSL_NO_SRP
+ /* SRP: send ServerKeyExchange */
+ || (alg_k & SSL_kSRP)
+#endif
|| (alg_k & (SSL_kDHr|SSL_kDHd|SSL_kEDH))
|| (alg_k & SSL_kEECDH)
|| ((alg_k & SSL_kRSA)
@@ -782,7 +839,11 @@
* If we are SSLv3, we will respond with SSLv3, even if prompted with
* TLSv1.
*/
- if (s->state == SSL3_ST_SR_CLNT_HELLO_A)
+ if (s->state == SSL3_ST_SR_CLNT_HELLO_A
+#ifndef OPENSSL_NO_SRP
+ || (s->state == SSL3_ST_SR_CLNT_HELLO_SRP_USERNAME)
+#endif
+ )
{
s->state=SSL3_ST_SR_CLNT_HELLO_B;
}
@@ -1589,14 +1650,37 @@
}
else
#endif /* !OPENSSL_NO_PSK */
+#ifndef OPENSSL_NO_SRP
+ if (type & SSL_kSRP)
+ {
+ if ((s->srp_ctx.N == NULL) ||
+ (s->srp_ctx.g == NULL) ||
+ (s->srp_ctx.s == NULL) ||
+ (s->srp_ctx.B == NULL))
+ {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_MISSING_SRP_PARAM);
+ goto err;
+ }
+ r[0]=s->srp_ctx.N;
+ r[1]=s->srp_ctx.g;
+ r[2]=s->srp_ctx.s;
+ r[3]=s->srp_ctx.B;
+ }
+ else
+#endif
{
al=SSL_AD_HANDSHAKE_FAILURE;
SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
goto f_err;
}
- for (i=0; r[i] != NULL; i++)
+ for (i=0; r[i] != NULL && i<4; i++)
{
nr[i]=BN_num_bytes(r[i]);
+#ifndef OPENSSL_NO_SRP
+ if ((i == 2) && (type & SSL_kSRP))
+ n+=1+nr[i];
+ else
+#endif
n+=2+nr[i];
}

@@ -1625,8 +1709,16 @@
d=(unsigned char *)s->init_buf->data;
p= &(d[4]);

- for (i=0; r[i] != NULL; i++)
+ for (i=0; r[i] != NULL && i<4; i++)
{
+#ifndef OPENSSL_NO_SRP
+ if ((i == 2) && (type & SSL_kSRP))
+ {
+ *p = nr[i];
+ p++;
+ }
+ else
+#endif
s2n(nr[i],p);
BN_bn2bin(r[i],p);
p+=nr[i];
@@ -2503,6 +2595,44 @@
}
else
#endif
+#ifndef OPENSSL_NO_SRP
+ if (alg_k & SSL_kSRP)
+ {
+ int param_len;
+
+ n2s(p,i);
+ param_len=i+2;
+ if (param_len > n)
+ {
+ al=SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SRP_A_LENGTH);
+ goto f_err;
+ }
+ if (!(s->srp_ctx.A=BN_bin2bn(p,i,NULL)))
+ {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
+ goto err;
+ }
+ if (s->session->srp_username != NULL)
+ OPENSSL_free(s->session->srp_username);
+ s->session->srp_username = BUF_strdup(s->srp_ctx.login);
+ if (s->session->srp_username == NULL)
+ {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ if ((s->session->master_key_length = SRP_generate_server_master_secret(s,s->session->master_key))<0)
+ {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+
+ p+=i;
+ }
+ else
+#endif /* OPENSSL_NO_SRP */
if (alg_k & SSL_kGOST)
{
int ret = 0;
@@ -2579,7 +2709,7 @@
return(1);
f_err:
ssl3_send_alert(s,SSL3_AL_FATAL,al);
-#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_ECDH)
+#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_ECDH) || #defined(OPENSSL_NO_SRP)
err:
#endif
#ifndef OPENSSL_NO_ECDH
diff -ruN openssl-SNAP-20091218-orig/ssl/ssl3.h openssl-SNAP-20091218-srp/ssl/ssl3.h
--- openssl-SNAP-20091218-orig/ssl/ssl3.h 2009-12-16 21:01:04.000000000 +0000
+++ openssl-SNAP-20091218-srp/ssl/ssl3.h 2009-12-18 20:33:30.000000000 +0000
@@ -568,6 +568,8 @@
#define SSL3_ST_SR_CLNT_HELLO_A (0x110|SSL_ST_ACCEPT)
#define SSL3_ST_SR_CLNT_HELLO_B (0x111|SSL_ST_ACCEPT)
#define SSL3_ST_SR_CLNT_HELLO_C (0x112|SSL_ST_ACCEPT)
+/* a new state to remember that we have already receive a ClientHello without srp username extension */
+#define SSL3_ST_SR_CLNT_HELLO_SRP_USERNAME (0x1E2|SSL_ST_ACCEPT)
/* write to client */
#define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A (0x113|SSL_ST_ACCEPT)
#define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B (0x114|SSL_ST_ACCEPT)
diff -ruN openssl-SNAP-20091218-orig/ssl/ssl_asn1.c openssl-SNAP-20091218-srp/ssl/ssl_asn1.c
--- openssl-SNAP-20091218-orig/ssl/ssl_asn1.c 2009-10-30 15:00:41.000000000 +0000
+++ openssl-SNAP-20091218-srp/ssl/ssl_asn1.c 2009-12-18 20:33:30.000000000 +0000
@@ -114,6 +114,9 @@
ASN1_OCTET_STRING psk_identity_hint;
ASN1_OCTET_STRING psk_identity;
#endif /* OPENSSL_NO_PSK */
+#ifndef OPENSSL_NO_SRP
+ ASN1_OCTET_STRING srp_username;
+#endif /* OPENSSL_NO_SRP */
} SSL_SESSION_ASN1;

int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
@@ -130,6 +133,9 @@
unsigned char cbuf;
int v11=0;
#endif
+#ifndef OPENSSL_NO_SRP
+ int v12=0;
+#endif
long l;
SSL_SESSION_ASN1 a;
M_ASN1_I2D_vars(in);
@@ -267,6 +273,14 @@
a.psk_identity.data=(unsigned char *)(in->psk_identity);
}
#endif /* OPENSSL_NO_PSK */
+#ifndef OPENSSL_NO_SRP
+ if (in->srp_username)
+ {
+ a.srp_username.length=strlen(in->srp_username);
+ a.srp_username.type=V_ASN1_OCTET_STRING;
+ a.srp_username.data=(unsigned char *)(in->srp_username);
+ }
+#endif /* OPENSSL_NO_SRP */

M_ASN1_I2D_len(&(a.version), i2d_ASN1_INTEGER);
M_ASN1_I2D_len(&(a.ssl_version), i2d_ASN1_INTEGER);
@@ -307,6 +321,10 @@
if (in->psk_identity)
M_ASN1_I2D_len_EXP_opt(&(a.psk_identity), i2d_ASN1_OCTET_STRING,8,v8);
#endif /* OPENSSL_NO_PSK */
+#ifndef OPENSSL_NO_SRP
+ if (in->srp_username)
+ M_ASN1_I2D_len_EXP_opt(&(a.srp_username), i2d_ASN1_OCTET_STRING,12,v12);
+#endif /* OPENSSL_NO_SRP */

M_ASN1_I2D_seq_total();

@@ -351,6 +369,10 @@
if (in->compress_meth)
M_ASN1_I2D_put_EXP_opt(&(a.comp_id), i2d_ASN1_OCTET_STRING,11,v11);
#endif
+#ifndef OPENSSL_NO_SRP
+ if (in->srp_username)
+ M_ASN1_I2D_put_EXP_opt(&(a.srp_username), i2d_ASN1_OCTET_STRING,12,v12);
+#endif /* OPENSSL_NO_SRP */
M_ASN1_I2D_finish();
}

@@ -589,5 +611,20 @@
}
#endif

+#ifndef OPENSSL_NO_SRP
+ os.length=0;
+ os.data=NULL;
+ M_ASN1_D2I_get_EXP_opt(osp,d2i_ASN1_OCTET_STRING,11);
+ if (os.data)
+ {
+ ret->srp_username = BUF_strndup((char *)os.data, os.length);
+ OPENSSL_free(os.data);
+ os.data = NULL;
+ os.length = 0;
+ }
+ else
+ ret->srp_username=NULL;
+#endif /* OPENSSL_NO_SRP */
+
M_ASN1_D2I_Finish(a,SSL_SESSION_free,SSL_F_D2I_SSL_SESSION);
}
diff -ruN openssl-SNAP-20091218-orig/ssl/ssl_ciph.c openssl-SNAP-20091218-srp/ssl/ssl_ciph.c
--- openssl-SNAP-20091218-orig/ssl/ssl_ciph.c 2009-09-13 00:00:20.000000000 +0000
+++ openssl-SNAP-20091218-srp/ssl/ssl_ciph.c 2009-12-18 20:33:30.000000000 +0000
@@ -247,6 +247,7 @@
{0,SSL_TXT_ECDH,0, SSL_kECDHr|SSL_kECDHe|SSL_kEECDH,0,0,0,0,0,0,0,0},

{0,SSL_TXT_kPSK,0, SSL_kPSK, 0,0,0,0,0,0,0,0},
+ {0,SSL_TXT_kSRP,0, SSL_kSRP, 0,0,0,0,0,0,0,0},
{0,SSL_TXT_kGOST,0, SSL_kGOST,0,0,0,0,0,0,0,0},

/* server authentication aliases */
@@ -273,6 +274,7 @@
{0,SSL_TXT_ADH,0, SSL_kEDH,SSL_aNULL,0,0,0,0,0,0,0},
{0,SSL_TXT_AECDH,0, SSL_kEECDH,SSL_aNULL,0,0,0,0,0,0,0},
{0,SSL_TXT_PSK,0, SSL_kPSK,SSL_aPSK,0,0,0,0,0,0,0},
+ {0,SSL_TXT_SRP,0, SSL_kSRP,0,0,0,0,0,0,0,0},

/* symmetric encryption aliases */
@@ -661,6 +663,9 @@
*mkey |= SSL_kPSK;
*auth |= SSL_aPSK;
#endif
+#ifdef OPENSSL_NO_SRP
+ *mkey |= SSL_kSRP;
+#endif
/* Check for presence of GOST 34.10 algorithms, and if they
* do not present, disable appropriate auth and key exchange */
if (!get_optional_pkey_id("gost94")) {
@@ -1513,6 +1518,9 @@
case SSL_kPSK:
kx="PSK";
break;
+ case SSL_kSRP:
+ kx="SRP";
+ break;
default:
kx="unknown";
}
diff -ruN openssl-SNAP-20091218-orig/ssl/ssl_err.c openssl-SNAP-20091218-srp/ssl/ssl_err.c
--- openssl-SNAP-20091218-orig/ssl/ssl_err.c 2009-12-09 16:01:31.000000000 +0000
+++ openssl-SNAP-20091218-srp/ssl/ssl_err.c 2009-12-18 20:33:30.000000000 +0000
@@ -250,6 +250,7 @@
{ERR_FUNC(SSL_F_SSL_SET_TRUST), "SSL_set_trust"},
{ERR_FUNC(SSL_F_SSL_SET_WFD), "SSL_set_wfd"},
{ERR_FUNC(SSL_F_SSL_SHUTDOWN), "SSL_shutdown"},
+{ERR_FUNC(SSL_F_SSL_SRP_CTX_INIT), "SSL_SRP_CTX_INIT"},
{ERR_FUNC(SSL_F_SSL_UNDEFINED_CONST_FUNCTION), "SSL_UNDEFINED_CONST_FUNCTION"},
{ERR_FUNC(SSL_F_SSL_UNDEFINED_FUNCTION), "SSL_UNDEFINED_FUNCTION"},
{ERR_FUNC(SSL_F_SSL_UNDEFINED_VOID_FUNCTION), "SSL_UNDEFINED_VOID_FUNCTION"},
@@ -311,6 +312,11 @@
{ERR_REASON(SSL_R_BAD_RSA_MODULUS_LENGTH),"bad rsa modulus length"},
{ERR_REASON(SSL_R_BAD_RSA_SIGNATURE) ,"bad rsa signature"},
{ERR_REASON(SSL_R_BAD_SIGNATURE) ,"bad signature"},
+{ERR_REASON(SSL_R_BAD_SRP_A_LENGTH) ,"bad srp a length"},
+{ERR_REASON(SSL_R_BAD_SRP_B_LENGTH) ,"bad srp b length"},
+{ERR_REASON(SSL_R_BAD_SRP_G_LENGTH) ,"bad srp g length"},
+{ERR_REASON(SSL_R_BAD_SRP_N_LENGTH) ,"bad srp n length"},
+{ERR_REASON(SSL_R_BAD_SRP_S_LENGTH) ,"bad srp s length"},
{ERR_REASON(SSL_R_BAD_SSL_FILETYPE) ,"bad ssl filetype"},
{ERR_REASON(SSL_R_BAD_SSL_SESSION_ID_LENGTH),"bad ssl session id length"},
{ERR_REASON(SSL_R_BAD_STATE) ,"bad state"},
@@ -327,6 +333,7 @@
{ERR_REASON(SSL_R_CIPHER_CODE_WRONG_LENGTH),"cipher code wrong length"},
{ERR_REASON(SSL_R_CIPHER_OR_HASH_UNAVAILABLE),"cipher or hash unavailable"},
{ERR_REASON(SSL_R_CIPHER_TABLE_SRC_ERROR),"cipher table src error"},
+{ERR_REASON(SSL_R_CLIENTHELLO_SRP_TLS_EXT),"error with the SRP username"},
{ERR_REASON(SSL_R_CLIENTHELLO_TLSEXT) ,"clienthello tlsext"},
{ERR_REASON(SSL_R_COMPRESSED_LENGTH_TOO_LONG),"compressed length too long"},
{ERR_REASON(SSL_R_COMPRESSION_FAILURE) ,"compression failure"},
@@ -360,6 +367,7 @@
{ERR_REASON(SSL_R_INVALID_CHALLENGE_LENGTH),"invalid challenge length"},
{ERR_REASON(SSL_R_INVALID_COMMAND) ,"invalid command"},
{ERR_REASON(SSL_R_INVALID_PURPOSE) ,"invalid purpose"},
+{ERR_REASON(SSL_R_INVALID_SRP_USERNAME) ,"invalid srp username"},
{ERR_REASON(SSL_R_INVALID_STATUS_RESPONSE),"invalid status response"},
{ERR_REASON(SSL_R_INVALID_TICKET_KEYS_LENGTH),"invalid ticket keys length"},
{ERR_REASON(SSL_R_INVALID_TRUST) ,"invalid trust"},
@@ -389,6 +397,8 @@
{ERR_REASON(SSL_R_MISSING_RSA_CERTIFICATE),"missing rsa certificate"},
{ERR_REASON(SSL_R_MISSING_RSA_ENCRYPTING_CERT),"missing rsa encrypting cert"},
{ERR_REASON(SSL_R_MISSING_RSA_SIGNING_CERT),"missing rsa signing cert"},
+{ERR_REASON(SSL_R_MISSING_SRP_PARAM) ,"can't find SRP server param"},
+{ERR_REASON(SSL_R_MISSING_SRP_USERNAME) ,"missing srp username"},
{ERR_REASON(SSL_R_MISSING_TMP_DH_KEY) ,"missing tmp dh key"},
{ERR_REASON(SSL_R_MISSING_TMP_ECDH_KEY) ,"missing tmp ecdh key"},
{ERR_REASON(SSL_R_MISSING_TMP_RSA_KEY) ,"missing tmp rsa key"},
@@ -458,6 +468,7 @@
{ERR_REASON(SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED),"session id context uninitialized"},
{ERR_REASON(SSL_R_SHORT_READ) ,"short read"},
{ERR_REASON(SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE),"signature for non signing certificate"},
+{ERR_REASON(SSL_R_SRP_A_CALC) ,"error with the srp params"},
{ERR_REASON(SSL_R_SSL23_DOING_SESSION_ID_REUSE),"ssl23 doing session id reuse"},
{ERR_REASON(SSL_R_SSL2_CONNECTION_ID_TOO_LONG),"ssl2 connection id too long"},
{ERR_REASON(SSL_R_SSL3_EXT_INVALID_ECPOINTFORMAT),"ssl3 ext invalid ecpointformat"},
diff -ruN openssl-SNAP-20091218-orig/ssl/ssl.h openssl-SNAP-20091218-srp/ssl/ssl.h
--- openssl-SNAP-20091218-orig/ssl/ssl.h 2009-12-16 21:01:04.000000000 +0000
+++ openssl-SNAP-20091218-srp/ssl/ssl.h 2009-12-18 20:33:30.000000000 +0000
@@ -252,6 +252,7 @@
#define SSL_TXT_kEECDH "kEECDH"
#define SSL_TXT_kPSK "kPSK"
#define SSL_TXT_kGOST "kGOST"
+#define SSL_TXT_kSRP "kSRP"

#define SSL_TXT_aRSA "aRSA"
#define SSL_TXT_aDSS "aDSS"
@@ -275,6 +276,7 @@
#define SSL_TXT_ECDSA "ECDSA"
#define SSL_TXT_KRB5 "KRB5"
#define SSL_TXT_PSK "PSK"
+#define SSL_TXT_SRP "SRP"

#define SSL_TXT_DES "DES"
#define SSL_TXT_3DES "3DES"
@@ -437,6 +439,7 @@
* ECPointFormatList [ 7 ] OCTET STRING, -- optional EC point format list from TLS extension
* PSK_identity_hint [ 8 ] EXPLICIT OCTET STRING, -- optional PSK identity hint
* PSK_identity [ 9 ] EXPLICIT OCTET STRING -- optional PSK identity
+ * SRP_username [ 11 ] EXPLICIT OCTET STRING -- optional SRP username
* }
* Look in ssl/ssl_asn1.c for more details
* I'm using EXPLICIT tags so I can read the damn things using asn1parse :-).
@@ -468,6 +471,9 @@
char *psk_identity_hint;
char *psk_identity;
#endif
+#ifndef OPENSSL_NO_SRP
+ char *srp_username;
+#endif
int not_resumable;

/* The cert is the certificate used to establish this connection */
@@ -644,7 +650,42 @@
#define SSL_CTX_set_msg_callback_arg(ctx, arg) SSL_CTX_ctrl((ctx), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
#define SSL_set_msg_callback_arg(ssl, arg) SSL_ctrl((ssl), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))

+#ifndef OPENSSL_NO_SRP
+
+typedef struct srp_ctx_st
+ {
+ /* param for all the callbacks */
+ void *SRP_cb_arg;
+ /* set client Hello login callback */
+ int (*TLS_ext_srp_username_callback)(SSL *, int *, void *);
+ /* set SRP N/g param callback for verification */
+ int (*SRP_verify_param_callback)(SSL *, void *);
+ /* set SRP client passwd callback */
+ char *(*SRP_give_srp_client_pwd_callback)(SSL *, void *);
+ /* set SRP client username callback */
+ char *(*SRP_TLS_ext_missing_srp_client_username_callback)(SSL *, void *);
+
+ char *login;
+ BIGNUM *N,*g,*s,*B,*A;
+ BIGNUM *a,*b,*v;
+ char *info;
+ int strength;
+
+ unsigned long srp_Mask;
+ } SRP_CTX;
+
+/* see tls_srp.c */
+int SSL_SRP_CTX_init(SSL *s);
+int SSL_CTX_SRP_CTX_init(SSL_CTX *ctx);
+int SSL_SRP_CTX_free(SSL *ctx);
+int SSL_CTX_SRP_CTX_free(SSL_CTX *ctx);
+int SSL_srp_server_param_with_username(SSL *s, int *ad);
+int SRP_generate_server_master_secret(SSL *s,unsigned char *master_key);
+int SRP_Calc_A_param(SSL *s);
+int SRP_generate_client_master_secret(SSL *s,unsigned char *master_key);
+int SRP_have_to_put_srp_username(SSL *s);

+#endif

#if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN32)
#define SSL_MAX_CERT_LIST_DEFAULT 1024*30 /* 30k max cert list :-) */
@@ -863,6 +904,10 @@
unsigned char *psk, unsigned int max_psk_len);
#endif

+#ifndef OPENSSL_NO_SRP
+ SRP_CTX srp_ctx; /* ctx for SRP authentication */
+#endif
+
#ifndef OPENSSL_NO_BUF_FREELISTS
#define SSL_MAX_BUF_FREELIST_LEN_DEFAULT 32
unsigned int freelist_max_len;
@@ -1110,6 +1155,10 @@
unsigned char *psk, unsigned int max_psk_len);
#endif

+#ifndef OPENSSL_NO_SRP
+ SRP_CTX srp_ctx; /* ctx for SRP authentication */
+#endif
+
SSL_CTX *ctx;
/* set this flag to 1 and a sleep(1) is put into all SSL_read()
* and SSL_write() calls, good for nbio debuging :-) */
@@ -1327,6 +1376,8 @@
#define SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE
#define SSL_AD_BAD_CERTIFICATE_HASH_VALUE TLS1_AD_BAD_CERTIFICATE_HASH_VALUE
#define SSL_AD_UNKNOWN_PSK_IDENTITY TLS1_AD_UNKNOWN_PSK_IDENTITY /* fatal */
+#define SSL_AD_UNKNOWN_SRP_USERNAME TLS1_AD_UNKNOWN_SRP_USERNAME
+#define SSL_AD_MISSING_SRP_USERNAME TLS1_AD_MISSING_SRP_USERNAME

#define SSL_ERROR_NONE 0
#define SSL_ERROR_SSL 1
@@ -1410,6 +1461,15 @@
#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP 71

#define SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB 72
+
+#define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB 75
+#define SSL_CTRL_SET_SRP_VERIFY_PARAM_CB 76
+#define SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB 77
+#define SSL_CTRL_SET_TLS_EXT_SRP_MISSING_CLIENT_USERNAME_CB 78
+#define SSL_CTRL_SET_SRP_ARG 79
+#define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME 80
+#define SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH 81
+#define SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD 82
#endif

#define DTLS_CTRL_GET_TIMEOUT 73
@@ -1614,6 +1674,26 @@
int SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm);
int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm);

+#ifndef OPENSSL_NO_SRP
+int SSL_CTX_set_srp_username(SSL_CTX *ctx,char *name);
+int SSL_CTX_set_srp_password(SSL_CTX *ctx,char *password);
+int SSL_CTX_set_srp_strength(SSL_CTX *ctx, int strength);
+int SSL_CTX_set_srp_client_pwd_callback(SSL_CTX *ctx, char *(*cb)(SSL *,void *));
+int SSL_CTX_set_srp_verify_param_callback(SSL_CTX *ctx, int (*cb)(SSL *,void *));
+int SSL_CTX_set_srp_username_callback(SSL_CTX *ctx, int (*cb)(SSL *,int *,void *));
+int SSL_CTX_set_srp_missing_srp_username_callback(SSL_CTX *ctx, char *(*cb)(SSL *,void *));
+int SSL_CTX_set_srp_cb_arg(SSL_CTX *ctx, void *arg);
+
+int SSL_set_srp_server_param(SSL *s,BIGNUM *N,BIGNUM *g,BIGNUM *sa,BIGNUM *v,char *info);
+int SSL_set_srp_server_param_pw(SSL *s, const char *user, const char *pass, const char *grp);
+
+BIGNUM *SSL_get_srp_g(SSL *s);
+BIGNUM *SSL_get_srp_N(SSL *s);
+
+char *SSL_get_srp_username(SSL *s);
+char *SSL_get_srp_userinfo(SSL *s);
+#endif
+
void SSL_free(SSL *ssl);
int SSL_accept(SSL *ssl);
int SSL_connect(SSL *ssl);
@@ -2001,6 +2081,7 @@
#define SSL_F_SSL_SET_TRUST 228
#define SSL_F_SSL_SET_WFD 196
#define SSL_F_SSL_SHUTDOWN 224
+#define SSL_F_SSL_SRP_CTX_INIT 293
#define SSL_F_SSL_UNDEFINED_CONST_FUNCTION 243
#define SSL_F_SSL_UNDEFINED_FUNCTION 197
#define SSL_F_SSL_UNDEFINED_VOID_FUNCTION 244
@@ -2059,6 +2140,11 @@
#define SSL_R_BAD_RSA_MODULUS_LENGTH 121
#define SSL_R_BAD_RSA_SIGNATURE 122
#define SSL_R_BAD_SIGNATURE 123
+#define SSL_R_BAD_SRP_A_LENGTH 2096
+#define SSL_R_BAD_SRP_B_LENGTH 2097
+#define SSL_R_BAD_SRP_G_LENGTH 2098
+#define SSL_R_BAD_SRP_N_LENGTH 2099
+#define SSL_R_BAD_SRP_S_LENGTH 2100
#define SSL_R_BAD_SSL_FILETYPE 124
#define SSL_R_BAD_SSL_SESSION_ID_LENGTH 125
#define SSL_R_BAD_STATE 126
@@ -2075,6 +2161,7 @@
#define SSL_R_CIPHER_CODE_WRONG_LENGTH 137
#define SSL_R_CIPHER_OR_HASH_UNAVAILABLE 138
#define SSL_R_CIPHER_TABLE_SRC_ERROR 139
+#define SSL_R_CLIENTHELLO_SRP_TLS_EXT 2101
#define SSL_R_CLIENTHELLO_TLSEXT 226
#define SSL_R_COMPRESSED_LENGTH_TOO_LONG 140
#define SSL_R_COMPRESSION_FAILURE 141
@@ -2108,6 +2195,7 @@
#define SSL_R_INVALID_CHALLENGE_LENGTH 158
#define SSL_R_INVALID_COMMAND 280
#define SSL_R_INVALID_PURPOSE 278
+#define SSL_R_INVALID_SRP_USERNAME 2107
#define SSL_R_INVALID_STATUS_RESPONSE 328
#define SSL_R_INVALID_TICKET_KEYS_LENGTH 325
#define SSL_R_INVALID_TRUST 279
@@ -2137,6 +2225,8 @@
#define SSL_R_MISSING_RSA_CERTIFICATE 168
#define SSL_R_MISSING_RSA_ENCRYPTING_CERT 169
#define SSL_R_MISSING_RSA_SIGNING_CERT 170
+#define SSL_R_MISSING_SRP_PARAM 2103
+#define SSL_R_MISSING_SRP_USERNAME 2104
#define SSL_R_MISSING_TMP_DH_KEY 171
#define SSL_R_MISSING_TMP_ECDH_KEY 311
#define SSL_R_MISSING_TMP_RSA_KEY 172
@@ -2206,6 +2296,7 @@
#define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED 277
#define SSL_R_SHORT_READ 219
#define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220
+#define SSL_R_SRP_A_CALC 2105
#define SSL_R_SSL23_DOING_SESSION_ID_REUSE 221
#define SSL_R_SSL2_CONNECTION_ID_TOO_LONG 299
#define SSL_R_SSL3_EXT_INVALID_ECPOINTFORMAT 321
diff -ruN openssl-SNAP-20091218-orig/ssl/ssl_lib.c openssl-SNAP-20091218-srp/ssl/ssl_lib.c
--- openssl-SNAP-20091218-orig/ssl/ssl_lib.c 2009-12-16 21:01:04.000000000 +0000
+++ openssl-SNAP-20091218-srp/ssl/ssl_lib.c 2009-12-18 20:33:30.000000000 +0000
@@ -1639,6 +1639,9 @@
ret->psk_client_callback=NULL;
ret->psk_server_callback=NULL;
#endif
+#ifndef OPENSSL_NO_SRP
+ SSL_CTX_SRP_CTX_init(ret);
+#endif
#ifndef OPENSSL_NO_BUF_FREELISTS
ret->freelist_max_len = SSL_MAX_BUF_FREELIST_LEN_DEFAULT;
ret->rbuf_freelist = OPENSSL_malloc(sizeof(SSL3_BUF_FREELIST));
@@ -1771,6 +1774,9 @@
if (a->psk_identity_hint)
OPENSSL_free(a->psk_identity_hint);
#endif
+#ifndef OPENSSL_NO_SRP
+ SSL_CTX_SRP_CTX_free(a);
+#endif
#ifndef OPENSSL_NO_ENGINE
if (a->client_cert_engine)
ENGINE_finish(a->client_cert_engine);
diff -ruN openssl-SNAP-20091218-orig/ssl/ssl_locl.h openssl-SNAP-20091218-srp/ssl/ssl_locl.h
--- openssl-SNAP-20091218-orig/ssl/ssl_locl.h 2009-12-08 12:01:08.000000000 +0000
+++ openssl-SNAP-20091218-srp/ssl/ssl_locl.h 2009-12-18 20:33:30.000000000 +0000
@@ -289,6 +289,7 @@
#define SSL_kEECDH 0x00000080L /* ephemeral ECDH */
#define SSL_kPSK 0x00000100L /* PSK */
#define SSL_kGOST 0x00000200L /* GOST key exchange */
+#define SSL_kSRP 0x00000400L /* SRP */

/* Bits for algorithm_auth (server authentication) */
#define SSL_aRSA 0x00000001L /* RSA auth */
diff -ruN openssl-SNAP-20091218-orig/ssl/ssl_sess.c openssl-SNAP-20091218-srp/ssl/ssl_sess.c
--- openssl-SNAP-20091218-orig/ssl/ssl_sess.c 2009-12-07 14:00:27.000000000 +0000
+++ openssl-SNAP-20091218-srp/ssl/ssl_sess.c 2009-12-18 20:33:30.000000000 +0000
@@ -218,6 +218,9 @@
ss->psk_identity_hint=NULL;
ss->psk_identity=NULL;
#endif
+#ifndef OPENSSL_NO_SRP
+ ss->srp_username=NULL;
+#endif
return(ss);
}

@@ -734,6 +737,10 @@
if (ss->psk_identity != NULL)
OPENSSL_free(ss->psk_identity);
#endif
+#ifndef OPENSSL_NO_SRP
+ if (ss->srp_username != NULL)
+ OPENSSL_free(ss->srp_username);
+#endif
OPENSSL_cleanse(ss,sizeof(*ss));
OPENSSL_free(ss);
}
diff -ruN openssl-SNAP-20091218-orig/ssl/ssl_stat.c openssl-SNAP-20091218-srp/ssl/ssl_stat.c
--- openssl-SNAP-20091218-orig/ssl/ssl_stat.c 2008-04-29 17:00:22.000000000 +0000
+++ openssl-SNAP-20091218-srp/ssl/ssl_stat.c 2009-12-18 20:33:30.000000000 +0000
@@ -210,6 +210,9 @@
case SSL3_ST_SR_KEY_EXCH_B: str="SSLv3 read client key exchange B"; break;
case SSL3_ST_SR_CERT_VRFY_A: str="SSLv3 read certificate verify A"; break;
case SSL3_ST_SR_CERT_VRFY_B: str="SSLv3 read certificate verify B"; break;
+#ifndef OPENSSL_NO_SRP
+case SSL3_ST_SR_CLNT_HELLO_SRP_USERNAME: str="SSLv3 waiting for a SRP username"; break;
+#endif
#endif

#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
@@ -536,6 +539,11 @@
case TLS1_AD_UNKNOWN_PSK_IDENTITY:
str="unknown PSK identity";
break;
+#ifndef OPENSSL_NO_SRP
+ case TLS1_AD_MISSING_SRP_USERNAME:
+ str="no srp username";
+ break;
+#endif
default: str="unknown"; break;
}
return(str);
diff -ruN openssl-SNAP-20091218-orig/ssl/ssltest.c openssl-SNAP-20091218-srp/ssl/ssltest.c
--- openssl-SNAP-20091218-orig/ssl/ssltest.c 2009-01-08 00:01:07.000000000 +0000
+++ openssl-SNAP-20091218-srp/ssl/ssltest.c 2009-12-18 20:33:30.000000000 +0000
@@ -178,6 +178,9 @@
#ifndef OPENSSL_NO_DH
#include <openssl/dh.h>
#endif
+#ifndef OPENSSL_NO_SRP
+#include <openssl/srp.h>
+#endif
#include <openssl/bn.h>

#define _XOPEN_SOURCE_EXTENDED 1 /* Or gethostname won't be declared properly
@@ -243,6 +246,55 @@
unsigned int max_psk_len);
#endif

+#ifndef OPENSSL_NO_SRP
+/* SRP client */
+/* This is a context that we pass to all callbacks */
+typedef struct srp_client_arg_st
+ {
+ char *srppassin;
+ char *srplogin;
+ } SRP_CLIENT_ARG;
+
+#define PWD_STRLEN 1024
+
+static char * MS_CALLBACK ssl_give_srp_client_pwd_cb(SSL *s, void *arg)
+ {
+ SRP_CLIENT_ARG *srp_client_arg = (SRP_CLIENT_ARG *)arg;
+ return BUF_strdup((char *)srp_client_arg->srppassin);
+ }
+
+static char * MS_CALLBACK missing_srp_username_callback(SSL *s, void *arg)
+ {
+ SRP_CLIENT_ARG *srp_client_arg = (SRP_CLIENT_ARG *)arg;
+ return BUF_strdup(srp_client_arg->srplogin);
+ }
+
+/* SRP server */
+/* This is a context that we pass to SRP server callbacks */
+typedef struct srp_server_arg_st
+ {
+ char *expected_user;
+ char *pass;
+ } SRP_SERVER_ARG;
+
+static int MS_CALLBACK ssl_srp_server_param_cb(SSL *s, int *ad, void *arg)
+ {
+ SRP_SERVER_ARG * p = (SRP_SERVER_ARG *) arg;
+
+ if (strcmp(p->expected_user, SSL_get_srp_username(s)) != 0)
+ {
+ fprintf(stderr, "User %s doesn't exist\n", SSL_get_srp_username(s));
+ return SSL3_AL_FATAL;
+ }
+ if (SSL_set_srp_server_param_pw(s,p->expected_user,p->pass,"1024")<0)
+ {
+ *ad = SSL_AD_INTERNAL_ERROR;
+ return SSL3_AL_FATAL;
+ }
+ return SSL_ERROR_NONE;
+ }
+#endif
+
static BIO *bio_err=NULL;
static BIO *bio_stdout=NULL;

@@ -286,6 +338,10 @@
#ifndef OPENSSL_NO_PSK
fprintf(stderr," -psk arg - PSK in hex (without 0x)\n");
#endif
+#ifndef OPENSSL_NO_SRP
+ fprintf(stderr," -srpuser user - SRP username to use\n");
+ fprintf(stderr," -srppass arg - password for 'user'\n");
+#endif
#ifndef OPENSSL_NO_SSL2
fprintf(stderr," -ssl2 - use SSLv2\n");
#endif
@@ -473,6 +529,13 @@
#ifndef OPENSSL_NO_ECDH
EC_KEY *ecdh = NULL;
#endif
+#ifndef OPENSSL_NO_SRP
+ /* client */
+ int srp_lateuser = 0;
+ SRP_CLIENT_ARG srp_client_arg = {NULL,NULL};
+ /* server */
+ SRP_SERVER_ARG srp_server_arg = {NULL,NULL};
+#endif
int no_dhe = 0;
int no_ecdhe = 0;
int no_psk = 0;
@@ -569,6 +632,20 @@
no_psk=1;
#endif
}
+#ifndef OPENSSL_NO_SRP
+ else if (strcmp(*argv,"-srpuser") == 0)
+ {
+ if (--argc < 1) goto bad;
+ srp_server_arg.expected_user = srp_client_arg.srplogin= *(++argv);
+ tls1=1;
+ }
+ else if (strcmp(*argv,"-srppass") == 0)
+ {
+ if (--argc < 1) goto bad;
+ srp_server_arg.pass = srp_client_arg.srppassin= *(++argv);
+ tls1=1;
+ }
+#endif
else if (strcmp(*argv,"-ssl2") == 0)
ssl2=1;
else if (strcmp(*argv,"-tls1") == 0)
@@ -937,6 +1014,28 @@
}
#endif
}
+#ifndef OPENSSL_NO_SRP
+ if (srp_client_arg.srplogin)
+ {
+ if (srp_lateuser)
+ SSL_CTX_set_srp_missing_srp_username_callback(c_ctx,missing_srp_username_callback);
+ else if (!SSL_CTX_set_srp_username(c_ctx, srp_client_arg.srplogin))
+ {
+ BIO_printf(bio_err,"Unable to set SRP username\n");
+ goto end;
+ }
+ SSL_CTX_set_srp_cb_arg(c_ctx,&srp_client_arg);
+ SSL_CTX_set_srp_client_pwd_callback(c_ctx, ssl_give_srp_client_pwd_cb);
+ /*SSL_CTX_set_srp_strength(c_ctx, srp_client_arg.strength);*/
+ }
+
+ if (srp_server_arg.expected_user != NULL)
+ {
+ SSL_CTX_set_verify(s_ctx,SSL_VERIFY_NONE,verify_callback);
+ SSL_CTX_set_srp_cb_arg(s_ctx, &srp_server_arg);
+ SSL_CTX_set_srp_username_callback(s_ctx, ssl_srp_server_param_cb);
+ }
+#endif

c_ssl=SSL_new(c_ctx);
s_ssl=SSL_new(s_ctx);
diff -ruN openssl-SNAP-20091218-orig/ssl/ssl_txt.c openssl-SNAP-20091218-srp/ssl/ssl_txt.c
--- openssl-SNAP-20091218-orig/ssl/ssl_txt.c 2009-12-07 14:00:27.000000000 +0000
+++ openssl-SNAP-20091218-srp/ssl/ssl_txt.c 2009-12-18 20:33:30.000000000 +0000
@@ -189,6 +189,10 @@
if (BIO_puts(bp,"\n PSK identity hint: ") <= 0) goto err;
if (BIO_printf(bp, "%s", x->psk_identity_hint ? x->psk_identity_hint : "None") <= 0) goto err;
#endif
+#ifndef OPENSSL_NO_SRP
+ if (BIO_puts(bp,"\n SRP username: ") <= 0) goto err;
+ if (BIO_printf(bp, "%s", x->srp_username ? x->srp_username : "None") <= 0) goto err;
+#endif
#ifndef OPENSSL_NO_TLSEXT
if (x->tlsext_tick_lifetime_hint)
{
diff -ruN openssl-SNAP-20091218-orig/ssl/t1_enc.c openssl-SNAP-20091218-srp/ssl/t1_enc.c
--- openssl-SNAP-20091218-orig/ssl/t1_enc.c 2009-12-07 14:00:27.000000000 +0000
+++ openssl-SNAP-20091218-srp/ssl/t1_enc.c 2009-12-18 20:33:30.000000000 +0000
@@ -1025,6 +1025,9 @@
case SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE: return(TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE);
case SSL_AD_BAD_CERTIFICATE_HASH_VALUE: return(TLS1_AD_BAD_CERTIFICATE_HASH_VALUE);
case SSL_AD_UNKNOWN_PSK_IDENTITY:return(TLS1_AD_UNKNOWN_PSK_IDENTITY);
+#ifndef OPENSSL_NO_SRP
+ case SSL_AD_MISSING_SRP_USERNAME:return(TLS1_AD_MISSING_SRP_USERNAME);
+#endif
#if 0 /* not appropriate for TLS, not used for DTLS */
case DTLS1_AD_MISSING_HANDSHAKE_MESSAGE: return
(DTLS1_AD_MISSING_HANDSHAKE_MESSAGE);
diff -ruN openssl-SNAP-20091218-orig/ssl/t1_lib.c openssl-SNAP-20091218-srp/ssl/t1_lib.c
--- openssl-SNAP-20091218-orig/ssl/t1_lib.c 2009-12-17 16:00:58.000000000 +0000
+++ openssl-SNAP-20091218-srp/ssl/t1_lib.c 2009-12-18 20:33:30.000000000 +0000
@@ -340,6 +340,30 @@
ret += el;
}

+#ifndef OPENSSL_NO_SRP
+#define MIN(x,y) (((x)<(y))?(x):(y))
+ /* we add SRP username the first time only if we have one! */
+ if (s->srp_ctx.login != NULL)
+ {/* Add TLS extension SRP username to the Client Hello message */
+ int login_len = MIN(strlen(s->srp_ctx.login) + 1, 255);
+ long lenmax;
+
+ if ((lenmax = limit - ret - 5) < 0) return NULL;
+ if (login_len > lenmax) return NULL;
+ if (login_len > 255)
+ {
+ SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
+ return NULL;
+ }
+ s2n(TLSEXT_TYPE_srp,ret);
+ s2n(login_len+1,ret);
+
+ (*ret++) = (unsigned char) MIN(strlen(s->srp_ctx.login), 254);
+ memcpy(ret, s->srp_ctx.login, MIN(strlen(s->srp_ctx.login), 254));
+ ret+=login_len;
+ }
+#endif
+
#ifndef OPENSSL_NO_EC
if (s->tlsext_ecpointformatlist != NULL &&
s->version != DTLS1_VERSION)
@@ -751,6 +775,19 @@
}

}
+#ifndef OPENSSL_NO_SRP
+ else if (type == TLSEXT_TYPE_srp)
+ {
+ if (size > 0)
+ {
+ len = data[0];
+ if ((s->srp_ctx.login = OPENSSL_malloc(len+1)) == NULL)
+ return -1;
+ memcpy(s->srp_ctx.login, &data[1], len);
+ s->srp_ctx.login[len]='\0';
+ }
+ }
+#endif

#ifndef OPENSSL_NO_EC
else if (type == TLSEXT_TYPE_ec_point_formats &&
diff -ruN openssl-SNAP-20091218-orig/ssl/tls1.h openssl-SNAP-20091218-srp/ssl/tls1.h
--- openssl-SNAP-20091218-orig/ssl/tls1.h 2009-12-07 14:00:27.000000000 +0000
+++ openssl-SNAP-20091218-srp/ssl/tls1.h 2009-12-18 20:33:30.000000000 +0000
@@ -186,6 +186,8 @@
#define TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE 113
#define TLS1_AD_BAD_CERTIFICATE_HASH_VALUE 114
#define TLS1_AD_UNKNOWN_PSK_IDENTITY 115 /* fatal */
+#define TLS1_AD_UNKNOWN_SRP_USERNAME 120 /* fatal */
+#define TLS1_AD_MISSING_SRP_USERNAME 121

/* ExtensionType values from RFC3546 / RFC4366 */
#define TLSEXT_TYPE_server_name 0
@@ -197,6 +199,8 @@
/* ExtensionType values from RFC4492 */
#define TLSEXT_TYPE_elliptic_curves 10
#define TLSEXT_TYPE_ec_point_formats 11
+/* ExtensionType value from RFC5054 */
+#define TLSEXT_TYPE_srp 12
#define TLSEXT_TYPE_session_ticket 35
/* ExtensionType value from draft-rescorla-tls-opaque-prf-input-00.txt */
#if 0 /* will have to be provided externally for now ,
@@ -380,6 +384,17 @@
#define TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA 0x0300C018
#define TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA 0x0300C019

+/* SRP ciphersuites from RFC 5054 */
+#define TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA 0x0300C01A
+#define TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA 0x0300C01B
+#define TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA 0x0300C01C
+#define TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA 0x0300C01D
+#define TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA 0x0300C01E
+#define TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA 0x0300C01F
+#define TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA 0x0300C020
+#define TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA 0x0300C021
+#define TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA 0x0300C022
+
/* XXX
* Inconsistency alert:
* The OpenSSL names of ciphers with ephemeral DH here include the string
@@ -447,6 +462,17 @@
#define TLS1_TXT_PSK_WITH_AES_128_CBC_SHA "PSK-AES128-CBC-SHA"
#define TLS1_TXT_PSK_WITH_AES_256_CBC_SHA "PSK-AES256-CBC-SHA"

+/* SRP ciphersuite from RFC 5054 */
+#define TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA "SRP-3DES-EDE-CBC-SHA"
+#define TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA "SRP-RSA-3DES-EDE-CBC-SHA"
+#define TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA "SRP-DSS-3DES-EDE-CBC-SHA"
+#define TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA "SRP-AES-128-CBC-SHA"
+#define TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA "SRP-RSA-AES-128-CBC-SHA"
+#define TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA "SRP-DSS-AES-128-CBC-SHA"
+#define TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA "SRP-AES-256-CBC-SHA"
+#define TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA "SRP-RSA-AES-256-CBC-SHA"
+#define TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA "SRP-DSS-AES-256-CBC-SHA"
+
/* Camellia ciphersuites from RFC4132 */
#define TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA "CAMELLIA128-SHA"
#define TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA "DH-DSS-CAMELLIA128-SHA"
diff -ruN openssl-SNAP-20091218-orig/ssl/tls_srp.c openssl-SNAP-20091218-srp/ssl/tls_srp.c
--- openssl-SNAP-20091218-orig/ssl/tls_srp.c 1970-01-01 00:00:00.000000000 +0000
+++ openssl-SNAP-20091218-srp/ssl/tls_srp.c 2009-12-18 20:33:30.000000000 +0000
@@ -0,0 +1,518 @@
+/* ssl/tls_srp.c */
+/* Written by Christophe Renou (christophe.renou@...) with
+ * the precious help of Peter Sylvester (peter.sylvester@...)
+ * for the EdelKey project and contributed to the OpenSSL project 2004.
+ */
+/* ====================================================================
+ * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@....
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@...). This product includes software written by Tim
+ * Hudson (tjh@...).
+ *
+ */
+#include "ssl_locl.h"
+#ifndef OPENSSL_NO_SRP
+
+#include <openssl/rand.h>
+#include <openssl/srp.h>
+#include <openssl/err.h>
+
+int SSL_CTX_SRP_CTX_free(struct ssl_ctx_st *ctx)
+ {
+ if (ctx == NULL)
+ return 0;
+ OPENSSL_free(ctx->srp_ctx.login);
+ BN_free(ctx->srp_ctx.N);
+ BN_free(ctx->srp_ctx.g);
+ BN_free(ctx->srp_ctx.s);
+ BN_free(ctx->srp_ctx.B);
+ BN_free(ctx->srp_ctx.A);
+ BN_free(ctx->srp_ctx.a);
+ BN_free(ctx->srp_ctx.b);
+ BN_free(ctx->srp_ctx.v);
+ ctx->srp_ctx.TLS_ext_srp_username_callback = NULL;
+ ctx->srp_ctx.SRP_cb_arg = NULL;
+ ctx->srp_ctx.SRP_verify_param_callback = NULL;
+ ctx->srp_ctx.SRP_give_srp_client_pwd_callback = NULL;
+ ctx->srp_ctx.SRP_TLS_ext_missing_srp_client_username_callback = NULL;
+ ctx->srp_ctx.N = NULL;
+ ctx->srp_ctx.g = NULL;
+ ctx->srp_ctx.s = NULL;
+ ctx->srp_ctx.B = NULL;
+ ctx->srp_ctx.A = NULL;
+ ctx->srp_ctx.a = NULL;
+ ctx->srp_ctx.b = NULL;
+ ctx->srp_ctx.v = NULL;
+ ctx->srp_ctx.login = NULL;
+ ctx->srp_ctx.info = NULL;
+ ctx->srp_ctx.strength = SRP_MINIMAL_N;
+ ctx->srp_ctx.srp_Mask = 0;
+ return (1);
+ }
+
+int SSL_SRP_CTX_free(struct ssl_st *s)
+ {
+ if (s == NULL)
+ return 0;
+ OPENSSL_free(s->srp_ctx.login);
+ BN_free(s->srp_ctx.N);
+ BN_free(s->srp_ctx.g);
+ BN_free(s->srp_ctx.s);
+ BN_free(s->srp_ctx.B);
+ BN_free(s->srp_ctx.A);
+ BN_free(s->srp_ctx.a);
+ BN_free(s->srp_ctx.b);
+ BN_free(s->srp_ctx.v);
+ s->srp_ctx.TLS_ext_srp_username_callback = NULL;
+ s->srp_ctx.SRP_cb_arg = NULL;
+ s->srp_ctx.SRP_verify_param_callback = NULL;
+ s->srp_ctx.SRP_give_srp_client_pwd_callback = NULL;
+ s->srp_ctx.SRP_TLS_ext_missing_srp_client_username_callback = NULL;
+ s->srp_ctx.N = NULL;
+ s->srp_ctx.g = NULL;
+ s->srp_ctx.s = NULL;
+ s->srp_ctx.B = NULL;
+ s->srp_ctx.A = NULL;
+ s->srp_ctx.a = NULL;
+ s->srp_ctx.b = NULL;
+ s->srp_ctx.v = NULL;
+ s->srp_ctx.login = NULL;
+ s->srp_ctx.info = NULL;
+ s->srp_ctx.strength = SRP_MINIMAL_N;
+ s->srp_ctx.srp_Mask = 0;
+ return (1);
+ }
+
+int SSL_SRP_CTX_init(struct ssl_st *s)
+ {
+ SSL_CTX *ctx;
+
+ if ((s == NULL) || ((ctx = s->ctx) == NULL))
+ return 0;
+ s->srp_ctx.SRP_cb_arg = ctx->srp_ctx.SRP_cb_arg;
+ /* set client Hello login callback */
+ s->srp_ctx.TLS_ext_srp_username_callback = ctx->srp_ctx.TLS_ext_srp_username_callback;
+ /* set SRP N/g param callback for verification */
+ s->srp_ctx.SRP_verify_param_callback = ctx->srp_ctx.SRP_verify_param_callback;
+ /* set SRP client passwd callback */
+ s->srp_ctx.SRP_give_srp_client_pwd_callback = ctx->srp_ctx.SRP_give_srp_client_pwd_callback;
+ s->srp_ctx.SRP_TLS_ext_missing_srp_client_username_callback = ctx->srp_ctx.SRP_TLS_ext_missing_srp_client_username_callback;
+
+ s->srp_ctx.N = NULL;
+ s->srp_ctx.g = NULL;
+ s->srp_ctx.s = NULL;
+ s->srp_ctx.B = NULL;
+ s->srp_ctx.A = NULL;
+ s->srp_ctx.a = NULL;
+ s->srp_ctx.b = NULL;
+ s->srp_ctx.v = NULL;
+ s->srp_ctx.login = NULL;
+ s->srp_ctx.info = ctx->srp_ctx.info;
+ s->srp_ctx.strength = ctx->srp_ctx.strength;
+
+ if (((ctx->srp_ctx.N != NULL) &&
+ ((s->srp_ctx.N = BN_dup(ctx->srp_ctx.N)) == NULL)) ||
+ ((ctx->srp_ctx.g != NULL) &&
+ ((s->srp_ctx.g = BN_dup(ctx->srp_ctx.g)) == NULL)) ||
+ ((ctx->srp_ctx.s != NULL) &&
+ ((s->srp_ctx.s = BN_dup(ctx->srp_ctx.s)) == NULL)) ||
+ ((ctx->srp_ctx.B != NULL) &&
+ ((s->srp_ctx.B = BN_dup(ctx->srp_ctx.B)) == NULL)) ||
+ ((ctx->srp_ctx.A != NULL) &&
+ ((s->srp_ctx.A = BN_dup(ctx->srp_ctx.A)) == NULL)) ||
+ ((ctx->srp_ctx.a != NULL) &&
+ ((s->srp_ctx.a = BN_dup(ctx->srp_ctx.a)) == NULL)) ||
+ ((ctx->srp_ctx.v != NULL) &&
+ ((s->srp_ctx.v = BN_dup(ctx->srp_ctx.v)) == NULL)) ||
+ ((ctx->srp_ctx.b != NULL) &&
+ ((s->srp_ctx.b = BN_dup(ctx->srp_ctx.b)) == NULL)))
+ {
+ SSLerr(SSL_F_SSL_SRP_CTX_INIT,ERR_R_BN_LIB);
+ goto err;
+ }
+ if ((ctx->srp_ctx.login != NULL) &&
+ ((s->srp_ctx.login = BUF_strdup(ctx->srp_ctx.login)) == NULL))
+ {
+ SSLerr(SSL_F_SSL_SRP_CTX_INIT,ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ s->srp_ctx.srp_Mask = ctx->srp_ctx.srp_Mask;
+
+ return (1);
+err:
+ OPENSSL_free(s->srp_ctx.login);
+ BN_free(s->srp_ctx.N);
+ BN_free(s->srp_ctx.g);
+ BN_free(s->srp_ctx.s);
+ BN_free(s->srp_ctx.B);
+ BN_free(s->srp_ctx.A);
+ BN_free(s->srp_ctx.a);
+ BN_free(s->srp_ctx.b);
+ BN_free(s->srp_ctx.v);
+ return (0);
+ }
+
+int SSL_CTX_SRP_CTX_init(struct ssl_ctx_st *ctx)
+ {
+ if (ctx == NULL)
+ return 0;
+
+ ctx->srp_ctx.SRP_cb_arg = NULL;
+ /* set client Hello login callback */
+ ctx->srp_ctx.TLS_ext_srp_username_callback = NULL;
+ /* set SRP N/g param callback for verification */
+ ctx->srp_ctx.SRP_verify_param_callback = NULL;
+ /* set SRP client passwd callback */
+ ctx->srp_ctx.SRP_give_srp_client_pwd_callback = NULL;
+ ctx->srp_ctx.SRP_TLS_ext_missing_srp_client_username_callback = NULL;
+
+ ctx->srp_ctx.N = NULL;
+ ctx->srp_ctx.g = NULL;
+ ctx->srp_ctx.s = NULL;
+ ctx->srp_ctx.B = NULL;
+ ctx->srp_ctx.A = NULL;
+ ctx->srp_ctx.a = NULL;
+ ctx->srp_ctx.b = NULL;
+ ctx->srp_ctx.v = NULL;
+ ctx->srp_ctx.login = NULL;
+ ctx->srp_ctx.srp_Mask = 0;
+ ctx->srp_ctx.info = NULL;
+ ctx->srp_ctx.strength = SRP_MINIMAL_N;
+
+ return (1);
+ }
+
+/* server side */
+int SSL_srp_server_param_with_username(SSL *s, int *ad)
+ {
+ unsigned char b[SSL_MAX_MASTER_KEY_LENGTH];
+ int al;
+
+ *ad = SSL_AD_UNKNOWN_SRP_USERNAME;
+ if ((s->srp_ctx.TLS_ext_srp_username_callback !=NULL) &&
+ ((al = s->srp_ctx.TLS_ext_srp_username_callback(s, ad, s->srp_ctx.SRP_cb_arg))!=SSL_ERROR_NONE))
+ return al;
+
+ *ad = SSL_AD_INTERNAL_ERROR;
+ if ((s->srp_ctx.N == NULL) ||
+ (s->srp_ctx.g == NULL) ||
+ (s->srp_ctx.s == NULL) ||
+ (s->srp_ctx.v == NULL))
+ return SSL3_AL_FATAL;
+
+ RAND_bytes(b, sizeof(b));
+ s->srp_ctx.b = BN_bin2bn(b,sizeof(b),NULL);
+ OPENSSL_cleanse(b,sizeof(b));
+
+ /* Calculate: B = (kv + g^b) % N */
+
+ return ((s->srp_ctx.B = SRP_Calc_B(s->srp_ctx.b, s->srp_ctx.N, s->srp_ctx.g, s->srp_ctx.v)) != NULL)?
+ SSL_ERROR_NONE:SSL3_AL_FATAL;
+ }
+
+/* If the server just has the raw password, make up a verifier entry on the fly */
+int SSL_set_srp_server_param_pw(SSL *s, const char *user, const char *pass, const char *grp)
+ {
+ SRP_gN *GN = SRP_get_default_gN(grp);
+ if(GN == NULL) return -1;
+ s->srp_ctx.N = BN_dup(GN->N);
+ s->srp_ctx.g = BN_dup(GN->g);
+ if(s->srp_ctx.v != NULL)
+ {
+ BN_clear_free(s->srp_ctx.v);
+ s->srp_ctx.v = NULL;
+ }
+ if(s->srp_ctx.s != NULL)
+ {
+ BN_clear_free(s->srp_ctx.s);
+ s->srp_ctx.s = NULL;
+ }
+ if(!SRP_create_verifier_BN(user, pass, &s->srp_ctx.s, &s->srp_ctx.v, GN->N, GN->g)) return -1;
+
+ return 1;
+ }
+
+int SSL_set_srp_server_param(SSL *s,BIGNUM *N,BIGNUM *g,BIGNUM *sa,BIGNUM *v,char *info)
+ {
+ if (N!= NULL)
+ {
+ if (s->srp_ctx.N != NULL)
+ {
+ if (!BN_copy(s->srp_ctx.N,N))
+ {
+ BN_free(s->srp_ctx.N);
+ s->srp_ctx.N = NULL;
+ }
+ }
+ else
+ s->srp_ctx.N = BN_dup(N);
+ }
+ if (g!= NULL)
+ {
+ if (s->srp_ctx.g != NULL)
+ {
+ if (!BN_copy(s->srp_ctx.g,g))
+ {
+ BN_free(s->srp_ctx.g);
+ s->srp_ctx.g = NULL;
+ }
+ }
+ else
+ s->srp_ctx.g = BN_dup(g);
+ }
+ if (sa!= NULL)
+ {
+ if (s->srp_ctx.s != NULL)
+ {
+ if (!BN_copy(s->srp_ctx.s,sa))
+ {
+ BN_free(s->srp_ctx.s);
+ s->srp_ctx.s = NULL;
+ }
+ }
+ else
+ s->srp_ctx.s = BN_dup(sa);
+ }
+ if (v!= NULL)
+ {
+ if (s->srp_ctx.v != NULL)
+ {
+ if (!BN_copy(s->srp_ctx.v,v))
+ {
+ BN_free(s->srp_ctx.v);
+ s->srp_ctx.v = NULL;
+ }
+ }
+ else
+ s->srp_ctx.v = BN_dup(v);
+ }
+ s->srp_ctx.info = info;
+
+ if (!(s->srp_ctx.N) ||
+ !(s->srp_ctx.g) ||
+ !(s->srp_ctx.s) ||
+ !(s->srp_ctx.v))
+ return -1;
+
+ return 1;
+ }
+
+int SRP_generate_server_master_secret(SSL *s,unsigned char *master_key)
+ {
+ BIGNUM *K = NULL, *u = NULL;
+ int ret = -1, tmp_len;
+ unsigned char *tmp = NULL;
+
+ if (!SRP_Verify_A_mod_N(s->srp_ctx.A,s->srp_ctx.N))
+ goto err;
+ if (!(u = SRP_Calc_u(s->srp_ctx.A,s->srp_ctx.B,s->srp_ctx.N)))
+ goto err;
+ if (!(K = SRP_Calc_server_key(s->srp_ctx.A, s->srp_ctx.v, u, s->srp_ctx.b, s->srp_ctx.N)))
+ goto err;
+
+ tmp_len = BN_num_bytes(K);
+ if ((tmp = OPENSSL_malloc(tmp_len)) == NULL)
+ goto err;
+ BN_bn2bin(K, tmp);
+ ret = s->method->ssl3_enc->generate_master_secret(s,master_key,tmp,tmp_len);
+err:
+ if (tmp)
+ {
+ OPENSSL_cleanse(tmp,tmp_len) ;
+ OPENSSL_free(tmp);
+ }
+ BN_clear_free(K);
+ BN_clear_free(u);
+ return ret;
+ }
+
+/* client side */
+int SRP_generate_client_master_secret(SSL *s,unsigned char *master_key)
+ {
+ BIGNUM *x = NULL, *u = NULL, *K = NULL;
+ int ret = -1, tmp_len;
+ char *passwd = NULL;
+ unsigned char *tmp = NULL;
+
+ /* Checks if b % n == 0
+ */
+ if (SRP_Verify_B_mod_N(s->srp_ctx.B,s->srp_ctx.N)==0) goto err;
+ if (!(u = SRP_Calc_u(s->srp_ctx.A,s->srp_ctx.B,s->srp_ctx.N))) goto err;
+ if (s->srp_ctx.SRP_give_srp_client_pwd_callback == NULL) goto err;
+ if (!(passwd = s->srp_ctx.SRP_give_srp_client_pwd_callback(s, s->srp_ctx.SRP_cb_arg))) goto err;
+ if (!(x = SRP_Calc_x(s->srp_ctx.s,s->srp_ctx.login,passwd))) goto err;
+ if (!(K = SRP_Calc_client_key(s->srp_ctx.N, s->srp_ctx.B, s->srp_ctx.g, x, s->srp_ctx.a, u))) goto err;
+
+ tmp_len = BN_num_bytes(K);
+ if ((tmp = OPENSSL_malloc(tmp_len)) == NULL) goto err;
+ BN_bn2bin(K, tmp);
+ ret = s->method->ssl3_enc->generate_master_secret(s,master_key,tmp,tmp_len);
+err:
+ if (tmp)
+ {
+ OPENSSL_cleanse(tmp,tmp_len) ;
+ OPENSSL_free(tmp);
+ }
+ BN_clear_free(K);
+ BN_clear_free(x);
+ if (passwd)
+ {
+ OPENSSL_cleanse(passwd,strlen(passwd)) ;
+ OPENSSL_free(passwd);
+ }
+ BN_clear_free(u);
+ return ret;
+ }
+
+int SRP_Calc_A_param(SSL *s)
+ {
+ unsigned char rand[SSL_MAX_MASTER_KEY_LENGTH];
+
+ if (BN_num_bits(s->srp_ctx.N) < s->srp_ctx.strength)
+ return -1;
+
+ if (s->srp_ctx.SRP_verify_param_callback ==NULL &&
+ !SRP_check_known_gN_param(s->srp_ctx.g,s->srp_ctx.N))
+ return -1 ;
+
+ RAND_bytes(rand, sizeof(rand));
+ s->srp_ctx.a = BN_bin2bn(rand,sizeof(rand), s->srp_ctx.a);
+ OPENSSL_cleanse(rand,sizeof(rand));
+
+ if (!(s->srp_ctx.A = SRP_Calc_A(s->srp_ctx.a,s->srp_ctx.N,s->srp_ctx.g)))
+ return -1;
+
+ /* We can have a callback to verify SRP param!! */
+ if (s->srp_ctx.SRP_verify_param_callback !=NULL)
+ return s->srp_ctx.SRP_verify_param_callback(s,s->srp_ctx.SRP_cb_arg);
+
+ return 1;
+ }
+
+int SRP_have_to_put_srp_username(SSL *s)
+ {
+ if (s->srp_ctx.SRP_TLS_ext_missing_srp_client_username_callback == NULL)
+ return 0;
+ if ((s->srp_ctx.login = s->srp_ctx.SRP_TLS_ext_missing_srp_client_username_callback(s,s->srp_ctx.SRP_cb_arg)) == NULL)
+ return 0;
+ s->srp_ctx.srp_Mask|=SSL_kSRP;
+ return 1;
+ }
+
+BIGNUM *SSL_get_srp_g(SSL *s)
+ {
+ if (s->srp_ctx.g != NULL)
+ return s->srp_ctx.g;
+ return s->ctx->srp_ctx.g;
+ }
+
+BIGNUM *SSL_get_srp_N(SSL *s)
+ {
+ if (s->srp_ctx.N != NULL)
+ return s->srp_ctx.N;
+ return s->ctx->srp_ctx.N;
+ }
+
+char *SSL_get_srp_username(SSL *s)
+ {
+ if (s->srp_ctx.login != NULL)
+ return s->srp_ctx.login;
+ return s->ctx->srp_ctx.login;
+ }
+
+char *SSL_get_srp_userinfo(SSL *s)
+ {
+ if (s->srp_ctx.info != NULL)
+ return s->srp_ctx.info;
+ return s->ctx->srp_ctx.info;
+ }
+
+#define tls1_ctx_ctrl ssl3_ctx_ctrl
+#define tls1_ctx_callback_ctrl ssl3_ctx_callback_ctrl
+
+int SSL_CTX_set_srp_username(SSL_CTX *ctx,char *name)
+ {
+ return tls1_ctx_ctrl(ctx,SSL_CTRL_SET_TLS_EXT_SRP_USERNAME,0,name);
+ }
+
+int SSL_CTX_set_srp_password(SSL_CTX *ctx,char *password)
+ {
+ return tls1_ctx_ctrl(ctx,SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD,0,password);
+ }
+
+int SSL_CTX_set_srp_strength(SSL_CTX *ctx, int strength)
+ {
+ return tls1_ctx_ctrl(ctx,SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH,strength,NULL);
+ }
+
+int SSL_CTX_set_srp_verify_param_callback(SSL_CTX *ctx, int (*cb)(SSL *,void *))
+ {
+ return tls1_ctx_callback_ctrl(ctx,SSL_CTRL_SET_SRP_VERIFY_PARAM_CB,(void (*)())cb);
+ }
+
+int SSL_CTX_set_srp_cb_arg(SSL_CTX *ctx, void *arg)
+ {
+ return tls1_ctx_ctrl(ctx,SSL_CTRL_SET_SRP_ARG,0,arg);
+ }
+
+int SSL_CTX_set_srp_username_callback(SSL_CTX *ctx, int (*cb)(SSL *,int *,void *))
+ {
+ return tls1_ctx_callback_ctrl(ctx,SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB,(void (*)())cb);
+ }
+
+int SSL_CTX_set_srp_client_pwd_callback(SSL_CTX *ctx, char *(*cb)(SSL *,void *))
+ {
+ return tls1_ctx_callback_ctrl(ctx,SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB,(void (*)())cb);
+ }
+
+int SSL_CTX_set_srp_missing_srp_username_callback(SSL_CTX *ctx, char *(*cb)(SSL *,void *))
+ {
+ return tls1_ctx_callback_ctrl(ctx,SSL_CTRL_SET_TLS_EXT_SRP_MISSING_CLIENT_USERNAME_CB,(void (*)())cb);
+ }
+#endif
diff -ruN openssl-SNAP-20091218-orig/test/Makefile openssl-SNAP-20091218-srp/test/Makefile
--- openssl-SNAP-20091218-orig/test/Makefile 2009-10-18 15:00:36.000000000 +0000
+++ openssl-SNAP-20091218-srp/test/Makefile 2009-12-18 20:33:30.000000000 +0000
@@ -61,6 +61,7 @@
EVPTEST= evp_test
IGETEST= igetest
JPAKETEST= jpaketest
+SRPTEST= srptest

TESTS= alltests

@@ -71,7 +72,7 @@
$(MDC2TEST)$(EXE_EXT) $(RMDTEST)$(EXE_EXT) \
$(RANDTEST)$(EXE_EXT) $(DHTEST)$(EXE_EXT) $(ENGINETEST)$(EXE_EXT) \
$(BFTEST)$(EXE_EXT) $(CASTTEST)$(EXE_EXT) $(SSLTEST)$(EXE_EXT) $(EXPTEST)$(EXE_EXT) $(DSATEST)$(EXE_EXT) $(RSATEST)$(EXE_EXT) \
- $(EVPTEST)$(EXE_EXT) $(IGETEST)$(EXE_EXT) $(JPAKETEST)$(EXE_EXT)
+ $(EVPTEST)$(EXE_EXT) $(IGETEST)$(EXE_EXT) $(JPAKETEST)$(EXE_EXT) $(SRPTEST)$(EXE_EXT)

# $(METHTEST)$(EXE_EXT)

@@ -91,7 +92,7 @@
$(DESTEST).c $(SHATEST).c $(SHA1TEST).c $(MDC2TEST).c $(RMDTEST).c \
$(RANDTEST).c $(DHTEST).c $(ENGINETEST).c $(CASTTEST).c \
$(BFTEST).c $(SSLTEST).c $(DSATEST).c $(EXPTEST).c $(RSATEST).c \
- $(EVPTEST).c $(IGETEST).c $(JPAKETEST).c
+ $(EVPTEST).c $(IGETEST).c $(JPAKETEST).c $(SRPTEST).c

EXHEADER=
HEADER= $(EXHEADER)
@@ -134,7 +135,7 @@
test_enc test_x509 test_rsa test_crl test_sid \
test_gen test_req test_pkcs7 test_verify test_dh test_dsa \
test_ss test_ca test_engine test_evp test_ssl test_tsa test_ige \
- test_jpake test_cms
+ test_jpake test_srp test_cms

test_evp:
../util/shlib_wrap.sh ./$(EVPTEST) evptests.txt
@@ -308,6 +309,10 @@
@echo "CMS consistency test"
$(PERL) cms-test.pl

+test_srp: $(SRPTEST)$(EXE_EXT)
+ @echo "Test SRP"
+ ../util/shlib_wrap.sh ./srptest
+
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff

@@ -441,6 +446,9 @@
$(JPAKETEST)$(EXE_EXT): $(JPAKETEST).o $(DLIBCRYPTO)
@target=$(JPAKETEST); $(BUILD_CMD)

+$(SRPTEST)$(EXE_EXT): $(SRPTEST).o $(DLIBCRYPTO)
+ @target=$(SRPTEST); $(BUILD_CMD)
+
#$(AESTEST).o: $(AESTEST).c
# $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c

diff -ruN openssl-SNAP-20091218-orig/test/testssl openssl-SNAP-20091218-srp/test/testssl
--- openssl-SNAP-20091218-orig/test/testssl 2006-03-11 00:00:52.000000000 +0000
+++ openssl-SNAP-20091218-srp/test/testssl 2009-12-18 20:33:31.000000000 +0000
@@ -148,4 +148,14 @@
echo test tls1 with PSK via BIO pair
$ssltest -bio_pair -tls1 -cipher PSK -psk abc123 $extra || exit 1

+if ../util/shlib_wrap.sh ../apps/openssl no-srp; then
+ echo skipping SRP tests
+else
+ echo test tls1 with SRP
+ $ssltest -tls1 -cipher SRP -srpuser test -srppass abc123
+
+ echo test tls1 with SRP via BIO pair
+ $ssltest -bio_pair -tls1 -cipher SRP -srpuser test -srppass abc123
+fi
+
exit 0
diff -ruN openssl-SNAP-20091218-orig/util/libeay.num openssl-SNAP-20091218-srp/util/libeay.num
--- openssl-SNAP-20091218-orig/util/libeay.num 2009-11-09 15:00:29.000000000 +0000
+++ openssl-SNAP-20091218-srp/util/libeay.num 2009-12-18 20:35:24.000000000 +0000
@@ -4170,3 +4170,19 @@
X509_STORE_CTX_get0_current_crl 4545 EXIST::FUNCTION:
X509_STORE_CTX_get0_parent_ctx 4546 EXIST::FUNCTION:
X509_STORE_CTX_get0_current_issuer 4547 EXIST::FUNCTION:
+SRP_VBASE_get_by_user 4548 EXIST::FUNCTION:SRP
+SRP_Calc_server_key 4549 EXIST::FUNCTION:SRP
+SRP_create_verifier 4550 EXIST::FUNCTION:SRP
+SRP_create_verifier_BN 4551 EXIST::FUNCTION:SRP
+SRP_Calc_u 4552 EXIST::FUNCTION:SRP
+SRP_VBASE_free 4553 EXIST::FUNCTION:SRP
+SRP_Calc_client_key 4554 EXIST::FUNCTION:SRP
+SRP_get_default_gN 4555 EXIST::FUNCTION:SRP
+SRP_Calc_x 4556 EXIST::FUNCTION:SRP
+SRP_Calc_B 4557 EXIST::FUNCTION:SRP
+SRP_VBASE_new 4558 EXIST::FUNCTION:SRP
+SRP_check_known_gN_param 4559 EXIST::FUNCTION:SRP
+SRP_Calc_A 4560 EXIST::FUNCTION:SRP
+SRP_Verify_A_mod_N 4561 EXIST::FUNCTION:SRP
+SRP_VBASE_init 4562 EXIST::FUNCTION:SRP
+SRP_Verify_B_mod_N 4563 EXIST::FUNCTION:SRP
diff -ruN openssl-SNAP-20091218-orig/util/mk1mf.pl openssl-SNAP-20091218-srp/util/mk1mf.pl
--- openssl-SNAP-20091218-orig/util/mk1mf.pl 2009-09-20 13:00:24.000000000 +0000
+++ openssl-SNAP-20091218-srp/util/mk1mf.pl 2009-12-18 20:33:31.000000000 +0000
@@ -103,6 +103,7 @@
just-ssl - remove all non-ssl keys/digest
no-asm - No x86 asm
no-krb5 - No KRB5
+ no-srp - No SRP
no-ec - No EC
no-ecdsa - No ECDSA
no-ecdh - No ECDH
@@ -260,6 +261,7 @@
$cflags.=" -DOPENSSL_NO_SSL2" if $no_ssl2;
$cflags.=" -DOPENSSL_NO_SSL3" if $no_ssl3;
$cflags.=" -DOPENSSL_NO_TLSEXT" if $no_tlsext;
+$cflags.=" -DOPENSSL_NO_SRP" if $no_srp;
$cflags.=" -DOPENSSL_NO_CMS" if $no_cms;
$cflags.=" -DOPENSSL_NO_ERR" if $no_err;
$cflags.=" -DOPENSSL_NO_KRB5" if $no_krb5;
@@ -764,6 +766,8 @@
@a=grep(!/(^sha1)|(_sha1$)|(m_dss1$)/,@a) if $no_sha1;
@a=grep(!/_mdc2$/,@a) if $no_mdc2;

+ @a=grep(!/(srp)/,@a) if $no_srp;
+
@a=grep(!/^engine$/,@a) if $no_engine;
@a=grep(!/^hw$/,@a) if $no_hw;
@a=grep(!/(^rsa$)|(^genrsa$)/,@a) if $no_rsa;
@@ -1039,6 +1043,7 @@
"no-ssl2" => \$no_ssl2,
"no-ssl3" => \$no_ssl3,
"no-tlsext" => \$no_tlsext,
+ "no-srp" => \$no_srp,
"no-cms" => \$no_cms,
"no-jpake" => \$no_jpake,
"no-err" => \$no_err,
@@ -1053,7 +1058,7 @@
[\$no_rc2, \$no_idea, \$no_des, \$no_bf, \$no_cast,
\$no_md2, \$no_sha, \$no_mdc2, \$no_dsa, \$no_dh,
\$no_ssl2, \$no_err, \$no_ripemd, \$no_rc5,
- \$no_aes, \$no_camellia, \$no_seed],
+ \$no_aes, \$no_camellia, \$no_seed, \$no_srp],
"rsaref" => 0,
"gcc" => \$gcc,
"debug" => \$debug,
diff -ruN openssl-SNAP-20091218-orig/util/mkdef.pl openssl-SNAP-20091218-srp/util/mkdef.pl
--- openssl-SNAP-20091218-orig/util/mkdef.pl 2009-05-15 17:00:46.000000000 +0000
+++ openssl-SNAP-20091218-srp/util/mkdef.pl 2009-12-18 20:33:31.000000000 +0000
@@ -98,7 +98,7 @@
# RFC3779
"RFC3779",
# TLS
- "TLSEXT", "PSK",
+ "TLSEXT", "PSK", "SRP",
# CMS
"CMS",
# CryptoAPI Engine
@@ -127,7 +127,7 @@
my $no_ec; my $no_ecdsa; my $no_ecdh; my $no_engine; my $no_hw;
my $no_fp_api; my $no_static_engine=1; my $no_gmp; my $no_deprecated;
my $no_rfc3779; my $no_psk; my $no_tlsext; my $no_cms; my $no_capieng;
-my $no_jpake; my $no_ssl2;
+my $no_jpake; my $no_srp; my $no_ssl2;

my $zlib;

@@ -218,6 +218,7 @@
elsif (/^no-ssl2$/) { $no_ssl2=1; }
elsif (/^no-capieng$/) { $no_capieng=1; }
elsif (/^no-jpake$/) { $no_jpake=1; }
+ elsif (/^no-srp$/) { $no_srp=1; }
}

@@ -316,6 +317,7 @@
$crypto.=" crypto/pqueue/pqueue.h";
$crypto.=" crypto/cms/cms.h";
$crypto.=" crypto/jpake/jpake.h";
+$crypto.=" crypto/srp/srp.h";

my $symhacks="crypto/symhacks.h";

@@ -1166,6 +1168,7 @@
if ($keyword eq "SSL2" && $no_ssl2) { return 0; }
if ($keyword eq "CAPIENG" && $no_capieng) { return 0; }
if ($keyword eq "JPAKE" && $no_jpake) { return 0; }
+ if ($keyword eq "SRP" && $no_srp) { return 0; }
if ($keyword eq "DEPRECATED" && $no_deprecated) { return 0; }

# Nothing recognise as true
diff -ruN openssl-SNAP-20091218-orig/util/mkfiles.pl openssl-SNAP-20091218-srp/util/mkfiles.pl
--- openssl-SNAP-20091218-orig/util/mkfiles.pl 2008-12-23 16:00:22.000000000 +0000
+++ openssl-SNAP-20091218-srp/util/mkfiles.pl 2009-12-18 20:33:31.000000000 +0000
@@ -62,6 +62,7 @@
"crypto/pqueue",
"crypto/whrlpool",
"crypto/ts",
+"crypto/srp",
"ssl",
"apps",
"engines",
diff -ruN openssl-SNAP-20091218-orig/util/ssleay.num openssl-SNAP-20091218-srp/util/ssleay.num
--- openssl-SNAP-20091218-orig/util/ssleay.num 2009-07-08 10:00:24.000000000 +0000
+++ openssl-SNAP-20091218-srp/util/ssleay.num 2009-12-18 20:33:31.000000000 +0000
@@ -259,3 +259,17 @@
SSL_set_session_ticket_ext_cb 308 EXIST::FUNCTION:
SSL_set1_param 309 EXIST::FUNCTION:
SSL_CTX_set1_param 310 EXIST::FUNCTION:
+SSL_CTX_set_srp_client_pwd_callback 311 EXIST::FUNCTION:SRP,TLSEXT
+SSL_get_srp_g 312 EXIST::FUNCTION:SRP,TLSEXT
+SSL_CTX_set_srp_username_callback 313 EXIST::FUNCTION:SRP,TLSEXT
+SSL_get_srp_userinfo 314 EXIST::FUNCTION:SRP,TLSEXT
+SSL_set_srp_server_param 315 EXIST::FUNCTION:SRP,TLSEXT
+SSL_set_srp_server_param_pw 316 EXIST::FUNCTION:SRP,TLSEXT
+SSL_get_srp_N 317 EXIST::FUNCTION:SRP,TLSEXT
+SSL_get_srp_username 318 EXIST::FUNCTION:SRP,TLSEXT
+SSL_CTX_set_srp_password 319 EXIST::FUNCTION:SRP,TLSEXT
+SSL_CTX_set_srp_strength 320 EXIST::FUNCTION:SRP,TLSEXT
+SSL_CTX_set_srp_verify_param_callback 321 EXIST::FUNCTION:SRP,TLSEXT
+SSL_CTX_set_srp_missing_srp_username_callback 322 EXIST::FUNCTION:SRP,TLSEXT
+SSL_CTX_set_srp_cb_arg 323 EXIST::FUNCTION:SRP,TLSEXT
+SSL_CTX_set_srp_username 324 EXIST::FUNCTION:SRP,TLSEXT

[openssl.org #2129] bug: OpenSSL 1.0.0-beta4 multiple declarations of SMIME_crlf_copy() and SMIME_text(), (asn1.h and pkcs7.h)

2009-12-18T04:17:51Z

In OpenSSL 1.0.0-beta4, SMIME_crlf_copy() and SMIME_text() are declared in two places: asn1.h and pkcs7.h.

The declarations in pkcs7.h appear to be redundant, (and can cause warnings/errors depending on compiler config), because that header file already includes asn1.h.

Regards,
John Fitzgibbon

______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@...
Automated List Manager majordomo@...

openssl-1.0.0-stable-SNAP-20091218

2009-12-17T22:42:43Z

This is flaky and inconsistent.

openssl-1.0.0-stable-SNAP-20091217 works better.

--
Member - Liberal International This is doctor@... Ici doctor@...
God, Queen and country! Never Satan President Republic! Beware AntiChrist rising!
http://twitter.com/rootnl2k http://www.myspace.com/502748630
Merry Christmas 2009 and Happy New Year 2010
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@...
Automated List Manager majordomo@...

Re: FIPS capable with cryptodev/padlock bug or feature?

2009-12-17T08:42:09Z

On Wed, Dec 16, 2009, Peter Fry wrote:

> I recently discovered that openssl doesn't use cryptodev or padlock
> when compiled with the fips option (even though the engine was set..
> i.e.: oepnssl speed -evp aes-128-cbc -engine padlock). It seems to me
> that the engines should be used unless FIPS mode has been set. What's
> the intended behavior here?
>

Ooops, there's a bug in the initialisation code. FIPS builds use different
code to avoid having to drag in large dependencies in the validated module.

This should fix it:

http://cvs.openssl.org/chngview?cn=18992

This change is outside the validated module so it is usable with the 1.2
validation.

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@...
Automated List Manager majordomo@...

[openssl.org #2127] Missing checks for unavailable algorithms in EVP_PBE_CipherInit

2009-12-17T07:30:47Z

Fix applied, thanks for the report.

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org

______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@...
Automated List Manager majordomo@...

Re: FIPS capable with cryptodev/padlock bug or feature?

2009-12-16T10:35:26Z

Peter Fry wrote:
> I recently discovered that openssl doesn't use cryptodev or padlock
> when compiled with the fips option (even though the engine was set..
> i.e.: oepnssl speed -evp aes-128-cbc -engine padlock). It seems to me
> that the engines should be used unless FIPS mode has been set. What's
> the intended behavior here?

This was answered (indirectly) in the past few months; the fips build
is growing to include non-fips features (optimized/assembly code, etc)
but at this time you are looking at an artifact of bygone days when the
fips build was fips-only.

______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@...
Automated List Manager majordomo@...

Re: [openssl.org #2128] PKCS12_PBE_add is a noop but maybe it should add the algorithms?

2009-12-16T04:52:40Z

On Wed, Dec 16, 2009, tushar ganguli wrote:

> Hi,
> I wanted to know where in the openssl source code is the subject key
> identifier being generated.
> Is it only the SHA1 hash (160) as mentioned in RFC3280 (4.2.1.2)?
>

Don't post off-topic user queries to openssl-dev.

It does use SHA1 and the code is in crypto/x509v3/v3_skey.c

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@...
Automated List Manager majordomo@...

Re: [openssl.org #2128] PKCS12_PBE_add is a noop but maybe it should add the algorithms?

2009-12-16T03:15:20Z

Hi,
I wanted to know where in the openssl source code is the subject key identifier being generated.
Is it only the SHA1 hash (160) as mentioned in RFC3280 (4.2.1.2)?

Regards,
Tushar

FIPS capable with cryptodev/padlock bug or feature?

2009-12-15T22:35:46Z

I recently discovered that openssl doesn't use cryptodev or padlock
when compiled with the fips option (even though the engine was set..
i.e.: oepnssl speed -evp aes-128-cbc -engine padlock). It seems to me
that the engines should be used unless FIPS mode has been set. What's
the intended behavior here?

Thanks,
Peter
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@...
Automated List Manager majordomo@...

[openssl.org #2128] PKCS12_PBE_add is a noop but maybe it should add the algorithms?

2009-12-15T00:18:37Z

If you call just SSL_library_init() and PKCS12_PBE_add some pkcs12 files
will not be loadable and moreover the openssl will crash due to missing
checks for ciphers not found. I've reported the crash in a separate
report. Perhaps the PKCS12_PBE_add should add the algorithms which are
not added in the SSL_library_init() call but which are used in the
static PBE algorithms table?
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb

______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@...
Automated List Manager majordomo@...

[openssl.org #2127] Missing checks for unavailable algorithms in EVP_PBE_CipherInit

2009-12-15T00:18:18Z

In the function EVP_PBE_CipherInit there are missing checks for
unavailable algorithms (such as when they are not compiled in or when
OpenSSL_add_all_algorithms() is not called).

The attached patch adds the checks although probably new error codes
should be added for these failures.

--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb

diff -up openssl-1.0.0-beta4/crypto/evp/evp_pbe.c.no-cipher openssl-1.0.0-beta4/crypto/evp/evp_pbe.c
--- openssl-1.0.0-beta4/crypto/evp/evp_pbe.c.no-cipher 2008-11-05 19:38:57.000000000 +0100
+++ openssl-1.0.0-beta4/crypto/evp/evp_pbe.c 2009-12-14 22:54:27.000000000 +0100
@@ -174,12 +174,20 @@ int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_
if (cipher_nid == -1)
cipher = NULL;
else
- cipher = EVP_get_cipherbynid(cipher_nid);
+ if ((cipher = EVP_get_cipherbynid(cipher_nid)) == NULL)
+ {
+ EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_KEYGEN_FAILURE);
+ return 0;
+ }

if (md_nid == -1)
md = NULL;
else
- md = EVP_get_digestbynid(md_nid);
+ if ((md = EVP_get_digestbynid(md_nid)) == NULL)
+ {
+ EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_KEYGEN_FAILURE);
+ return 0;
+ }

if (!keygen(ctx, pass, passlen, param, cipher, md, en_de))
{

RE: strange error, i cannot find any documentation: raw RSA

2009-12-14T16:03:12Z

> From: owner-openssl-dev@... On Behalf Of Luca Costantino
> Sent: Saturday, 12 December, 2009 17:14

> i'm having some troubles with this (simple) code...
>
> #include
> #include
> #include
> #include
> #include
> #include
> #include
> #include
> #include
> #include
> #include
> #include
> #include
> #include
> #include
> #include
> #include
> #include
>

I assume those are actually #include <header> and just got
stripped by some HTML or pseudo-HTML (or XML) mailing process.

> #define PUB_KEY "../chiave/pubkey.pem"
> #define PRIV_KEY "../chiave/keynopwd.pem"
>
> int cifra_messaggio(char* messaggio_in_chiaro, char*
> messaggio_cifrato) {
> FILE* fdpub = fopen(PUB_KEY, "r");
> RSA* chiave_pubblica = RSA_new();
> PEM_read_RSA_PUBKEY(fdpub, &chiave_pubblica, NULL, NULL);
> messaggio_cifrato = malloc(RSA_size(chiave_pubblica));
>

This sets the pointer *in cifra_ only* see below.

> printf("Info:\tPubkey successfully loaded\n");
> printf("Info:\tMessage length is %d byte\n",
> strlen(messaggio_in_chiaro));
>
> int n_byte_cifrati =
> RSA_public_encrypt(strlen(messaggio_in_chiaro) +
> 1, messaggio_in_chiaro, messaggio_cifrato, chiave_pubblica,
> RSA_PKCS1_OAEP_PADDING);
> if(n_byte_cifrati == 0 || n_byte_cifrati == -1) {
> printf("Err :\tUnable to encrypt\n");

Here you ought to display the error(stack) in the same way
you do below in decifra_ .

> errore_non_recuperabile();
> exit(-1);
> }
>
> printf("Info:\tText successfully encrypted\n");
> printf("Info:\t%d byte encrypted\n", n_byte_cifrati);
> RSA_free(chiave_pubblica);
> fclose(fdpub);
>
> return n_byte_cifrati;
> }
>
> int decifra_messaggio(char* messaggio_cifrato, char*
> messaggio_decifrato) {
> FILE* fdpriv = fopen(PRIV_KEY, "r");
> RSA* chiave_privata;
>
> chiave_privata = PEM_read_RSAPrivateKey(fdpriv, NULL,
> NULL, NULL);

In cifra_ you preallocated pubkey and used the second argument;
here you let OpenSSL allocate and use the return value.
Both are legal, but it's confusing to be inconsistent.

> messaggio_decifrato = malloc(RSA_size(chiave_privata));
>

This sets the pointer *in decifra_ only* see below.

> printf("Info:\tPrivkey successfully loaded\n");
>
> int n_byte_decifrati = RSA_private_decrypt(512,
> messaggio_cifrato,
> messaggio_decifrato, chiave_privata, RSA_PKCS1_OAEP_PADDING);

Even if _cifrato were valid (see below), 512 is the correct length
only for a 4Kbit key. Which is possible but rare. cifra_ should
return both the pointer and count, the caller (main) should save
both and pass both in to decifra_ which should use them.

> if(n_byte_decifrati == 0 || n_byte_decifrati == -1) {
> printf("Err :\tUnable to decrypt\n");
>
> char* errore = malloc(1024);
> bzero(errore, 1024);
> printf("%s\n",
> ERR_error_string(ERR_get_error(), errore));
>

Minor points: no need to use malloc() here, much less bzero();
just declare a local array. There can be more than one item
in the error stack; best to loop until ERR_get_error() returns
zero, which requires you put it (temporarily) in a variable.
If you just want output to a file, as here (stdout),
ERR_print_errors_fp is easier to use. See below about strings.

> errore_non_recuperabile();
> exit(-1);
>
> }
>
> printf("Info:\tText successfully decripted\n");
>
> RSA_free(chiave_privata);
> fclose(fdpriv);
>
> return n_byte_decifrati;
> }
>
> int main(int argc, char* argv[]) {
> char* messaggio = "Questo è un messaggio di prova lungo qualche
> decina di caratteri...";
> char* cifrato;
> char* decifrato;
>

Only the first pointer is initialized here; the others are garbage
(and are NOT set by the calls below).

> cifra_messaggio(messaggio, cifrato);

This does the encryption, but throws away (leaks) the pointer
to malloc'ed storage, and also the length.

> decifra_messaggio(cifrato, decifrato);
>
This attempts to decrypt some random memory, and in the very
unlikely case it succeeds, throws away (leaks) the result.

> printf("Plaintext\t%s\n", messaggio);
> printf("Cyphertext\t%s\n", decifrato);
>
Once the other bugs are fixed that label is misleading: the
result of deciphering is plaintext again, not ciphertext.
(And if you do want to display 'cifrato', printf %s won't
come even close; it's not printable nor null-terminated.)

> if(strncmp(messaggio, decifrato, 512) != 0) {
> printf("Info:\tMessages are different\n");
> errore_non_recuperabile();
> exit(-1);
> }
>
> printf("Info:\tMessages are equal\n");
>
> return 1;
> }
>

Aside: Unix programs conventionally exit with 0 for success,
and a value >0 (not negative) for error.

> i got this error
>
> error:0407A079:lib(4):func(122):reason(121)
>
> and i'm not able to understand why...
>
1) You got the error because of the bugs above.

2) You got an unhelpful *display* of the error because you
didn't load errorstrings before using ERR_error_string .
Easiest is to call ERR_load_crypto_strings() at startup.
There are other possibilities for very constrained systems.

3) Having gotten the unhelpful display, you can decode it
with the commandline utility 'errstr'; in this case:
>openssl errstr 0407A079
error:0407A079:rsa routines:RSA_padding_check_PKCS1_OAEP:oaep decoding error

4) 2 and 3 are FAQs: http://www.openssl.org/support/faq.html#PROG7

Also, in general you should always check the return values
from fopen(), malloc(), *_new and other allocating routines
e.g. PEM_read*(,NULL...) for null before using them.

______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@...
Automated List Manager majordomo@...

Version 2 Key Signature on 0.9.8l

2009-12-14T08:33:04Z

It appears there is a version 2 pgp key which signs the latest openssl archive.

Version 2 isn't mentioned in the OpenPGP message format RFC. http://tools.ietf.org/html/rfc4880 section 5.5.2

This problem is unique to Ben Laurie's key as others are V3 or later.

Ancillary information: I ran into this issue when using Conary's key verification:
https://issues.rpath.com/browse/CNY-3308

Thanks,
Adam
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@...
Automated List Manager majordomo@...

[openssl.org #2126] Bug: Can't Connect via TLS through PHP v5.3.0/OpenSSL v0.9.8l

2009-12-13T15:14:16Z

> [pablo.livardo@... - Wed Dec 09 20:12:24 2009]:
>
>
> However, I found that if I entered this command into OpenSSL:
>
> openssl s_client -starttls smtp -connect server.domain.com:587 -tls1
>
> It worked and returned a collection of certificate information. I get the
> impression that TLS can start unencrypted and then switch it up but is
this
> the real source of my problem, a lack of support in PHP for this
> functionality? (See this post that gave me a clue --
> http://forums.devnetwork.net/viewtopic.php?f=52&t=96525#p531211)
>
> I'm no TLS/SSL expert so apologies if my terminology is wrong, I'm simply
> trying to understand why my script isn't working.
>

No it's more that SMTP (and several other protocols) can start
unencrypted and then become encrypted over TLS.

You typically have to send an appropriate command or commands to the
server and after receiving an appropriate response switch over to TLS.
For SMTP it is the STARTTLS command.

The initial commands, response checking and switch over have to be part
of the application itself. I'm not familiar with PHP and the OpenSSL
language bindings so not sure how you'd do that.

In any case this isn't a bug and shouldn't be sent to the bug tracker.

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org

______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@...
Automated List Manager majordomo@...

strange error, i cannot find any documentation

2009-12-12T14:14:22Z

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

hi there

that's my first message, welcome to me :)

i'm having some troubles with this (simple) code...

#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include

#define PUB_KEY "../chiave/pubkey.pem"
#define PRIV_KEY "../chiave/keynopwd.pem"

int cifra_messaggio(char* messaggio_in_chiaro, char* messaggio_cifrato) {
FILE* fdpub = fopen(PUB_KEY, "r");
RSA* chiave_pubblica = RSA_new();
PEM_read_RSA_PUBKEY(fdpub, &chiave_pubblica, NULL, NULL);
messaggio_cifrato = malloc(RSA_size(chiave_pubblica));

printf("Info:\tPubkey successfully loaded\n");
printf("Info:\tMessage length is %d byte\n", strlen(messaggio_in_chiaro));

int n_byte_cifrati = RSA_public_encrypt(strlen(messaggio_in_chiaro) +
1, messaggio_in_chiaro, messaggio_cifrato, chiave_pubblica,
RSA_PKCS1_OAEP_PADDING);
if(n_byte_cifrati == 0 || n_byte_cifrati == -1) {
printf("Err :\tUnable to encrypt\n");
errore_non_recuperabile();
exit(-1);
}

printf("Info:\tText successfully encrypted\n");
printf("Info:\t%d byte encrypted\n", n_byte_cifrati);
RSA_free(chiave_pubblica);
fclose(fdpub);

return n_byte_cifrati;
}

int decifra_messaggio(char* messaggio_cifrato, char* messaggio_decifrato) {
FILE* fdpriv = fopen(PRIV_KEY, "r");
RSA* chiave_privata;

chiave_privata = PEM_read_RSAPrivateKey(fdpriv, NULL, NULL, NULL);
messaggio_decifrato = malloc(RSA_size(chiave_privata));

printf("Info:\tPrivkey successfully loaded\n");

int n_byte_decifrati = RSA_private_decrypt(512, messaggio_cifrato,
messaggio_decifrato, chiave_privata, RSA_PKCS1_OAEP_PADDING);
if(n_byte_decifrati == 0 || n_byte_decifrati == -1) {
printf("Err :\tUnable to decrypt\n");

char* errore = malloc(1024);
bzero(errore, 1024);
printf("%s\n", ERR_error_string(ERR_get_error(), errore));

errore_non_recuperabile();
exit(-1);

}

printf("Info:\tText successfully decripted\n");

RSA_free(chiave_privata);
fclose(fdpriv);

return n_byte_decifrati;
}

int main(int argc, char* argv[]) {
char* messaggio = "Questo è un messaggio di prova lungo qualche
decina di caratteri...";
char* cifrato;
char* decifrato;

cifra_messaggio(messaggio, cifrato);
decifra_messaggio(cifrato, decifrato);

printf("Plaintext\t%s\n", messaggio);
printf("Cyphertext\t%s\n", decifrato);

if(strncmp(messaggio, decifrato, 512) != 0) {
printf("Info:\tMessages are different\n");
errore_non_recuperabile();
exit(-1);
}

printf("Info:\tMessages are equal\n");

return 1;
}

i got this error

error:0407A079:lib(4):func(122):reason(121)

and i'm not able to understand why...

someone can help?

regards
luca
- --
Chiave pubblica http://luca.costantino.googlepages.com/luca.costantino.asc

Prima di tutto vennero a prendere gli zingari e fui contento, perché
rubacchiavano.
Poi vennero a prendere gli ebrei e stetti zitto, perché mi stavano antipatici.
Poi vennero a prendere gli omosessuali, e fui sollevato, perché mi
erano fastidiosi.
Poi vennero a prendere i comunisti, e io non dissi niente, perché non
ero comunista.
Un giorno vennero a prendere me, e non c’era rimasto nessuno a protestare.
(Bertolt Brecht)

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Use GnuPG with Firefox : http://getfiregpg.org (Version: 0.7.10)

iQEcBAEBAgAGBQJLJBW8AAoJEFl9TsCPYHUhs64H/0u+f1cdT+sw/5YS+mxYdxaR
kqy34ULTeN5H5eC2UJmNX9nb2b9lKGbDfzb7xHB8iiMt79t3JvqVZQN4hOjGstcq
q6Na6ie8jj5MstaoRhM/kIaLye24ZTzN2CGPW0C3aN89aSGMeA7pkuaa1kiYBqus
xJurV/eNSr5qNyIQ985DRFTRWQyddi+j0MzoSECOqxwn12psTs26QPvrtoBgWghS
I6oSYFN2BMw/cCy33eEl9kWi7J5gGAmO/6SqEanpNRLAJMJn530RqKQypSjiM5OY
2Kt2UldYcgC6lYA7P1xFFtQPrq+O2Lnk6XBECL1dYxH+dFzDwRA8Do6CoW2IVYs=
=tnCI
-----END PGP SIGNATURE-----
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@...
Automated List Manager majordomo@...

Null pointer dereference in crypto/dsa/dsa_asn1.c

2009-12-11T09:45:15Z

In this code (dsa_asn1.c):

71 static int sig_cb(int operation, ASN1_VALUE **pval, const
ASN1_ITEM *it)
72 {
73 if(operation == ASN1_OP_NEW_PRE) {
74 DSA_SIG *sig;
75 sig = OPENSSL_malloc(sizeof(DSA_SIG));
76 sig->r = NULL;
77 sig->s = NULL;
78 *pval = (ASN1_VALUE *)sig;
79 if(sig) return 2;
80 DSAerr(DSA_F_SIG_CB, ERR_R_MALLOC_FAILURE);
81 return 0;
82 }
83 return 1;
84 }

At line 79, we check if sig is null (which means we believe it's
plausibly null), but a few lines back, we dereferenced that pointer.

(FTR, this defect was found by Coverity Prevent.)

Michael
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@...
Automated List Manager majordomo@...

Re: [openssl.org #2105] Please reconsider the client side of the CVE-2009-3555 fix in 1.0.0

2009-12-11T06:27:05Z

On Fri, 2009-12-11 at 14:14 +0100, Stephen Henson via RT wrote:
> The problem of adding fields to SSL_CTX and SSL has been mentioned by a
> number of people before. How bad is that in practice? SSL_CTX and SSL
> structures are both allocated dynamically so the size change wont
> matter. The only remaining case is applications that access the fields
> directly instead of using APIs.
>
> We should and will make the SSL and SSL_CTX structures opaque at some
> point but not during a beta release cycle ;-)

As for the ABI breakage I think it would be minimal if the additional
fields were added to the end of the struct. I do not expect that offsets
of the other fields would change on any reasonable C ABIs. As the
structures should never be allocated directly by the application I think
this breakage could be tolerated in beta.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb

______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@...
Automated List Manager majordomo@...

[openssl.org #2105] Please reconsider the client side of the CVE-2009-3555 fix in 1.0.0

2009-12-11T05:14:16Z

> [tmraz@... - Wed Nov 18 09:58:08 2009]:
>
> The TLS client in openssl-1.0.0 branch aborts the connection if
> SSL_OP_ALLOW_UNSAFE_RENEGOTIATION (or SSL_OP_ALL) flag is not set by the
> calling application and the connected server does not return the
> extension in the server hello message. Unfortunately too many
> applications do not set SSL_OP_ALL which makes them incompatible with
> currently virtually every server as the renegotiation extension
> supporting servers are not deployed yet. I propose adding a new flag for
> the client which would explicitely disable connection to unsafe servers
> and to allow this connection by default. For now in Fedora I am forced
> to just disable the client side check.
>
> See also: https://bugzilla.redhat.com/show_bug.cgi?id=537962
>

Yes we should definitely allow connections (at least in the immediate
future) to unpatched servers.

We'd need two options for this: one for just clients connections and one
to permit legacy renegotiation in general.

That does however hit a snag in that OpenSSL 1.0.0 is pretty much out of
options fields, and we'll need more in future to support TLS v1.1 for
example.

We should ideally update the options field so it is split up into
several pieces but that might cause binary compatibility problems, not
an ideal thing to do during a beta release :-(

The problem of adding fields to SSL_CTX and SSL has been mentioned by a
number of people before. How bad is that in practice? SSL_CTX and SSL
structures are both allocated dynamically so the size change wont
matter. The only remaining case is applications that access the fields
directly instead of using APIs.

We should and will make the SSL and SSL_CTX structures opaque at some
point but not during a beta release cycle ;-)

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org

______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@...
Automated List Manager majordomo@...

cryptoki (Cryptographic Token Interface) patch for OpenSSL 0.9.8k

2009-12-11T02:51:28Z

Hi ALL,

I am new to OpenSSL. I am trying to support cryptoki support for OpenSSL. I have gone through the
Source code of OpenSSL 0.9.8k and have found that it does not have pkcs11 support .

Any one can please direct me to the pkcs11 patch for openssl 0.9.8k?

Thanks in advance
Samuel

Re: [CVS] OpenSSL: openssl/doc/ssl/ SSL_CTX_set_options.pod

2009-12-11T02:27:32Z

On 09.12.2009 19:16, Dr. Stephen Henson wrote:

> OpenSSL CVS Repository
> http://cvs.openssl.org/
> ____________________________________________________________________________
>
> Server: cvs.openssl.org Name: Dr. Stephen Henson
> Root: /v/openssl/cvs Email: steve@...
> Module: openssl Date: 09-Dec-2009 19:16:50
> Branch: HEAD Handle: 2009120918165000
>
> Modified files:
> openssl/doc/ssl SSL_CTX_set_options.pod
>
> Log:
> clarify docs
>
> Summary:
> Revision Changes Path
> 1.17 +10 -9 openssl/doc/ssl/SSL_CTX_set_options.pod
> ____________________________________________________________________________
>
> patch -p0<<'@@ .'
> Index: openssl/doc/ssl/SSL_CTX_set_options.pod
> ============================================================================
> $ cvs diff -u -r1.16 -r1.17 SSL_CTX_set_options.pod
> --- openssl/doc/ssl/SSL_CTX_set_options.pod 9 Dec 2009 17:59:29 -0000 1.16
> +++ openssl/doc/ssl/SSL_CTX_set_options.pod 9 Dec 2009 18:16:50 -0000 1.17

...

> @@ -254,13 +254,14 @@
> whether an attack is taking place.
>
> If the option B<SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION> is set then the
> -renegotiation between unpatched clients and patched servers is permitted as
> -well as initial connections and renegotiation between patched clients and
> -unpatched servers. This option should be used with caution because it leaves
> -both clients and servers vulnerable. However unpatched servers and clients are
> -likely to be around for some time and simply refusing to connect to unpatched
> -servers may well be considered unacceptable. So applications may be forced to
> -use this option for the immediate future.
> +above restrictions are relaxed. Renegotiation is permissible and initial
> +initial connections to unpatched servers will succeed.

"permissible and initial initial connections"
^^^^^^^^^^^^^^^

See also revision 1.15.2.2 in 1_0_0 and 1.13.2.5 in 0_9_8.

Regards,

Rainer
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@...
Automated List Manager majordomo@...

26C3

2009-12-10T14:09:23Z

Dear all,

are there any people from the OpenSSL project coming to the 26C3
conference in Berlin at the end of December?
( http://events.ccc.de/congress/2009/wiki/Welcome )

If so, I'd be interested in meeting up with you and have a chat about
how to get more involved in the project (until now, all I've done is
sending trivial patches for NULL checks ;-)

Best regards,

Martin
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@...
Automated List Manager majordomo@...

[openssl.org #2126] Bug: Can't Connect via TLS through PHP v5.3.0/OpenSSL v0.9.8l

2009-12-09T11:12:25Z

Hi,

I've been trying to get a PHP script to connect via TLS to an email server
but I'm getting an error. In the end I thought I'd try it natively in
OpenSSL and I get the same error. If I use the following command:

openssl s_client -connect server.domain.com:587 -tls1

I get the following error:

CONNECTED(00000774)
1904:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version
number:.\ssl\s3_pkt.c:284:

I'm using OpenSSL v0.9.8l, compiled for Windows. The PHP v5.3.0 build I have
gives me the same error, is it trying to use SSLv3 instead of TLS?

However, I found that if I entered this command into OpenSSL:

openssl s_client -starttls smtp -connect server.domain.com:587 -tls1

It worked and returned a collection of certificate information. I get the
impression that TLS can start unencrypted and then switch it up but is this
the real source of my problem, a lack of support in PHP for this
functionality? (See this post that gave me a clue --
http://forums.devnetwork.net/viewtopic.php?f=52&t=96525#p531211)

I'm no TLS/SSL expert so apologies if my terminology is wrong, I'm simply
trying to understand why my script isn't working.

Thanks,

Pablo

Hi,

I've been trying to get a PHP script to connect via TLS to an email server but I'm getting an error. In the end I thought I'd try it natively in OpenSSL and I get the same error. If I use the following command:

openssl s_client -connect server.domain.com:587 -tls1

I get the following error:

CONNECTED(00000774)
1904:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number:.\ssl\s3_pkt.c:284:

I'm using OpenSSL v0.9.8l, compiled for Windows. The PHP v5.3.0 build I have gives me the same error, is it trying to use SSLv3 instead of TLS?

However, I found that if I entered this command into OpenSSL:

openssl s_client -starttls smtp -connect server.domain.com:587 -tls1

It worked and returned a collection of certificate information. I get the impression that TLS can start unencrypted and then switch it up but is this the real source of my problem, a lack of support in PHP for this functionality? (See this post that gave me a clue -- http://forums.devnetwork.net/viewtopic.php?f=52&t=96525#p531211)

I'm no TLS/SSL expert so apologies if my terminology is wrong, I'm simply trying to understand why my script isn't working.

Thanks,

Pablo

Error in 20091209 snaps

2009-12-09T05:28:34Z

:
eval 'exec perl -S $0 ${1+"$@"}'
if $running_under_some_shell;
##
## Configure -- OpenSSL source tree configuration script
##

require 5.000;
use strict;

# see INSTALL for instructions.

my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [experimental-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-krb5] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--test-sanity] os/compiler[:flags]\n";

# Options:
#
# --openssldir install OpenSSL in OPENSSLDIR (Default: DIR/ssl if the
# --prefix option is given; /usr/local/ssl otherwise)
# --prefix prefix for the OpenSSL include, lib and bin directories
# (Default: the OPENSSLDIR directory)
#
# --install_prefix Additional prefix for package builders (empty by
# default). This needn't be set in advance, you can
# just as well use "make INSTALL_PREFIX=/whatever install".
#
# --with-krb5-dir Declare where Kerberos 5 lives. The libraries are expected
# to live in the subdirectory lib/ and the header files in
# include/. A value is required.
# --with-krb5-lib Declare where the Kerberos 5 libraries live. A value is
# required.
# (Default: KRB5_DIR/lib)
# --with-krb5-include Declare where the Kerberos 5 header files live. A
# value is required.
# (Default: KRB5_DIR/include)
# --with-krb5-flavor Declare what flavor of Kerberos 5 is used. Currently
# supported values are "MIT" and "Heimdal". A value is required.
#
# --test-sanity Make a number of sanity checks on the data in this file.
# This is a debugging tool for OpenSSL developers.
#
# --cross-compile-prefix Add specified prefix to binutils components.
#
# no-hw-xxx do not compile support for specific crypto hardware.
# Generic OpenSSL-style methods relating to this support
# are always compiled but return NULL if the hardware
# support isn't compiled.
# no-hw do not compile support for any crypto hardware.
# [no-]threads [don't] try to create a library that is suitable for
# multithreaded applications (default is "threads" if we
# know how to do it)
# [no-]shared [don't] try to create shared libraries when supported.
# no-asm do not use assembler
# no-dso do not compile in any native shared-library methods. This
# will ensure that all methods just return NULL.
# no-krb5 do not compile in any KRB5 library or code.
# [no-]zlib [don't] compile support for zlib compression.
# zlib-dynamic Like "zlib", but the zlib library is expected to be a shared
# library and will be loaded in run-time by the OpenSSL library.
# 386 generate 80386 code
# no-sse2 disables IA-32 SSE2 code, above option implies no-sse2
# no-<cipher> build without specified algorithm (rsa, idea, rc5, ...)
# -<xxx> +<xxx> compiler options are passed through
#
# DEBUG_SAFESTACK use type-safe stacks to enforce type-safety on stack items
# provided to stack calls. Generates unique stack functions for
# each possible stack type.
# DES_PTR use pointer lookup vs arrays in the DES in crypto/des/des_locl.h
# DES_RISC1 use different DES_ENCRYPT macro that helps reduce register
# dependancies but needs to more registers, good for RISC CPU's
# DES_RISC2 A different RISC variant.
# DES_UNROLL unroll the inner DES loop, sometimes helps, somtimes hinders.
# DES_INT use 'int' instead of 'long' for DES_LONG in crypto/des/des.h
# This is used on the DEC Alpha where long is 8 bytes
# and int is 4
# BN_LLONG use the type 'long long' in crypto/bn/bn.h
# MD2_CHAR use 'char' instead of 'int' for MD2_INT in crypto/md2/md2.h
# MD2_LONG use 'long' instead of 'int' for MD2_INT in crypto/md2/md2.h
# IDEA_SHORT use 'short' instead of 'int' for IDEA_INT in crypto/idea/idea.h
# IDEA_LONG use 'long' instead of 'int' for IDEA_INT in crypto/idea/idea.h
# RC2_SHORT use 'short' instead of 'int' for RC2_INT in crypto/rc2/rc2.h
# RC2_LONG use 'long' instead of 'int' for RC2_INT in crypto/rc2/rc2.h
# RC4_CHAR use 'char' instead of 'int' for RC4_INT in crypto/rc4/rc4.h
# RC4_LONG use 'long' instead of 'int' for RC4_INT in crypto/rc4/rc4.h
# RC4_INDEX define RC4_INDEX in crypto/rc4/rc4_locl.h. This turns on
# array lookups instead of pointer use.
# RC4_CHUNK enables code that handles data aligned at long (natural CPU
# word) boundary.
# RC4_CHUNK_LL enables code that handles data aligned at long long boundary
# (intended for 64-bit CPUs running 32-bit OS).
# BF_PTR use 'pointer arithmatic' for Blowfish (unsafe on Alpha).
# BF_PTR2 intel specific version (generic version is more efficient).
#
# Following are set automatically by this script
#
# MD5_ASM use some extra md5 assember,
# SHA1_ASM use some extra sha1 assember, must define L_ENDIAN for x86
# RMD160_ASM use some extra ripemd160 assember,
# SHA256_ASM sha256_block is implemented in assembler
# SHA512_ASM sha512_block is implemented in assembler
# AES_ASM ASE_[en|de]crypt is implemented in assembler

# Minimum warning options... any contributions to OpenSSL should at least get
# past these.

my $gcc_devteam_warn = "-Wall -pedantic -DPEDANTIC -Wno-long-long -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Werror -DCRYPTO_MDEBUG_ALL -DCRYPTO_MDEBUG_ABORT -DREF_CHECK -DOPENSSL_NO_DEPRECATED";

my $strict_warnings = 0;

my $x86_gcc_des="DES_PTR DES_RISC1 DES_UNROLL";

# MD2_CHAR slags pentium pros
my $x86_gcc_opts="RC4_INDEX MD2_INT";

# MODIFY THESE PARAMETERS IF YOU ARE GOING TO USE THE 'util/speed.sh SCRIPT
# Don't worry about these normally

my $tcc="cc";
my $tflags="-fast -Xa";
my $tbn_mul="";
my $tlib="-lnsl -lsocket";
#$bits1="SIXTEEN_BIT ";
#$bits2="THIRTY_TWO_BIT ";
my $bits1="THIRTY_TWO_BIT ";
my $bits2="SIXTY_FOUR_BIT ";

my $x86_asm="x86cpuid.o:bn-586.o co-586.o x86-mont.o:des-586.o crypt586.o:aes-586.o:bf-586.o:md5-586.o:sha1-586.o sha256-586.o sha512-586.o:cast-586.o:rc4-586.o:rmd-586.o:rc5-586.o:wp_block.o wp-mmx.o:cmll-x86.o";

my $x86_elf_asm="$x86_asm:elf";

my $x86_64_asm="x86_64cpuid.o:x86_64-gcc.o x86_64-mont.o::aes-x86_64.o::md5-x86_64.o:sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o::rc4-x86_64.o:::wp-x86_64.o:cmll-x86_64.o cmll_misc.o";
my $ia64_asm="ia64cpuid.o:bn-ia64.o::aes_core.o aes_cbc.o aes-ia64.o::md5-ia64.o:sha1-ia64.o sha256-ia64.o sha512-ia64.o::rc4-ia64.o rc4_skey.o:::::void";
my $sparcv9_asm="sparcv9cap.o sparccpuid.o:bn-sparcv9.o sparcv9-mont.o sparcv9a-mont.o:des_enc-sparc.o fcrypt_b.o:aes_core.o aes_cbc.o aes-sparcv9.o:::sha1-sparcv9.o sha256-sparcv9.o sha512-sparcv9.o:::::::void";
my $sparcv8_asm=":sparcv8.o:des_enc-sparc.o fcrypt_b.o:::::::::::void";
my $alpha_asm="alphacpuid.o:bn_asm.o alpha-mont.o::::::::::::void";
my $mips3_asm=":bn-mips3.o::::::::::::void";
my $s390x_asm="s390xcpuid.o:bn-s390x.o s390x-mont.o::aes-s390x.o:::sha1-s390x.o sha256-s390x.o sha512-s390x.o::rc4-s390x.o:::::void";
my $armv4_asm=":bn_asm.o armv4-mont.o::aes_cbc.o aes-armv4.o:::sha1-armv4-large.o sha256-armv4.o sha512-armv4.o:::::::void";
my $ppc32_asm="ppccpuid.o:bn-ppc.o::aes_core.o aes_cbc.o aes-ppc.o:::sha1-ppc.o sha256-ppc.o::::::";
my $ppc64_asm="ppccpuid.o:bn-ppc.o ppc-mont.o::aes_core.o aes_cbc.o aes-ppc.o:::sha1-ppc.o sha256-ppc.o sha512-ppc.o::::::";
my $no_asm=":::::::::::::void";

# As for $BSDthreads. Idea is to maintain "collective" set of flags,
# which would cover all BSD flavors. -pthread applies to them all,
# but is treated differently. OpenBSD expands is as -D_POSIX_THREAD
# -lc_r, which is sufficient. FreeBSD 4.x expands it as -lc_r,
# which has to be accompanied by explicit -D_THREAD_SAFE and
# sometimes -D_REENTRANT. FreeBSD 5.x expands it as -lc_r, which
# seems to be sufficient?
my $BSDthreads="-pthread -D_THREAD_SAFE -D_REENTRANT";

#config-string $cc : $cflags : $unistd : $thread_cflag : $sys_id : $lflags : $bn_ops : $cpuid_obj : $bn_obj : $des_obj : $aes_obj : $bf_obj : $md5_obj : $sha1_obj : $cast_obj : $rc4_obj : $rmd160_obj : $rc5_obj : $wp_obj : $cmll_obj : $dso_scheme : $shared_target : $shared_cflag : $shared_ldflag : $shared_extension : $ranlib : $arflags : $multilib

my %table=(
# File 'TABLE' (created by 'make TABLE') contains the data from this list,
# formatted for better readability.

#"b", "${tcc}:${tflags}::${tlib}:${bits1}:${tbn_mul}::",
#"bl-4c-2c", "${tcc}:${tflags}::${tlib}:${bits1}BN_LLONG RC4_CHAR MD2_CHAR:${tbn_mul}::",
#"bl-4c-ri", "${tcc}:${tflags}::${tlib}:${bits1}BN_LLONG RC4_CHAR RC4_INDEX:${tbn_mul}::",
#"b2-is-ri-dp", "${tcc}:${tflags}::${tlib}:${bits2}IDEA_SHORT RC4_INDEX DES_PTR:${tbn_mul}::",

# Our development configs
"purify", "purify gcc:-g -DPURIFY -Wall::(unknown)::-lsocket -lnsl::::",
"debug", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror::(unknown)::-lefence::::",
"debug-ben", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown):::::bn86-elf.o co86-elf.o",
"debug-ben-openbsd","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_OPENBSD_DEV_CRYPTO -DOPENSSL_NO_ASM -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::",
"debug-ben-openbsd-debug","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_OPENBSD_DEV_CRYPTO -DOPENSSL_NO_ASM -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::",
"debug-ben-debug", "gcc:$gcc_devteam_warn -DBN_DEBUG -DCONF_DEBUG -DDEBUG_SAFESTACK -g3 -O2 -pipe::(unknown)::::::",
"debug-ben-no-opt", "gcc: -Wall -Wmissing-prototypes -Wstrict-prototypes -Wmissing-declarations -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG -Werror -DL_ENDIAN -DTERMIOS -Wall -g3::(unknown)::::::",
"debug-ben-strict", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DCONST_STRICT -O2 -Wall -Wshadow -Werror -Wpointer-arith -Wcast-qual -Wwrite-strings -pipe::(unknown)::::::",
"debug-rse","cc:-DTERMIOS -DL_ENDIAN -pipe -O -g -ggdb3 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
"debug-bodo", "gcc:-DL_ENDIAN -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBIO_PAIR_DEBUG -DPEDANTIC -g -march=i486 -pedantic -Wshadow -Wall -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion::-D_REENTRANT:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
"debug-ulf", "gcc:-DTERMIOS -DL_ENDIAN -march=i486 -Wall -DBN_DEBUG -DBN_DEBUG_RAND -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -g -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations:::CYGWIN32:::${no_asm}:win32:cygwin-shared:::.dll",
"debug-steve64", "gcc:$gcc_devteam_warn -m64 -DL_ENDIAN -DTERMIO -DCONF_DEBUG -DDEBUG_SAFESTACK -g -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-steve32", "gcc:$gcc_devteam_warn -m32 -DL_ENDIAN -DCONF_DEBUG -DDEBUG_SAFESTACK -g -pipe::-D_REENTRANT::-rdynamic -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC:-m32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-steve-opt", "gcc:$gcc_devteam_warn -m64 -O3 -DL_ENDIAN -DTERMIO -DCONF_DEBUG -DDEBUG_SAFESTACK -g -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-levitte-linux-elf","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-levitte-linux-noasm","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-levitte-linux-elf-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-levitte-linux-noasm-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-geoff32","gcc:-DBN_DEBUG -DBN_DEBUG_RAND -DBN_STRICT -DPURIFY -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_ASM -DOPENSSL_NO_INLINE_ASM -DL_ENDIAN -DTERMIO -DPEDANTIC -DMD32_REG_T=int -O1 -ggdb2 -Wall -Werror -Wundef -pedantic -Wshadow -Wpointer-arith -Wbad-function-cast -Wcast-align -Wsign-compare -Wmissing-prototypes -Wmissing-declarations -Wno-long-long::-D_REENTRANT::-ldl:BN_LLONG:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-geoff64","gcc:-DBN_DEBUG -DBN_DEBUG_RAND -DBN_STRICT -DPURIFY -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_ASM -DOPENSSL_NO_INLINE_ASM -DL_ENDIAN -DTERMIO -DPEDANTIC -DMD32_REG_T=int -O1 -ggdb2 -Wall -Werror -Wundef -pedantic -Wshadow -Wpointer-arith -Wbad-function-cast -Wcast-align -Wsign-compare -Wmissing-prototypes -Wmissing-declarations -Wno-long-long::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-linux-pentium","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -mcpu=pentium -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn",
"debug-linux-ppro","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -mcpu=pentiumpro -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn",
"debug-linux-elf","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -march=i486 -Wall::-D_REENTRANT::-lefence -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-linux-elf-noefence","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -march=i486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-linux-ia32-aes", "gcc:-DAES_EXPERIMENTAL -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:x86cpuid.o:bn-586.o co-586.o x86-mont.o:des-586.o crypt586.o:aes_x86core.o aes_cbc.o:bf-586.o:md5-586.o:sha1-586.o sha256-586.o sha512-586.o:cast-586.o:rc4-586.o:rmd-586.o:rc5-586.o:wp_block.o wp-mmx.o::elf:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-linux-generic32","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DTERMIO -g -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-linux-generic64","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DTERMIO -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-linux-x86_64", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -m64 -DL_ENDIAN -DTERMIO -g -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
"dist", "cc:-O::(unknown)::::::",

# Basic configs that should work on any (32 and less bit) box
"gcc", "gcc:-O3::(unknown):::BN_LLONG:::",
"cc", "cc:-O::(unknown)::::::",

####VOS Configurations
"vos-gcc","gcc:-O3 -Wall -D_POSIX_C_SOURCE=200112L -D_BSD -D_VOS_EXTENDED_NAMES -DB_ENDIAN::(unknown):VOS:-Wl,-map:BN_LLONG:${no_asm}:::::.so:",
"debug-vos-gcc","gcc:-O0 -g -Wall -D_POSIX_C_SOURCE=200112L -D_BSD -D_VOS_EXTENDED_NAMES -DB_ENDIAN -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG::(unknown):VOS:-Wl,-map:BN_LLONG:${no_asm}:::::.so:",

#### Solaris x86 with GNU C setups
# -DOPENSSL_NO_INLINE_ASM switches off inline assembler. We have to do it
# here because whenever GNU C instantiates an assembler template it
# surrounds it with #APP #NO_APP comment pair which (at least Solaris
# 7_x86) /usr/ccs/bin/as fails to assemble with "Illegal mnemonic"
# error message.
"solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -march=pentium -Wall -DL_ENDIAN -DOPENSSL_NO_INLINE_ASM::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
# -shared -static-libgcc might appear controversial, but modules taken
# from static libgcc do not have relocations and linking them into our
# shared objects doesn't have any negative side-effects. On the contrary,
# doing so makes it possible to use gcc shared build with Sun C. Given
# that gcc generates faster code [thanks to inline assembler], I would
# actually recommend to consider using gcc shared build even with vendor
# compiler:-)
# <appro@...>
"solaris64-x86_64-gcc","gcc:-m64 -O3 -Wall -DL_ENDIAN -DMD32_REG_T=int::-D_REENTRANT::-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:solaris-shared:-fPIC:-m64 -shared -static-libgcc:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/64",

#### Solaris x86 with Sun C setups
"solaris-x86-cc","cc:-fast -O -Xa::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"solaris64-x86_64-cc","cc:-fast -xarch=amd64 -xstrconst -Xa -DL_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:solaris-shared:-KPIC:-xarch=amd64 -G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/64",

#### SPARC Solaris with GNU C setups
"solaris-sparcv7-gcc","gcc:-O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"solaris-sparcv8-gcc","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
# -m32 should be safe to add as long as driver recognizes -mcpu=ultrasparc
"solaris-sparcv9-gcc","gcc:-m32 -mcpu=ultrasparc -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"solaris64-sparcv9-gcc","gcc:-m64 -mcpu=ultrasparc -O3 -Wall -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-fPIC:-m64 -shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/64",
####
"debug-solaris-sparcv8-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mv8 -Wall -DB_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-solaris-sparcv9-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -DPEDANTIC -O -g -mcpu=ultrasparc -pedantic -ansi -Wall -Wshadow -Wno-long-long -D__EXTENSIONS__ -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",

#### SPARC Solaris with Sun C setups
# SC4.0 doesn't pass 'make test', upgrade to SC5.0 or SC4.2.
# SC4.2 is ok, better than gcc even on bn as long as you tell it -xarch=v8
# SC5.0 note: Compiler common patch 107357-01 or later is required!
"solaris-sparcv7-cc","cc:-xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"solaris-sparcv8-cc","cc:-xarch=v8 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"solaris-sparcv9-cc","cc:-xtarget=ultra -xarch=v8plus -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"solaris64-sparcv9-cc","cc:-xtarget=ultra -xarch=v9 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-KPIC:-xarch=v9 -G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):/usr/ccs/bin/ar rs::/64",
####
"debug-solaris-sparcv8-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xarch=v8 -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-solaris-sparcv9-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xtarget=ultra -xarch=v8plus -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",

#### SunOS configs, assuming sparc for the gcc one.
#"sunos-cc", "cc:-O4 -DNOPROTO -DNOCONST::(unknown):SUNOS::DES_UNROLL:${no_asm}::",
"sunos-gcc","gcc:-O3 -mv8 -Dssize_t=int::(unknown):SUNOS::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL DES_PTR DES_RISC1:${no_asm}::",

#### IRIX 5.x configs
# -mips2 flag is added by ./config when appropriate.
"irix-gcc","gcc:-O3 -DTERMIOS -DB_ENDIAN::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK DES_UNROLL DES_RISC2 DES_PTR BF_PTR:${no_asm}:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"irix-cc", "cc:-O2 -use_readonly_const -DTERMIOS -DB_ENDIAN::(unknown):::BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC2 DES_UNROLL BF_PTR:${no_asm}:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
#### IRIX 6.x configs
# Only N32 and N64 ABIs are supported. If you need O32 ABI build, invoke
# './Configure irix-cc -o32' manually.
"irix-mips3-gcc","gcc:-mabi=n32 -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK_LL DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT:${mips3_asm}:dlfcn:irix-shared::-mabi=n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::32",
"irix-mips3-cc", "cc:-n32 -mips3 -O2 -use_readonly_const -G0 -rdata_shared -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT:${mips3_asm}:dlfcn:irix-shared::-n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::32",
# N64 ABI builds.
"irix64-mips4-gcc","gcc:-mabi=64 -mips4 -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips3_asm}:dlfcn:irix-shared::-mabi=64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
"irix64-mips4-cc", "cc:-64 -mips4 -O2 -use_readonly_const -G0 -rdata_shared -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips3_asm}:dlfcn:irix-shared::-64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",

#### Unified HP-UX ANSI C configs.
# Special notes:
# - Originally we were optimizing at +O4 level. It should be noted
# that the only difference between +O3 and +O4 is global inter-
# procedural analysis. As it has to be performed during the link
# stage the compiler leaves behind certain pseudo-code in lib*.a
# which might be release or even patch level specific. Generating
# the machine code for and analyzing the *whole* program appears
# to be *extremely* memory demanding while the performance gain is
# actually questionable. The situation is intensified by the default
# HP-UX data set size limit (infamous 'maxdsiz' tunable) of 64MB
# which is way too low for +O4. In other words, doesn't +O3 make
# more sense?
# - Keep in mind that the HP compiler by default generates code
# suitable for execution on the host you're currently compiling at.
# If the toolkit is ment to be used on various PA-RISC processors
# consider './config +DAportable'.
# - +DD64 is chosen in favour of +DA2.0W because it's meant to be
# compatible with *future* releases.
# - If you run ./Configure hpux-parisc-[g]cc manually don't forget to
# pass -D_REENTRANT on HP-UX 10 and later.
# - -DMD32_XARRAY triggers workaround for compiler bug we ran into in
# 32-bit message digests. (For the moment of this writing) HP C
# doesn't seem to "digest" too many local variables (they make "him"
# chew forever:-). For more details look-up MD32_XARRAY comment in
# crypto/sha/sha_lcl.h.
# <appro@...>
#
# Since there is mention of this in shlib/hpux10-cc.sh
"hpux-parisc-cc-o4","cc:-Ae +O4 +ESlit -z -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::-D_REENTRANT::-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1:${no_asm}:dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"hpux-parisc-gcc","gcc:-O3 -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1:${no_asm}:dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"hpux-parisc2-gcc","gcc:-march=2.0 -O3 -DB_ENDIAN -D_REENTRANT::::-Wl,+s -ldld:SIXTY_FOUR_BIT RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL DES_RISC1::pa-risc2.o::::::::::::void:dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"hpux64-parisc2-gcc","gcc:-O3 -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::pa-risc2W.o::::::::::::void:dlfcn:hpux-shared:-fpic:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/pa20_64",

# More attempts at unified 10.X and 11.X targets for HP C compiler.
#
# Chris Ruemmler <ruemmler@...>
# Kevin Steves <ks@...>
"hpux-parisc-cc","cc:+O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:${no_asm}:dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"hpux-parisc1_0-cc","cc:+DAportable +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:${no_asm}:dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"hpux-parisc2-cc","cc:+DA2.0 +DS2.0 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY -D_REENTRANT::::-Wl,+s -ldld:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::pa-risc2.o::::::::::::void:dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"hpux64-parisc2-cc","cc:+DD64 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::pa-risc2W.o::::::::::::void:dlfcn:hpux-shared:+Z:+DD64 -b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/pa20_64",

# HP/UX IA-64 targets
"hpux-ia64-cc","cc:-Ae +DD32 +O2 +Olit=all -z -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:+Z:+DD32 -b:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/hpux32",
# Frank Geurts <frank.geurts@...> has patiently assisted with
# with debugging of the following config.
"hpux64-ia64-cc","cc:-Ae +DD64 +O3 +Olit=all -z -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:+Z:+DD64 -b:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/hpux64",
# GCC builds...
"hpux-ia64-gcc","gcc:-O3 -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:-fpic:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/hpux32",
"hpux64-ia64-gcc","gcc:-mlp64 -O3 -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:-fpic:-mlp64 -shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/hpux64",

# Legacy HPUX 9.X configs...
"hpux-cc", "cc:-DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O2 -z::(unknown)::-Wl,+s -ldld:DES_PTR DES_UNROLL DES_RISC1:${no_asm}:dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"hpux-gcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown)::-Wl,+s -ldld:DES_PTR DES_UNROLL DES_RISC1:${no_asm}:dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",

#### HP MPE/iX http://jazz.external.hp.com/src/openssl/
"MPE/iX-gcc", "gcc:-D_ENDIAN -DBN_DIV2W -O3 -D_POSIX_SOURCE -D_SOCKET_SOURCE -I/SYSLOG/PUB::(unknown):MPE:-L/SYSLOG/PUB -lsyslog -lsocket -lcurses:BN_LLONG DES_PTR DES_UNROLL DES_RISC1:::",

# DEC Alpha OSF/1/Tru64 targets.
#
# "What's in a name? That which we call a rose
# By any other word would smell as sweet."
#
# - William Shakespeare, "Romeo & Juliet", Act II, scene II.
#
# For gcc, the following gave a %50 speedup on a 164 over the 'DES_INT' version
#
"osf1-alpha-gcc", "gcc:-O3::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_RISC1:${alpha_asm}:dlfcn:alpha-osf1-shared:::.so",
"osf1-alpha-cc", "cc:-std1 -tune host -O4 -readonly_strings::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:alpha-osf1-shared:::.so",
"tru64-alpha-cc", "cc:-std1 -tune host -fast -readonly_strings::-pthread:::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:alpha-osf1-shared::-msym:.so",

####
#### Variety of LINUX:-)
####
# *-generic* is endian-neutral target, but ./config is free to
# throw in -D[BL]_ENDIAN, whichever appropriate...
"linux-generic32","gcc:-DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"linux-ppc", "gcc:-DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc32_asm}:linux32:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
# It's believed that majority of ARM toolchains predefine appropriate -march.
# If you compiler does not, do complement config command line with one!
"linux-armv4", "gcc:-DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
#### IA-32 targets...
"linux-ia32-icc", "icc:-DL_ENDIAN -DTERMIO -O2 -no_cpprt::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"linux-elf", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"linux-aout", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -march=i486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out",
####
"linux-generic64","gcc:-DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"linux-ppc64", "gcc:-m64 -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc64_asm}:linux64:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
"linux-ia64", "gcc:-DL_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"linux-ia64-ecc","ecc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"linux-ia64-icc","icc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"linux-x86_64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
"linux-s390x", "gcc:-m64 -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${s390x_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
#### SPARC Linux setups
# Ray Miller <ray.miller@...> has patiently
# assisted with debugging of following two configs.
"linux-sparcv8","gcc:-mv8 -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
# it's a real mess with -mcpu=ultrasparc option under Linux, but
# -Wa,-Av8plus should do the trick no matter what.
"linux-sparcv9","gcc:-m32 -mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -Wa,-Av8plus -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:-m32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
# GCC 3.1 is a requirement
"linux64-sparcv9","gcc:-m64 -mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
#### Alpha Linux with GNU C and Compaq C setups
# Special notes:
# - linux-alpha+bwx-gcc is ment to be used from ./config only. If you
# ought to run './Configure linux-alpha+bwx-gcc' manually, do
# complement the command line with -mcpu=ev56, -mcpu=ev6 or whatever
# which is appropriate.
# - If you use ccc keep in mind that -fast implies -arch host and the
# compiler is free to issue instructions which gonna make elder CPU
# choke. If you wish to build "blended" toolkit, add -arch generic
# *after* -fast and invoke './Configure linux-alpha-ccc' manually.
#
# <appro@...>
#
"linux-alpha-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"linux-alpha+bwx-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
"linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",

#### *BSD [do see comment about ${BSDthreads} above!]
"BSD-generic32","gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"BSD-x86", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"BSD-x86-elf", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-BSD-x86-elf", "gcc:-DL_ENDIAN -DTERMIOS -O3 -Wall -g::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"BSD-sparcv8", "gcc:-DB_ENDIAN -DTERMIOS -O3 -mv8 -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL:${sparcv8_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",

"BSD-generic64","gcc:-DTERMIOS -O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
# -DMD32_REG_T=int doesn't actually belong in sparc64 target, it
# simply *happens* to work around a compiler bug in gcc 3.3.3,
# triggered by RIPEMD160 code.
"BSD-sparc64", "gcc:-DB_ENDIAN -DTERMIOS -O3 -DMD32_REG_T=int -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC2 BF_PTR:${sparcv9_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"BSD-ia64", "gcc:-DL_ENDIAN -DTERMIOS -O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT:${ia64_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"BSD-x86_64", "gcc:-DL_ENDIAN -DTERMIOS -O3 -DMD32_REG_T=int -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",

"bsdi-elf-gcc", "gcc:-DPERL5 -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall::(unknown)::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",

"debug-bsdi-x86-elf", "gcc:-DPERL5 -DL_ENDIAN -DTERMIOS -fomit-frame-pointer -O2 -Wall -g::${BSDthreads}::-ldl -lm -lc:THIRY_TWO_BIT_LONG RC4_CHUNK BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",

"nextstep", "cc:-O -Wall:<libc.h>:(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::",
"nextstep3.3", "cc:-O3 -Wall:<libc.h>:(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::",

# NCR MP-RAS UNIX ver 02.03.01
"ncr-scde","cc:-O6 -Xa -Hoff=BEHAVED -686 -Hwide -Hiw::(unknown)::-lsocket -lnsl -lc89:${x86_gcc_des} ${x86_gcc_opts}:::",

# QNX
"qnx4", "cc:-DL_ENDIAN -DTERMIO::(unknown):::${x86_gcc_des} ${x86_gcc_opts}:",
"QNX6", "gcc:-DTERMIOS::::-lsocket::${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"QNX6-i386", "gcc:-DL_ENDIAN -DTERMIOS -O2 -Wall::::-lsocket:${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",

# BeOS
"beos-x86-r5", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -mcpu=pentium -Wall::-D_REENTRANT:BEOS:-lbe -lnet:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:beos:beos-shared:-fPIC -DPIC:-shared:.so",
"beos-x86-bone", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -mcpu=pentium -Wall::-D_REENTRANT:BEOS:-lbe -lbind -lsocket:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:beos:beos-shared:-fPIC:-shared:.so",

#### SCO/Caldera targets.
#
# Originally we had like unixware-*, unixware-*-pentium, unixware-*-p6, etc.
# Now we only have blended unixware-* as it's the only one used by ./config.
# If you want to optimize for particular microarchitecture, bypass ./config
# and './Configure unixware-7 -Kpentium_pro' or whatever appropriate.
# Note that not all targets include assembler support. Mostly because of
# lack of motivation to support out-of-date platforms with out-of-date
# compiler drivers and assemblers. Tim Rice <tim@...> has
# patiently assisted to debug most of it.
#
# UnixWare 2.0x fails destest with -O.
"unixware-2.0","cc:-DFILIO_H -DNO_STRINGS_H::-Kthread::-lsocket -lnsl -lresolv -lx:${x86_gcc_des} ${x86_gcc_opts}:::",
"unixware-2.1","cc:-O -DFILIO_H::-Kthread::-lsocket -lnsl -lresolv -lx:${x86_gcc_des} ${x86_gcc_opts}:::",
"unixware-7","cc:-O -DFILIO_H -Kalloca::-Kthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}:${x86_elf_asm}:dlfcn:svr5-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"unixware-7-gcc","gcc:-DL_ENDIAN -DFILIO_H -O3 -fomit-frame-pointer -march=pentium -Wall::-D_REENTRANT::-lsocket -lnsl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:gnu-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
# SCO 5 - Ben Laurie <ben@...> says the -O breaks the SCO cc.
"sco5-cc", "cc:-belf::(unknown)::-lsocket -lnsl:${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:svr3-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"sco5-gcc", "gcc:-O3 -fomit-frame-pointer::(unknown)::-lsocket -lnsl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:svr3-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",

#### IBM's AIX.
"aix3-cc", "cc:-O -DB_ENDIAN -qmaxmem=16384::(unknown):AIX::BN_LLONG RC4_CHAR:::",
"aix-gcc", "gcc:-O -DB_ENDIAN::-pthread:AIX::BN_LLONG RC4_CHAR:${ppc32_asm}:aix32:dlfcn:aix-shared::-shared -Wl,-G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X32",
"aix64-gcc","gcc:-maix64 -O -DB_ENDIAN::-pthread:AIX::SIXTY_FOUR_BIT_LONG RC4_CHAR:${ppc64_asm}:aix64:dlfcn:aix-shared::-maix64 -shared -Wl,-G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X64",
# Below targets assume AIX 5. Idea is to effectively disregard $OBJECT_MODE
# at build time. $OBJECT_MODE is respected at ./config stage!
"aix-cc", "cc:-q32 -O -DB_ENDIAN -qmaxmem=16384 -qro -qroconst::-qthreaded:AIX::BN_LLONG RC4_CHAR:${ppc32_asm}:aix32:dlfcn:aix-shared::-q32 -G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 32",
"aix64-cc", "cc:-q64 -O -DB_ENDIAN -qmaxmem=16384 -qro -qroconst::-qthreaded:AIX::SIXTY_FOUR_BIT_LONG RC4_CHAR:${ppc64_asm}:aix64:dlfcn:aix-shared::-q64 -G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 64",

#
# Cray T90 and similar (SDSC)
# It's Big-endian, but the algorithms work properly when B_ENDIAN is NOT
# defined. The T90 ints and longs are 8 bytes long, and apparently the
# B_ENDIAN code assumes 4 byte ints. Fortunately, the non-B_ENDIAN and
# non L_ENDIAN code aligns the bytes in each word correctly.
#
# The BIT_FIELD_LIMITS define is to avoid two fatal compiler errors:
#'Taking the address of a bit field is not allowed. '
#'An expression with bit field exists as the operand of "sizeof" '
# (written by Wayne Schroeder <schroede@...>)
#
# j90 is considered the base machine type for unicos machines,
# so this configuration is now called "cray-j90" ...
"cray-j90", "cc: -DBIT_FIELD_LIMITS -DTERMIOS::(unknown):CRAY::SIXTY_FOUR_BIT_LONG DES_INT:::",

#
# Cray T3E (Research Center Juelich, beckman@...)
#
# The BIT_FIELD_LIMITS define was written for the C90 (it seems). I added
# another use. Basically, the problem is that the T3E uses some bit fields
# for some st_addr stuff, and then sizeof and address-of fails
# I could not use the ams/alpha.o option because the Cray assembler, 'cam'
# did not like it.
"cray-t3e", "cc: -DBIT_FIELD_LIMITS -DTERMIOS::(unknown):CRAY::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT:::",

# DGUX, 88100.
"dgux-R3-gcc", "gcc:-O3 -fomit-frame-pointer::(unknown):::RC4_INDEX DES_UNROLL:::",
"dgux-R4-gcc", "gcc:-O3 -fomit-frame-pointer::(unknown)::-lnsl -lsocket:RC4_INDEX DES_UNROLL:::",
"dgux-R4-x86-gcc", "gcc:-O3 -fomit-frame-pointer -DL_ENDIAN::(unknown)::-lnsl -lsocket:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",

# Sinix/ReliantUNIX RM400
# NOTE: The CDS++ Compiler up to V2.0Bsomething has the IRIX_CC_BUG optimizer problem. Better use -g */
"ReliantUNIX","cc:-KPIC -g -DTERMIOS -DB_ENDIAN::-Kthread:SNI:-lsocket -lnsl -lc -L/usr/ucblib -lucb:BN_LLONG DES_PTR DES_RISC2 DES_UNROLL BF_PTR:${no_asm}:dlfcn:reliantunix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"SINIX","cc:-O::(unknown):SNI:-lsocket -lnsl -lc -L/usr/ucblib -lucb:RC4_INDEX RC4_CHAR:::",
"SINIX-N","/usr/ucb/cc:-O2 -misaligned::(unknown)::-lucb:RC4_INDEX RC4_CHAR:::",

# SIEMENS BS2000/OSD: an EBCDIC-based mainframe
"BS2000-OSD","c89:-O -XLLML -XLLMK -XL -DB_ENDIAN -DTERMIOS -DCHARSET_EBCDIC::(unknown)::-lsocket -lnsl:THIRTY_TWO_BIT DES_PTR DES_UNROLL MD2_CHAR RC4_INDEX RC4_CHAR BF_PTR:::",

# OS/390 Unix an EBCDIC-based Unix system on IBM mainframe
# You need to compile using the c89.sh wrapper in the tools directory, because the
# IBM compiler does not like the -L switch after any object modules.
#
"OS390-Unix","c89.sh:-O -DB_ENDIAN -DCHARSET_EBCDIC -DNO_SYS_PARAM_H -D_ALL_SOURCE::(unknown):::THIRTY_TWO_BIT DES_PTR DES_UNROLL MD2_CHAR RC4_INDEX RC4_CHAR BF_PTR:::",

# Visual C targets
#
# Win64 targets, WIN64I denotes IA-64 and WIN64A - AMD64
"VC-WIN64I","cl:-W3 -Gs0 -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE:::WIN64I::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:ia64cpuid.o:ia64.o::aes_core.o aes_cbc.o aes-ia64.o::md5-ia64.o:sha1-ia64.o sha256-ia64.o sha512-ia64.o:::::::ias:win32",
"VC-WIN64A","cl:-W3 -Gs0 -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE:::WIN64A::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:x86_64cpuid.o:bn_asm.o x86_64-mont.o::aes-x86_64.o::md5-x86_64.o:sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o::rc4-x86_64.o:::wp-x86_64.o:cmll-x86_64.o cmll_misc.o:auto:win32",
# x86 Win32 target defaults to ANSI API, if you want UNICODE, complement
# 'perl Configure VC-WIN32' with '-DUNICODE -D_UNICODE'
"VC-WIN32","cl:-W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE:::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${x86_asm}:win32n:win32",
# Unified CE target
"debug-VC-WIN32","cl:-W3 -WX -Gs0 -GF -Gy -Zi -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE:::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${x86_asm}:win32n:win32",
"VC-CE","cl::::WINCE::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${no_asm}:win32",

# Borland C++ 4.5
"BC-32","bcc32::::WIN32::BN_LLONG DES_PTR RC4_INDEX EXPORT_VAR_AS_FN:${no_asm}:win32",

# MinGW
"mingw", "gcc:-mno-cygwin -DL_ENDIAN -DOPENSSL_NO_CAPIENG -fomit-frame-pointer -O3 -march=i486 -Wall:::MINGW32:-lws2_32 -lgdi32:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts} EXPORT_VAR_AS_FN:${x86_asm}:coff:win32:cygwin-shared:-D_WINDLL -DOPENSSL_USE_APPLINK:-mno-cygwin:.dll.a",
# As for OPENSSL_USE_APPLINK. Applink makes it possible to use .dll
# compiled with one compiler with application compiled with another
# compiler. It's possible to engage Applink support in mingw64 build,
# but it's not done, because till mingw64 supports structured exception
# handling, one can't seriously consider its binaries for using with
# non-mingw64 run-time environment. And as mingw64 is always consistent
# with itself, Applink is never engaged and can as well be omitted.
"mingw64", "gcc:-mno-cygwin -DL_ENDIAN -O3 -Wall -DWIN32_LEAN_AND_MEAN -DUNICODE -D_UNICODE:::MINGW64:-lws2_32 -lgdi32 -lcrypt32:SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:${x86_64_asm}:mingw64:win32:cygwin-shared:-D_WINDLL:-mno-cygwin:.dll.a",

# UWIN
"UWIN", "cc:-DTERMIOS -DL_ENDIAN -O -Wall:::UWIN::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:win32",

# Cygwin
"Cygwin-pre1.3", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown):CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:win32",
"Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall:::CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:coff:dlfcn:cygwin-shared:-D_WINDLL:-shared:.dll.a",
"debug-Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -march=i486 -Wall -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -g -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror:::CYGWIN32:::${no_asm}:dlfcn:cygwin-shared:-D_WINDLL:-shared:.dll.a",

# NetWare from David Ward (dsward@...)
# requires either MetroWerks NLM development tools, or gcc / nlmconv
# NetWare defaults socket bio to WinSock sockets. However,
# the builds can be configured to use BSD sockets instead.
# netware-clib => legacy CLib c-runtime support
"netware-clib", "mwccnlm::::::${x86_gcc_opts}::",
"netware-clib-bsdsock", "mwccnlm::::::${x86_gcc_opts}::",
"netware-clib-gcc", "i586-netware-gcc:-nostdinc -I/ndk/nwsdk/include/nlm -I/ndk/ws295sdk/include -DL_ENDIAN -DNETWARE_CLIB -DOPENSSL_SYSNAME_NETWARE -O2 -Wall:::::${x86_gcc_opts}::",
"netware-clib-bsdsock-gcc", "i586-netware-gcc:-nostdinc -I/ndk/nwsdk/include/nlm -DNETWARE_BSDSOCK -DNETDB_USE_INTERNET -DL_ENDIAN -DNETWARE_CLIB -DOPENSSL_SYSNAME_NETWARE -O2 -Wall:::::${x86_gcc_opts}::",
# netware-libc => LibC/NKS support
"netware-libc", "mwccnlm::::::BN_LLONG ${x86_gcc_opts}::",
"netware-libc-bsdsock", "mwccnlm::::::BN_LLONG ${x86_gcc_opts}::",
"netware-libc-gcc", "i586-netware-gcc:-nostdinc -I/ndk/libc/include -I/ndk/libc/include/winsock -DL_ENDIAN -DNETWARE_LIBC -DOPENSSL_SYSNAME_NETWARE -DTERMIO -O2 -Wall:::::BN_LLONG ${x86_gcc_opts}::",
"netware-libc-bsdsock-gcc", "i586-netware-gcc:-nostdinc -I/ndk/libc/include -DNETWARE_BSDSOCK -DL_ENDIAN -DNETWARE_LIBC -DOPENSSL_SYSNAME_NETWARE -DTERMIO -O2 -Wall:::::BN_LLONG ${x86_gcc_opts}::",

# DJGPP
"DJGPP", "gcc:-I/dev/env/WATT_ROOT/inc -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -Wall:::MSDOS:-L/dev/env/WATT_ROOT/lib -lwatt:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out:",

# Ultrix from Bernhard Simon <simon@...>
"ultrix-cc","cc:-std1 -O -Olimit 2500 -DL_ENDIAN::(unknown):::::::",
"ultrix-gcc","gcc:-O3 -DL_ENDIAN::(unknown):::BN_LLONG::::",
# K&R C is no longer supported; you need gcc on old Ultrix installations
##"ultrix","cc:-O2 -DNOPROTO -DNOCONST -DL_ENDIAN::(unknown):::::::",

##### MacOS X (a.k.a. Rhapsody or Darwin) setup
"rhapsody-ppc-cc","cc:-O3 -DB_ENDIAN::(unknown):MACOSX_RHAPSODY::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}::",
"darwin-ppc-cc","cc:-arch ppc -O3 -DB_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${ppc32_asm}:osx32:dlfcn:darwin-shared:-fPIC -fno-common:-arch ppc -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
"darwin64-ppc-cc","cc:-arch ppc64 -O3 -DB_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${ppc64_asm}:osx64:dlfcn:darwin-shared:-fPIC -fno-common:-arch ppc64 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
"darwin-i386-cc","cc:-arch i386 -O3 -fomit-frame-pointer -DL_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_INT RC4_CHUNK DES_UNROLL BF_PTR:${x86_asm}:macosx:dlfcn:darwin-shared:-fPIC -fno-common:-arch i386 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
"debug-darwin-i386-cc","cc:-arch i386 -g3 -DL_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_INT RC4_CHUNK DES_UNROLL BF_PTR:${x86_asm}:macosx:dlfcn:darwin-shared:-fPIC -fno-common:-arch i386 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
"darwin64-x86_64-cc","cc:-arch x86_64 -O3 -DL_ENDIAN -DMD32_REG_T=int -Wall::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:macosx:dlfcn:darwin-shared:-fPIC -fno-common:-arch x86_64 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
"debug-darwin-ppc-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DB_ENDIAN -g -Wall -O::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${ppc32_asm}:osx32:dlfcn:darwin-shared:-fPIC:-dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",

##### A/UX
"aux3-gcc","gcc:-O2 -DTERMIO::(unknown):AUX:-lbsd:RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::",

##### Sony NEWS-OS 4.x
"newsos4-gcc","gcc:-O -DB_ENDIAN::(unknown):NEWS4:-lmld -liberty:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::",

##### GNU Hurd
"hurd-x86", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -march=i486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC",

##### OS/2 EMX
"OS2-EMX", "gcc::::::::",

##### VxWorks for various targets
"vxworks-ppc405","ccppc:-g -msoft-float -mlongcall -DCPU=PPC405 -I\$(WIND_BASE)/target/h:::VXWORKS:-r:::::",
"vxworks-ppc750","ccppc:-ansi -nostdinc -DPPC750 -D_REENTRANT -fvolatile -fno-builtin -fno-for-scope -fsigned-char -Wall -msoft-float -mlongcall -DCPU=PPC604 -I\$(WIND_BASE)/target/h \$(DEBUG_FLAG):::VXWORKS:-r:::::",
"vxworks-ppc750-debug","ccppc:-ansi -nostdinc -DPPC750 -D_REENTRANT -fvolatile -fno-builtin -fno-for-scope -fsigned-char -Wall -msoft-float -mlongcall -DCPU=PPC604 -I\$(WIND_BASE)/target/h -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DDEBUG -g:::VXWORKS:-r:::::",
"vxworks-ppc860","ccppc:-nostdinc -msoft-float -DCPU=PPC860 -DNO_STRINGS_H -I\$(WIND_BASE)/target/h:::VXWORKS:-r:::::",
"vxworks-mipsle","ccmips:-B\$(WIND_BASE)/host/\$(WIND_HOST_TYPE)/lib/gcc-lib/ -DL_ENDIAN -EL -Wl,-EL -mips2 -mno-branch-likely -G 0 -fno-builtin -msoft-float -DCPU=MIPS32 -DMIPSEL -DNO_STRINGS_H -I\$(WIND_BASE)/target/h:::VXWORKS:-r::${no_asm}::::::ranlibmips:",

##### Compaq Non-Stop Kernel (Tandem)
"tandem-c89","c89:-Ww -D__TANDEM -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1 -D_TANDEM_SOURCE -DB_ENDIAN::(unknown):::THIRTY_TWO_BIT:::",

# uClinux
"uClinux-dist","$ENV{'CC'}:\$(CFLAGS)::-D_REENTRANT::\$(LDFLAGS) \$(LDLIBS):BN_LLONG:::::::::::::::$ENV{'LIBSSL_dlfcn'}:linux-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):$ENV{'RANLIB'}::",
"uClinux-dist64","$ENV{'CC'}:\$(CFLAGS)::-D_REENTRANT::\$(LDFLAGS) \$(LDLIBS):SIXTY_FOUR_BIT_LONG:::::::::::::::$ENV{'LIBSSL_dlfcn'}:linux-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):$ENV{'RANLIB'}::",

);

my @MK1MF_Builds=qw(VC-WIN64I VC-WIN64A
VC-NT VC-CE VC-WIN32 debug-VC-WIN32
BC-32
netware-clib netware-clib-bsdsock
netware-libc netware-libc-bsdsock);

my $idx = 0;
my $idx_cc = $idx++;
my $idx_cflags = $idx++;
my $idx_unistd = $idx++;
my $idx_thread_cflag = $idx++;
my $idx_sys_id = $idx++;
my $idx_lflags = $idx++;
my $idx_bn_ops = $idx++;
my $idx_cpuid_obj = $idx++;
my $idx_bn_obj = $idx++;
my $idx_des_obj = $idx++;
my $idx_aes_obj = $idx++;
my $idx_bf_obj = $idx++;
my $idx_md5_obj = $idx++;
my $idx_sha1_obj = $idx++;
my $idx_cast_obj = $idx++;
my $idx_rc4_obj = $idx++;
my $idx_rmd160_obj = $idx++;
my $idx_rc5_obj = $idx++;
my $idx_wp_obj = $idx++;
my $idx_cmll_obj = $idx++;
my $idx_perlasm_scheme = $idx++;
my $idx_dso_scheme = $idx++;
my $idx_shared_target = $idx++;
my $idx_shared_cflag = $idx++;
my $idx_shared_ldflag = $idx++;
my $idx_shared_extension = $idx++;
my $idx_ranlib = $idx++;
my $idx_arflags = $idx++;
my $idx_multilib = $idx++;

my $prefix="";
my $libdir="";
my $openssldir="";
my $exe_ext="";
my $install_prefix= "$ENV{'INSTALL_PREFIX'}";
my $cross_compile_prefix="";
my $no_threads=0;
my $threads=0;
my $no_shared=0; # but "no-shared" is default
my $zlib=1; # but "no-zlib" is default
my $no_krb5=0; # but "no-krb5" is implied unless "--with-krb5-..." is used
my $no_rfc3779=1; # but "no-rfc3779" is default
my $no_asm=0;
my $no_dso=0;
my $no_gmp=0;
my @skip=();
my $Makefile="Makefile";
my $des_locl="crypto/des/des_locl.h";
my $des ="crypto/des/des.h";
my $bn ="crypto/bn/bn.h";
my $md2 ="crypto/md2/md2.h";
my $rc4 ="crypto/rc4/rc4.h";
my $rc4_locl="crypto/rc4/rc4_locl.h";
my $idea ="crypto/idea/idea.h";
my $rc2 ="crypto/rc2/rc2.h";
my $bf ="crypto/bf/bf_locl.h";
my $bn_asm ="bn_asm.o";
my $des_enc="des_enc.o fcrypt_b.o";
my $aes_enc="aes_core.o aes_cbc.o";
my $bf_enc ="bf_enc.o";
my $cast_enc="c_enc.o";
my $rc4_enc="rc4_enc.o rc4_skey.o";
my $rc5_enc="rc5_enc.o";
my $md5_obj="";
my $sha1_obj="";
my $rmd160_obj="";
my $cmll_enc="camellia.o cmll_misc.o cmll_cbc.o";
my $processor="";
my $default_ranlib;
my $perl;

# All of the following is disabled by default (RC5 was enabled before 0.9.8):

my %disabled = ( # "what" => "comment" [or special keyword "experimental"]
"gmp" => "default",
"jpake" => "experimental",
"md2" => "default",
"rc5" => "default",
"rfc3779" => "default",
"shared" => "default",
"store" => "experimental",
"zlib" => "default",
"zlib-dynamic" => "default"
);
my @experimental = ();

# This is what $depflags will look like with the above defaults
# (we need this to see if we should advise the user to run "make depend"):
my $default_depflags = " -DOPENSSL_NO_GMP -DOPENSSL_NO_JPAKE -DOPENSSL_NO_MD2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_STORE";

# Explicit "no-..." options will be collected in %disabled along with the defaults.
# To remove something from %disabled, use "enable-foo" (unless it's experimental).
# For symmetry, "disable-foo" is a synonym for "no-foo".

# For features called "experimental" here, a more explicit "experimental-foo" is needed to enable.
# We will collect such requests in @experimental.
# To avoid accidental use of experimental features, applications will have to use -DOPENSSL_EXPERIMENTAL_FOO.

my $no_sse2=0;

&usage if ($#ARGV < 0);

my $flags;
my $depflags;
my $openssl_experimental_defines;
my $openssl_algorithm_defines;
my $openssl_thread_defines;
my $openssl_sys_defines="";
my $openssl_other_defines;
my $libs;
my $libkrb5="";
my $target;
my $options;
my $symlink;
my $make_depend=0;
my %withargs=();

my @argvcopy=@ARGV;
my $argvstring="";
my $argv_unprocessed=1;

while($argv_unprocessed)
{
$flags="";
$depflags="";
$openssl_experimental_defines="";
$openssl_algorithm_defines="";
$openssl_thread_defines="";
$openssl_sys_defines="";
$openssl_other_defines="";
$libs="";
$target="";
$options="";
$symlink=1;

$argv_unprocessed=0;
$argvstring=join(' ',@argvcopy);

PROCESS_ARGS:
foreach (@argvcopy)
{
s /^-no-/no-/; # some people just can't read the instructions

# rewrite some options in "enable-..." form
s /^-?-?shared$/enable-shared/;
s /^threads$/enable-threads/;
s /^zlib$/enable-zlib/;
s /^zlib-dynamic$/enable-zlib-dynamic/;

if (/^no-(.+)$/ || /^disable-(.+)$/)
{
if (!($disabled{$1} eq "experimental"))
{
if ($1 eq "ssl")
{
$disabled{"ssl2"} = "option(ssl)";
$disabled{"ssl3"} = "option(ssl)";
}
elsif ($1 eq "tls")
{
$disabled{"tls1"} = "option(tls)"
}
else
{
$disabled{$1} = "option";
}
}
}
elsif (/^enable-(.+)$/ || /^experimental-(.+)$/)
{
my $algo = $1;
if ($disabled{$algo} eq "experimental")
{
die "You are requesting an experimental feature; please say 'experimental-$algo' if you are sure\n"
unless (/^experimental-/);
push @experimental, $algo;
}
delete $disabled{$algo};

$threads = 1 if ($algo eq "threads");
}
elsif (/^--test-sanity$/)
{
exit(&test_sanity());
}
elsif (/^--strict-warnings/)
{
$strict_warnings = 1;
}
elsif (/^reconfigure/ || /^reconf/)
{
if (open(IN,"<$Makefile"))
{
while (<IN>)
{
chomp;
if (/^CONFIGURE_ARGS=(.*)/)
{
$argvstring=$1;
@argvcopy=split(' ',$argvstring);
die "Incorrect data to reconfigure, please do a normal configuration\n"
if (grep(/^reconf/,@argvcopy));
print "Reconfiguring with: $argvstring\n";
$argv_unprocessed=1;
close(IN);
last PROCESS_ARGS;
}
}
close(IN);
}
die "Insufficient data to reconfigure, please do a normal configuration\n";
}
elsif (/^386$/)
{ $processor=386; }
elsif (/^rsaref$/)
{
# No RSAref support any more since it's not needed.
# The check for the option is there so scripts aren't
# broken
}
elsif (/^[-+]/)
{
if (/^-[lL](.*)$/ or /^-Wl,/)
{
$libs.=$_." ";
}
elsif (/^-[^-]/ or /^\+/)
{
$flags.=$_." ";
}
elsif (/^--prefix=(.*)$/)
{
$prefix=$1;
}
elsif (/^--libdir=(.*)$/)
{
$libdir=$1;
}
elsif (/^--openssldir=(.*)$/)
{
$openssldir=$1;
}
elsif (/^--install.prefix=(.*)$/)
{
$install_prefix=$1;
}
elsif (/^--with-krb5-(dir|lib|include|flavor)=(.*)$/)
{
$withargs{"krb5-".$1}=$2;
}
elsif (/^--with-zlib-lib=(.*)$/)
{
$withargs{"zlib-lib"}=$1;
}
elsif (/^--with-zlib-include=(.*)$/)
{
$withargs{"zlib-include"}="-I$1";
}
elsif (/^--cross-compile-prefix=(.*)$/)
{
$cross_compile_prefix=$1;
}
else
{
print STDERR $usage;
exit(1);
}
}
elsif ($_ =~ /^([^:]+):(.+)$/)
{
eval "\$table{\$1} = \"$2\""; # allow $xxx constructs in the string
$target=$1;
}
else
{
die "target already defined - $target (offending arg: $_)\n" if ($target ne "");
$target=$_;
}

unless ($_ eq $target || /^no-/ || /^disable-/)
{
# "no-..." follows later after implied disactivations
# have been derived. (Don't take this too seroiusly,
# we really only write OPTIONS to the Makefile out of
# nostalgia.)

if ($options eq "")
{ $options = $_; }
else
{ $options .= " ".$_; }
}
}
}

if ($processor eq "386")
{
$disabled{"sse2"} = "forced";
}

if (!defined($withargs{"krb5-flavor"}) || $withargs{"krb5-flavor"} eq "")
{
$disabled{"krb5"} = "krb5-flavor not specified";
}

if (!defined($disabled{"zlib-dynamic"}))
{
# "zlib-dynamic" was specifically enabled, so enable "zlib"
delete $disabled{"zlib"};
}

if (defined($disabled{"rijndael"}))
{
$disabled{"aes"} = "forced";
}
if (defined($disabled{"des"}))
{
$disabled{"mdc2"} = "forced";
}
if (defined($disabled{"ec"}))
{
$disabled{"ecdsa"} = "forced";
$disabled{"ecdh"} = "forced";
}

# SSL 2.0 requires MD5 and RSA
if (defined($disabled{"md5"}) || defined($disabled{"rsa"}))
{
$disabled{"ssl2"} = "forced";
}

# SSL 3.0 and TLS requires MD5 and SHA and either RSA or DSA+DH
if (defined($disabled{"md5"}) || defined($disabled{"sha"})
|| (defined($disabled{"rsa"})
&& (defined($disabled{"dsa"}) || defined($disabled{"dh"}))))
{
$disabled{"ssl3"} = "forced";
$disabled{"tls1"} = "forced";
}

if (defined($disabled{"tls1"}))
{
$disabled{"tlsext"} = "forced";
}

if (defined($disabled{"ec"}) || defined($disabled{"dsa"})
|| defined($disabled{"dh"}))
{
$disabled{"gost"} = "forced";
}

if ($target eq "TABLE") {
foreach $target (sort keys %table) {
print_table_entry($target);
}
exit 0;
}

if ($target eq "LIST") {
foreach (sort keys %table) {
print;
print "\n";
}
exit 0;
}

if ($target =~ m/^CygWin32(-.*)$/) {
$target = "Cygwin".$1;
}

print "Configuring for $target\n";

&usage if (!defined($table{$target}));

foreach (sort (keys %disabled))
{
$options .= " no-$_";

printf " no-%-12s %-10s", $_, "[$disabled{$_}]";

if (/^dso$/)
{ $no_dso = 1; }
elsif (/^threads$/)
{ $no_threads = 1; }
elsif (/^shared$/)
{ $no_shared = 1; }
elsif (/^zlib$/)
{ $zlib = 0; }
elsif (/^static-engine$/)
{ }
elsif (/^zlib-dynamic$/)
{ }
elsif (/^symlinks$/)
{ $symlink = 0; }
elsif (/^sse2$/)
{ $no_sse2 = 1; }
else
{
my ($ALGO, $algo);
($ALGO = $algo = $_) =~ tr/[a-z]/[A-Z]/;

if (/^asm$/ || /^err$/ || /^hw$/ || /^hw-/)
{
$openssl_other_defines .= "#define OPENSSL_NO_$ALGO\n";
print " OPENSSL_NO_$ALGO";

if (/^err$/) { $flags .= "-DOPENSSL_NO_ERR "; }
elsif (/^asm$/) { $no_asm = 1; }
}
else
{
$openssl_algorithm_defines .= "#define OPENSSL_NO_$ALGO\n";
print " OPENSSL_NO_$ALGO";

if (/^krb5$/)
{ $no_krb5 = 1; }
else
{
push @skip, $algo;
print " (skip dir)";

$depflags .= " -DOPENSSL_NO_$ALGO";
}
}
}

print "\n";
}

my $exp_cflags = "";
foreach (sort @experimental)
{
my $ALGO;
($ALGO = $_) =~ tr/[a-z]/[A-Z]/;

# opensslconf.h will set OPENSSL_NO_... unless OPENSSL_EXPERIMENTAL_... is defined
$openssl_experimental_defines .= "#define OPENSSL_NO_$ALGO\n";
$exp_cflags .= " -DOPENSSL_EXPERIMENTAL_$ALGO";
}

my $IsMK1MF=scalar grep /^$target$/,@MK1MF_Builds;

$exe_ext=".exe" if ($target eq "Cygwin" || $target eq "DJGPP" || $target =~ /^mingw/);
$exe_ext=".nlm" if ($target =~ /netware/);
$exe_ext=".pm" if ($target =~ /vos/);
$openssldir="/usr/local/ssl" if ($openssldir eq "" and $prefix eq "");
$prefix=$openssldir if $prefix eq "";

$libdir="lib" if $libdir eq "";

$default_ranlib= &which("ranlib") or $default_ranlib="true";
$perl=$ENV{'PERL'} or $perl=&which("perl5") or $perl=&which("perl")
or $perl="perl";
my $make = $ENV{'MAKE'} || "make";

$cross_compile_prefix=$ENV{'CROSS_COMPILE'} if $cross_compile_prefix eq "";

chop $openssldir if $openssldir =~ /\/$/;
chop $prefix if $prefix =~ /.\/$/;

$openssldir=$prefix . "/ssl" if $openssldir eq "";
$openssldir=$prefix . "/" . $openssldir if $openssldir !~ /(^\/|^[a-zA-Z]:[\\\/])/;

print "IsMK1MF=$IsMK1MF\n";

my @fields = split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);
my $cc = $fields[$idx_cc];
# Allow environment CC to override compiler...
if($ENV{CC}) {
$cc = $ENV{CC};
}
my $cflags = $fields[$idx_cflags];
my $unistd = $fields[$idx_unistd];
my $thread_cflag = $fields[$idx_thread_cflag];
my $sys_id = $fields[$idx_sys_id];
my $lflags = $fields[$idx_lflags];
my $bn_ops = $fields[$idx_bn_ops];
my $cpuid_obj = $fields[$idx_cpuid_obj];
my $bn_obj = $fields[$idx_bn_obj];
my $des_obj = $fields[$idx_des_obj];
my $aes_obj = $fields[$idx_aes_obj];
my $bf_obj = $fields[$idx_bf_obj];
my $md5_obj = $fields[$idx_md5_obj];
my $sha1_obj = $fields[$idx_sha1_obj];
my $cast_obj = $fields[$idx_cast_obj];
my $rc4_obj = $fields[$idx_rc4_obj];
my $rmd160_obj = $fields[$idx_rmd160_obj];
my $rc5_obj = $fields[$idx_rc5_obj];
my $wp_obj = $fields[$idx_wp_obj];
my $cmll_obj = $fields[$idx_cmll_obj];
my $perlasm_scheme = $fields[$idx_perlasm_scheme];
my $dso_scheme = $fields[$idx_dso_scheme];
my $shared_target = $fields[$idx_shared_target];
my $shared_cflag = $fields[$idx_shared_cflag];
my $shared_ldflag = $fields[$idx_shared_ldflag];
my $shared_extension = $fields[$idx_shared_extension];
my $ranlib = $ENV{'RANLIB'} || $fields[$idx_ranlib];
my $ar = $ENV{'AR'} || "ar";
my $arflags = $fields[$idx_arflags];
my $multilib = $fields[$idx_multilib];

$cflags = "$cflags$exp_cflags";

# '%' in $lflags is used to split flags to "pre-" and post-flags
my ($prelflags,$postlflags)=split('%',$lflags);
if (defined($postlflags)) { $lflags=$postlflags; }
else { $lflags=$prelflags; undef $prelflags; }

my $no_shared_warn=0;
my $no_user_cflags=0;

if ($flags ne "") { $cflags="$flags$cflags"; }
else { $no_user_cflags=1; }

# Kerberos settings. The flavor must be provided from outside, either through
# the script "config" or manually.
if (!$no_krb5)
{
my ($lresolv, $lpath, $lext);
if ($withargs{"krb5-flavor"} =~ /^[Hh]eimdal$/)
{
die "Sorry, Heimdal is currently not supported\n";
}
##### HACK to force use of Heimdal.
##### WARNING: Since we don't really have adequate support for Heimdal,
##### using this will break the build. You'll have to make
##### changes to the source, and if you do, please send
##### patches to openssl-dev@...
if ($withargs{"krb5-flavor"} =~ /^force-[Hh]eimdal$/)
{
warn "Heimdal isn't really supported. Your build WILL break\n";
warn "If you fix the problems, please send a patch to openssl-dev\@openssl.org\n";
$withargs{"krb5-dir"} = "/usr/heimdal"
if $withargs{"krb5-dir"} eq "";
$withargs{"krb5-lib"} = "-L".$withargs{"krb5-dir"}.
"/lib -lgssapi -lkrb5 -lcom_err"
if $withargs{"krb5-lib"} eq "" && !$IsMK1MF;
$cflags="-DKRB5_HEIMDAL $cflags";
}
if ($withargs{"krb5-flavor"} =~ /^[Mm][Ii][Tt]/)
{
$withargs{"krb5-dir"} = "/usr/kerberos"
if $withargs{"krb5-dir"} eq "";
$withargs{"krb5-lib"} = "-L".$withargs{"krb5-dir"}.
"/lib -lgssapi_krb5 -lkrb5 -lcom_err -lk5crypto"
if $withargs{"krb5-lib"} eq "" && !$IsMK1MF;
$cflags="-DKRB5_MIT $cflags";
$withargs{"krb5-flavor"} =~ s/^[Mm][Ii][Tt][._-]*//;
if ($withargs{"krb5-flavor"} =~ /^1[._-]*[01]/)
{
$cflags="-DKRB5_MIT_OLD11 $cflags";
}
}
LRESOLV:
foreach $lpath ("/lib", "/usr/lib")
{
foreach $lext ("a", "so")
{
$lresolv = "$lpath/libresolv.$lext";
last LRESOLV if (-r "$lresolv");
$lresolv = "";
}
}
$withargs{"krb5-lib"} .= " -lresolv"
if ("$lresolv" ne "");
$withargs{"krb5-include"} = "-I".$withargs{"krb5-dir"}."/include"
if $withargs{"krb5-include"} eq "" &&
$withargs{"krb5-dir"} ne "";
}

# The DSO code currently always implements all functions so that no
# applications will have to worry about that from a compilation point
# of view. However, the "method"s may return zero unless that platform
# has support compiled in for them. Currently each method is enabled
# by a define "DSO_<name>" ... we translate the "dso_scheme" config
# string entry into using the following logic;
my $dso_cflags;
if (!$no_dso && $dso_scheme ne "")
{
$dso_scheme =~ tr/[a-z]/[A-Z]/;
if ($dso_scheme eq "DLFCN")
{
$dso_cflags = "-DDSO_DLFCN -DHAVE_DLFCN_H";
}
elsif ($dso_scheme eq "DLFCN_NO_H")
{
$dso_cflags = "-DDSO_DLFCN";
}
else
{
$dso_cflags = "-DDSO_$dso_scheme";
}
$cflags = "$dso_cflags $cflags";
}

my $thread_cflags;
my $thread_defines;
if ($thread_cflag ne "(unknown)" && !$no_threads)
{
# If we know how to do it, support threads by default.
$threads = 1;
}
if ($thread_cflag eq "(unknown)" && $threads)
{
# If the user asked for "threads", [s]he is also expected to
# provide any system-dependent compiler options that are
# necessary.
if ($no_user_cflags)
{
print "You asked for multi-threading support, but didn't\n";
print "provide any system-specific compiler options\n";
exit(1);
}
$thread_cflags="-DOPENSSL_THREADS $cflags" ;
$thread_defines .= "#define OPENSSL_THREADS\n";
}
else
{
$thread_cflags="-DOPENSSL_THREADS $thread_cflag $cflags";
$thread_defines .= "#define OPENSSL_THREADS\n";
# my $def;
# foreach $def (split ' ',$thread_cflag)
# {
# if ($def =~ s/^-D// && $def !~ /^_/)
# {
# $thread_defines .= "#define $def\n";
# }
# }
}

$lflags="$libs$lflags" if ($libs ne "");

if ($no_asm)
{
$cpuid_obj=$bn_obj=
$des_obj=$aes_obj=$bf_obj=$cast_obj=$rc4_obj=$rc5_obj=$cmll_obj=
$sha1_obj=$md5_obj=$rmd160_obj=$wp_obj="";
}

if (!$no_shared)
{
$cast_obj=""; # CAST assembler is not PIC
}

if ($threads)
{
$cflags=$thread_cflags;
$openssl_thread_defines .= $thread_defines;
}

if ($zlib)
{
$cflags = "-DZLIB $cflags";
if (defined($disabled{"zlib-dynamic"}))
{
if (defined($withargs{"zlib-lib"}))
{
$lflags = "$lflags -L" . $withargs{"zlib-lib"} . " -lz";
}
else
{
$lflags = "$lflags -lz";
}
}
else
{
$cflags = "-DZLIB_SHARED $cflags";
}
}

# You will find shlib_mark1 and shlib_mark2 explained in Makefile.org
my $shared_mark = "";
if ($shared_target eq "")
{
$no_shared_warn = 1 if !$no_shared;
$no_shared = 1;
}
if (!$no_shared)
{
if ($shared_cflag ne "")
{
$cflags = "$shared_cflag -DOPENSSL_PIC $cflags";
}
}

if (!$IsMK1MF)
{
# add {no-}static-engine to options to allow mkdef.pl to work without extra arguments
if ($no_shared)
{
$openssl_other_defines.="#define OPENSSL_NO_DYNAMIC_ENGINE\n";
$options.=" static-engine";
}
else
{
$openssl_other_defines.="#define OPENSSL_NO_STATIC_ENGINE\n";
$options.=" no-static-engine";
}
}

$cpuid_obj.=" uplink.o uplink-cof.o" if ($cflags =~ /\-DOPENSSL_USE_APPLINK/);

#
# Platform fix-ups
#
if ($target =~ /\-icc$/) # Intel C compiler
{
my $iccver=0;
if (open(FD,"$cc -V 2>&1 |"))
{
while(<FD>) { $iccver=$1 if (/Version ([0-9]+)\./); }
close(FD);
}
if ($iccver>=8)
{
# Eliminate unnecessary dependency from libirc.a. This is
# essential for shared library support, as otherwise
# apps/openssl can end up in endless loop upon startup...
$cflags.=" -Dmemcpy=__builtin_memcpy -Dmemset=__builtin_memset";
}
if ($iccver>=9)
{
$cflags.=" -i-static";
$cflags=~s/\-no_cpprt/-no-cpprt/;
}
if ($iccver>=10)
{
$cflags=~s/\-i\-static/-static-intel/;
}
}

# Unlike other OSes (like Solaris, Linux, Tru64, IRIX) BSD run-time
# linkers (tested OpenBSD, NetBSD and FreeBSD) "demand" RPATH set on
# .so objects. Apparently application RPATH is not global and does
# not apply to .so linked with other .so. Problem manifests itself
# when libssl.so fails to load libcrypto.so. One can argue that we
# should engrave this into Makefile.shared rules or into BSD-* config
# lines above. Meanwhile let's try to be cautious and pass -rpath to
# linker only when --prefix is not /usr.
if ($target =~ /^BSD\-/)
{
$shared_ldflag.=" -Wl,-rpath,\$(LIBRPATH)" if ($prefix !~ m|^/usr[/]*$|);
}

if ($sys_id ne "")
{
#$cflags="-DOPENSSL_SYSNAME_$sys_id $cflags";
$openssl_sys_defines="#define OPENSSL_SYSNAME_$sys_id\n";
}

if ($ranlib eq "")
{
$ranlib = $default_ranlib;
}

#my ($bn1)=split(/\s+/,$bn_obj);
#$bn1 = "" unless defined $bn1;
#$bn1=$bn_asm unless ($bn1 =~ /\.o$/);
#$bn_obj="$bn1";

$cpuid_obj="" if ($processor eq "386");

$bn_obj = $bn_asm unless $bn_obj ne "";
# bn-586 is the only one implementing bn_*_part_words
$cflags.=" -DOPENSSL_BN_ASM_PART_WORDS" if ($bn_obj =~ /bn-586/);
$cflags.=" -DOPENSSL_IA32_SSE2" if (!$no_sse2 && $bn_obj =~ /86/);

$cflags.=" -DOPENSSL_BN_ASM_MONT" if ($bn_obj =~ /-mont/);

$cpuid_obj="mem_clr.o" unless ($cpuid_obj =~ /\.o$/);
$des_obj=$des_enc unless ($des_obj =~ /\.o$/);
$bf_obj=$bf_enc unless ($bf_obj =~ /\.o$/);
$cast_obj=$cast_enc unless ($cast_obj =~ /\.o$/);
$rc4_obj=$rc4_enc unless ($rc4_obj =~ /\.o$/);
$rc5_obj=$rc5_enc unless ($rc5_obj =~ /\.o$/);
if ($sha1_obj =~ /\.o$/)
{
# $sha1_obj=$sha1_enc;
$cflags.=" -DSHA1_ASM" if ($sha1_obj =~ /sx86/ || $sha1_obj =~ /sha1/);
$cflags.=" -DSHA256_ASM" if ($sha1_obj =~ /sha256/);
$cflags.=" -DSHA512_ASM" if ($sha1_obj =~ /sha512/);
if ($sha1_obj =~ /sse2/)
{ if ($no_sse2)
{ $sha1_obj =~ s/\S*sse2\S+//; }
elsif ($cflags !~ /OPENSSL_IA32_SSE2/)
{ $cflags.=" -DOPENSSL_IA32_SSE2"; }
}
}
if ($md5_obj =~ /\.o$/)
{
# $md5_obj=$md5_enc;
$cflags.=" -DMD5_ASM";
}
if ($rmd160_obj =~ /\.o$/)
{
# $rmd160_obj=$rmd160_enc;
$cflags.=" -DRMD160_ASM";
}
if ($aes_obj =~ /\.o$/)
{
$cflags.=" -DAES_ASM";
}
else {
$aes_obj=$aes_enc;
}
$wp_obj="" if ($wp_obj =~ /mmx/ && $processor eq "386");
if ($wp_obj =~ /\.o$/)
{
$cflags.=" -DWHIRLPOOL_ASM";
}
else {
$wp_obj="wp_block.o";
}
$cmll_obj=$cmll_enc unless ($cmll_obj =~ /.o$/);

# "Stringify" the C flags string. This permits it to be made part of a string
# and works as well on command lines.
$cflags =~ s/([\\\"])/\\\1/g;

my $version = "unknown";
my $version_num = "unknown";
my $major = "unknown";
my $minor = "unknown";
my $shlib_version_number = "unknown";
my $shlib_version_history = "unknown";
my $shlib_major = "unknown";
my $shlib_minor = "unknown";

open(IN,'<crypto/opensslv.h') || die "unable to read opensslv.h:$!\n";
while (<IN>)
{
$version=$1 if /OPENSSL.VERSION.TEXT.*OpenSSL (\S+) /;
$version_num=$1 if /OPENSSL.VERSION.NUMBER.*0x(\S+)/;
$shlib_version_number=$1 if /SHLIB_VERSION_NUMBER *"([^"]+)"/;
$shlib_version_history=$1 if /SHLIB_VERSION_HISTORY *"([^"]*)"/;
}
close(IN);
if ($shlib_version_history ne "") { $shlib_version_history .= ":"; }

if ($version =~ /(^[0-9]*)\.([0-9\.]*)/)
{
$major=$1;
$minor=$2;
}

if ($shlib_version_number =~ /(^[0-9]*)\.([0-9\.]*)/)
{
$shlib_major=$1;
$shlib_minor=$2;
}

if ($strict_warnings)
{
my $wopt;
die "ERROR --strict-warnings requires gcc" unless ($cc =~ /gcc$/);
foreach $wopt (split /\s+/, $gcc_devteam_warn)
{
$cflags .= " $wopt" unless ($cflags =~ /$wopt/)
}
}

open(IN,'<Makefile.org') || die "unable to read Makefile.org:$!\n";
unlink("$Makefile.new") || die "unable to remove old $Makefile.new:$!\n" if -e "$Makefile.new";
open(OUT,">$Makefile.new") || die "unable to create $Makefile.new:$!\n";
print OUT "### Generated automatically from Makefile.org by Configure.\n\n";
my $sdirs=0;
while (<IN>)
{
chomp;
$sdirs = 1 if /^SDIRS=/;
if ($sdirs) {
my $dir;
foreach $dir (@skip) {
s/(\s)$dir /$1/;
s/\s$dir$//;
}
}
$sdirs = 0 unless /\\$/;
s/engines // if (/^DIRS=/ && $disabled{"engine"});
s/ccgost// if (/^ENGDIRS=/ && $disabled{"gost"});
s/^VERSION=.*/VERSION=$version/;
s/^MAJOR=.*/MAJOR=$major/;
s/^MINOR=.*/MINOR=$minor/;
s/^SHLIB_VERSION_NUMBER=.*/SHLIB_VERSION_NUMBER=$shlib_version_number/;
s/^SHLIB_VERSION_HISTORY=.*/SHLIB_VERSION_HISTORY=$shlib_version_history/;
s/^SHLIB_MAJOR=.*/SHLIB_MAJOR=$shlib_major/;
s/^SHLIB_MINOR=.*/SHLIB_MINOR=$shlib_minor/;
s/^SHLIB_EXT=.*/SHLIB_EXT=$shared_extension/;
s/^INSTALLTOP=.*$/INSTALLTOP=$prefix/;
s/^MULTILIB=.*$/MULTILIB=$multilib/;
s/^OPENSSLDIR=.*$/OPENSSLDIR=$openssldir/;
s/^LIBDIR=.*$/LIBDIR=$libdir/;
s/^INSTALL_PREFIX=.*$/INSTALL_PREFIX=$install_prefix/;
s/^PLATFORM=.*$/PLATFORM=$target/;
s/^OPTIONS=.*$/OPTIONS=$options/;
s/^CONFIGURE_ARGS=.*$/CONFIGURE_ARGS=$argvstring/;
if ($cross_compile_prefix)
{
s/^CC=.*$/CROSS_COMPILE= $cross_compile_prefix\nCC= \$$CROSS_COMPILE$$cc/;
s/^AR=\s*/AR= \$$CROSS_COMPILE$/;
s/^NM=\s*/NM= \$$CROSS_COMPILE$/;
s/^RANLIB=\s*/RANLIB= \$$CROSS_COMPILE$/;
s/^MAKEDEPPROG=.*$/MAKEDEPPROG= \$$CROSS_COMPILE$$cc/ if $cc eq "gcc";
}
else {
s/^CC=.*$/CC= $cc/;
s/^AR=\s*ar/AR= $ar/;
s/^RANLIB=.*/RANLIB= $ranlib/;
s/^MAKEDEPPROG=.*$/MAKEDEPPROG= $cc/ if $cc eq "gcc";
}
s/^CFLAG=.*$/CFLAG= $cflags/;
s/^DEPFLAG=.*$/DEPFLAG=$depflags/;
s/^PEX_LIBS=.*$/PEX_LIBS= $prelflags/;
s/^EX_LIBS=.*$/EX_LIBS= $lflags/;
s/^EXE_EXT=.*$/EXE_EXT= $exe_ext/;
s/^CPUID_OBJ=.*$/CPUID_OBJ= $cpuid_obj/;
s/^BN_ASM=.*$/BN_ASM= $bn_obj/;
s/^DES_ENC=.*$/DES_ENC= $des_obj/;
s/^AES_ENC=.*$/AES_ENC= $aes_obj/;
s/^BF_ENC=.*$/BF_ENC= $bf_obj/;
s/^CAST_ENC=.*$/CAST_ENC= $cast_obj/;
s/^RC4_ENC=.*$/RC4_ENC= $rc4_obj/;
s/^RC5_ENC=.*$/RC5_ENC= $rc5_obj/;
s/^MD5_ASM_OBJ=.*$/MD5_ASM_OBJ= $md5_obj/;
s/^SHA1_ASM_OBJ=.*$/SHA1_ASM_OBJ= $sha1_obj/;
s/^RMD160_ASM_OBJ=.*$/RMD160_ASM_OBJ= $rmd160_obj/;
s/^WP_ASM_OBJ=.*$/WP_ASM_OBJ= $wp_obj/;
s/^CMLL_ENC=.*$/CMLL_ENC= $cmll_obj/;
s/^PERLASM_SCHEME=.*$/PERLASM_SCHEME= $perlasm_scheme/;
s/^PROCESSOR=.*/PROCESSOR= $processor/;
s/^ARFLAGS=.*/ARFLAGS= $arflags/;
s/^PERL=.*/PERL= $perl/;
s/^KRB5_INCLUDES=.*/KRB5_INCLUDES=$withargs{"krb5-include"}/;
s/^LIBKRB5=.*/LIBKRB5=$withargs{"krb5-lib"}/;
s/^LIBZLIB=.*/LIBZLIB=$withargs{"zlib-lib"}/;
s/^ZLIB_INCLUDE=.*/ZLIB_INCLUDE=$withargs{"zlib-include"}/;
s/^SHLIB_TARGET=.*/SHLIB_TARGET=$shared_target/;
s/^SHLIB_MARK=.*/SHLIB_MARK=$shared_mark/;
s/^SHARED_LIBS=.*/SHARED_LIBS=\$(SHARED_CRYPTO) \$(SHARED_SSL)/ if (!$no_shared);
if ($shared_extension ne "" && $shared_extension =~ /^\.s([ol])\.[^\.]*$/)
{
my $sotmp = $1;
s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp/;
}
elsif ($shared_extension ne "" && $shared_extension =~ /^\.[^\.]*\.dylib$/)
{
s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.dylib/;
}
elsif ($shared_extension ne "" && $shared_extension =~ /^\.s([ol])\.[^\.]*\.[^\.]*$/)
{
my $sotmp = $1;
s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp.\$(SHLIB_MAJOR) .s$sotmp/;
}
elsif ($shared_extension ne "" && $shared_extension =~ /^\.[^\.]*\.[^\.]*\.dylib$/)
{
s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.\$(SHLIB_MAJOR).dylib .dylib/;
}
s/^SHARED_LDFLAGS=.*/SHARED_LDFLAGS=$shared_ldflag/;
print OUT $_."\n";
}
close(IN);
close(OUT);
rename($Makefile,"$Makefile.bak") || die "unable to rename $Makefile\n" if -e $Makefile;
rename("$Makefile.new",$Makefile) || die "unable to rename $Makefile.new\n";

print "CC =$cc\n";
print "CFLAG =$cflags\n";
print "EX_LIBS =$lflags\n";
print "CPUID_OBJ =$cpuid_obj\n";
print "BN_ASM =$bn_obj\n";
print "DES_ENC =$des_obj\n";
print "AES_ENC =$aes_obj\n";
print "BF_ENC =$bf_obj\n";
print "CAST_ENC =$cast_obj\n";
print "RC4_ENC =$rc4_obj\n";
print "RC5_ENC =$rc5_obj\n";
print "MD5_OBJ_ASM =$md5_obj\n";
print "SHA1_OBJ_ASM =$sha1_obj\n";
print "RMD160_OBJ_ASM=$rmd160_obj\n";
print "CMLL_ENC= =$cmll_obj\n";
print "PROCESSOR =$processor\n";
print "RANLIB =$ranlib\n";
print "ARFLAGS =$arflags\n";
print "PERL =$perl\n";
print "KRB5_INCLUDES =",$withargs{"krb5-include"},"\n"
if $withargs{"krb5-include"} ne "";

my $des_ptr=0;
my $des_risc1=0;
my $des_risc2=0;
my $des_unroll=0;
my $bn_ll=0;
my $def_int=2;
my $rc4_int=$def_int;
my $md2_int=$def_int;
my $idea_int=$def_int;
my $rc2_int=$def_int;
my $rc4_idx=0;
my $rc4_chunk=0;
my $bf_ptr=0;
my @type=("char","short","int","long");
my ($b64l,$b64,$b32,$b16,$b8)=(0,0,1,0,0);
my $export_var_as_fn=0;

my $des_int;

foreach (sort split(/\s+/,$bn_ops))
{
$des_ptr=1 if /DES_PTR/;
$des_risc1=1 if /DES_RISC1/;
$des_risc2=1 if /DES_RISC2/;
$des_unroll=1 if /DES_UNROLL/;
$des_int=1 if /DES_INT/;
$bn_ll=1 if /BN_LLONG/;
$rc4_int=0 if /RC4_CHAR/;
$rc4_int=3 if /RC4_LONG/;
$rc4_idx=1 if /RC4_INDEX/;
$rc4_chunk=1 if /RC4_CHUNK/;
$rc4_chunk=2 if /RC4_CHUNK_LL/;
$md2_int=0 if /MD2_CHAR/;
$md2_int=3 if /MD2_LONG/;
$idea_int=1 if /IDEA_SHORT/;
$idea_int=3 if /IDEA_LONG/;
$rc2_int=1 if /RC2_SHORT/;
$rc2_int=3 if /RC2_LONG/;
$bf_ptr=1 if $_ eq "BF_PTR";
$bf_ptr=2 if $_ eq "BF_PTR2";
($b64l,$b64,$b32,$b16,$b8)=(0,1,0,0,0) if /SIXTY_FOUR_BIT/;
($b64l,$b64,$b32,$b16,$b8)=(1,0,0,0,0) if /SIXTY_FOUR_BIT_LONG/;
($b64l,$b64,$b32,$b16,$b8)=(0,0,1,0,0) if /THIRTY_TWO_BIT/;
($b64l,$b64,$b32,$b16,$b8)=(0,0,0,1,0) if /SIXTEEN_BIT/;
($b64l,$b64,$b32,$b16,$b8)=(0,0,0,0,1) if /EIGHT_BIT/;
$export_var_as_fn=1 if /EXPORT_VAR_AS_FN/;
}

open(IN,'<crypto/opensslconf.h.in') || die "unable to read crypto/opensslconf.h.in:$!\n";
unlink("crypto/opensslconf.h.new") || die "unable to remove old crypto/opensslconf.h.new:$!\n" if -e "crypto/opensslconf.h.new";
open(OUT,'>crypto/opensslconf.h.new') || die "unable to create crypto/opensslconf.h.new:$!\n";
print OUT "/* opensslconf.h */\n";
print OUT "/* WARNING: Generated automatically from opensslconf.h.in by Configure. */\n\n";

print OUT "/* OpenSSL was configured with the following options: */\n";
my $openssl_algorithm_defines_trans = $openssl_algorithm_defines;
$openssl_experimental_defines =~ s/^\s*#\s*define\s+OPENSSL_NO_(.*)/#ifndef OPENSSL_EXPERIMENTAL_$1\n# ifndef OPENSSL_NO_$1\n# define OPENSSL_NO_$1\n# endif\n#endif/mg;
$openssl_algorithm_defines_trans =~ s/^\s*#\s*define\s+OPENSSL_(.*)/# if defined(OPENSSL_$1) \&\& !defined($1)\n# define $1\n# endif/mg;
$openssl_algorithm_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg;
$openssl_algorithm_defines = " /* no ciphers excluded */\n" if $openssl_algorithm_defines eq "";
$openssl_thread_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg;
$openssl_sys_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg;
$openssl_other_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg;
print OUT $openssl_sys_defines;
print OUT "#ifndef OPENSSL_DOING_MAKEDEPEND\n\n";
print OUT $openssl_experimental_defines;
print OUT "\n";
print OUT $openssl_algorithm_defines;
print OUT "\n#endif /* OPENSSL_DOING_MAKEDEPEND */\n\n";
print OUT $openssl_thread_defines;
print OUT $openssl_other_defines,"\n";

print OUT "/* The OPENSSL_NO_* macros are also defined as NO_* if the application\n";
print OUT " asks for it. This is a transient feature that is provided for those\n";
print OUT " who haven't had the time to do the appropriate changes in their\n";
print OUT " applications. */\n";
print OUT "#ifdef OPENSSL_ALGORITHM_DEFINES\n";
print OUT $openssl_algorithm_defines_trans;
print OUT "#endif\n\n";

print OUT "#define OPENSSL_CPUID_OBJ\n\n" if ($cpuid_obj ne "mem_clr.o");

while (<IN>)
{
if (/^#define\s+OPENSSLDIR/)
{
my $foo = $openssldir;
$foo =~ s/\\/\\\\/g;
print OUT "#define OPENSSLDIR \"$foo\"\n";
}
elsif (/^#define\s+ENGINESDIR/)
{
# $foo is to become "$prefix/lib$multilib/engines";
# as Makefile.org and engines/Makefile are adapted for
# $multilib suffix.
my $foo = "$prefix/lib/engines";
$foo =~ s/\\/\\\\/g;
print OUT "#define ENGINESDIR \"$foo\"\n";
}
elsif (/^#((define)|(undef))\s+OPENSSL_EXPORT_VAR_AS_FUNCTION/)
{ printf OUT "#undef OPENSSL_EXPORT_VAR_AS_FUNCTION\n"
if $export_var_as_fn;
printf OUT "#%s OPENSSL_EXPORT_VAR_AS_FUNCTION\n",
($export_var_as_fn)?"define":"undef"; }
elsif (/^#define\s+OPENSSL_UNISTD/)
{
$unistd = "<unistd.h>" if $unistd eq "";
print OUT "#define OPENSSL_UNISTD $unistd\n";
}
elsif (/^#((define)|(undef))\s+SIXTY_FOUR_BIT_LONG/)
{ printf OUT "#%s SIXTY_FOUR_BIT_LONG\n",($b64l)?"define":"undef"; }
elsif (/^#((define)|(undef))\s+SIXTY_FOUR_BIT/)
{ printf OUT "#%s SIXTY_FOUR_BIT\n",($b64)?"define":"undef"; }
elsif (/^#((define)|(undef))\s+THIRTY_TWO_BIT/)
{ printf OUT "#%s THIRTY_TWO_BIT\n",($b32)?"define":"undef"; }
elsif (/^#((define)|(undef))\s+SIXTEEN_BIT/)
{ printf OUT "#%s SIXTEEN_BIT\n",($b16)?"define":"undef"; }
elsif (/^#((define)|(undef))\s+EIGHT_BIT/)
{ printf OUT "#%s EIGHT_BIT\n",($b8)?"define":"undef"; }
elsif (/^#((define)|(undef))\s+BN_LLONG\s*$/)
{ printf OUT "#%s BN_LLONG\n",($bn_ll)?"define":"undef"; }
elsif (/^\#define\s+DES_LONG\s+.*/)
{ printf OUT "#define DES_LONG unsigned %s\n",
($des_int)?'int':'long'; }
elsif (/^\#(define|undef)\s+DES_PTR/)
{ printf OUT "#%s DES_PTR\n",($des_ptr)?'define':'undef'; }
elsif (/^\#(define|undef)\s+DES_RISC1/)
{ printf OUT "#%s DES_RISC1\n",($des_risc1)?'define':'undef'; }
elsif (/^\#(define|undef)\s+DES_RISC2/)
{ printf OUT "#%s DES_RISC2\n",($des_risc2)?'define':'undef'; }
elsif (/^\#(define|undef)\s+DES_UNROLL/)
{ printf OUT "#%s DES_UNROLL\n",($des_unroll)?'define':'undef'; }
elsif (/^#define\s+RC4_INT\s/)
{ printf OUT "#define RC4_INT unsigned %s\n",$type[$rc4_int]; }
elsif (/^#undef\s+RC4_CHUNK/)
{
printf OUT "#undef RC4_CHUNK\n" if $rc4_chunk==0;
printf OUT "#define RC4_CHUNK unsigned long\n" if $rc4_chunk==1;
printf OUT "#define RC4_CHUNK unsigned long long\n" if $rc4_chunk==2;
}
elsif (/^#((define)|(undef))\s+RC4_INDEX/)
{ printf OUT "#%s RC4_INDEX\n",($rc4_idx)?"define":"undef"; }
elsif (/^#(define|undef)\s+I386_ONLY/)
{ printf OUT "#%s I386_ONLY\n", ($processor eq "386")?
"define":"undef"; }
elsif (/^#define\s+MD2_INT\s/)
{ printf OUT "#define MD2_INT unsigned %s\n",$type[$md2_int]; }
elsif (/^#define\s+IDEA_INT\s/)
{printf OUT "#define IDEA_INT unsigned %s\n",$type[$idea_int];}
elsif (/^#define\s+RC2_INT\s/)
{printf OUT "#define RC2_INT unsigned %s\n",$type[$rc2_int];}
elsif (/^#(define|undef)\s+BF_PTR/)
{
printf OUT "#undef BF_PTR\n" if $bf_ptr == 0;
printf OUT "#define BF_PTR\n" if $bf_ptr == 1;
printf OUT "#define BF_PTR2\n" if $bf_ptr == 2;
}
else
{ print OUT $_; }
}
close(IN);
close(OUT);
rename("crypto/opensslconf.h","crypto/opensslconf.h.bak") || die "unable to rename crypto/opensslconf.h\n" if -e "crypto/opensslconf.h";
rename("crypto/opensslconf.h.new","crypto/opensslconf.h") || die "unable to rename crypto/opensslconf.h.new\n";

# Fix the date

print "SIXTY_FOUR_BIT_LONG mode\n" if $b64l;
print "SIXTY_FOUR_BIT mode\n" if $b64;
print "THIRTY_TWO_BIT mode\n" if $b32;
print "SIXTEEN_BIT mode\n" if $b16;
print "EIGHT_BIT mode\n" if $b8;
print "DES_PTR used\n" if $des_ptr;
print "DES_RISC1 used\n" if $des_risc1;
print "DES_RISC2 used\n" if $des_risc2;
print "DES_UNROLL used\n" if $des_unroll;
print "DES_INT used\n" if $des_int;
print "BN_LLONG mode\n" if $bn_ll;
print "RC4 uses u$type[$rc4_int]\n" if $rc4_int != $def_int;
print "RC4_INDEX mode\n" if $rc4_idx;
print "RC4_CHUNK is undefined\n" if $rc4_chunk==0;
print "RC4_CHUNK is unsigned long\n" if $rc4_chunk==1;
print "RC4_CHUNK is unsigned long long\n" if $rc4_chunk==2;
print "MD2 uses u$type[$md2_int]\n" if $md2_int != $def_int;
print "IDEA uses u$type[$idea_int]\n" if $idea_int != $def_int;
print "RC2 uses u$type[$rc2_int]\n" if $rc2_int != $def_int;
print "BF_PTR used\n" if $bf_ptr == 1;
print "BF_PTR2 used\n" if $bf_ptr == 2;

if($IsMK1MF) {
open (OUT,">crypto/buildinf.h") || die "Can't open buildinf.h";
printf OUT <<EOF;
#ifndef MK1MF_BUILD
/* auto-generated by Configure for crypto/cversion.c:
* for Unix builds, crypto/Makefile.ssl generates functional definitions;
* Windows builds (and other mk1mf builds) compile cversion.c with
* -DMK1MF_BUILD and use definitions added to this file by util/mk1mf.pl. */
#error "Windows builds (PLATFORM=$target) use mk1mf.pl-created Makefiles"
#endif
EOF
close(OUT);
} else {
my $make_command = "$make PERL=\'$perl\'";
my $make_targets = "";
$make_targets .= " links" if $symlink;
$make_targets .= " depend" if $depflags ne $default_depflags && $make_depend;
$make_targets .= " gentests" if $symlink;
(system $make_command.$make_targets) == 0 or exit $?
if $make_targets ne "";
if ( $perl =~ m@^/@) {
&dofile("tools/c_rehash",$perl,'^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";');
&dofile("apps/CA.pl",$perl,'^#!/', '#!%s');
} else {
# No path for Perl known ...
&dofile("tools/c_rehash",'/usr/local/bin/perl','^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";');
&dofile("apps/CA.pl",'/usr/local/bin/perl','^#!/', '#!%s');
}
if ($depflags ne $default_depflags && !$make_depend) {
print <<EOF;

Since you've disabled or enabled at least one algorithm, you need to do
the following before building:

make depend
EOF
}
}

# create the ms/version32.rc file if needed
if ($IsMK1MF && ($target !~ /^netware/)) {
my ($v1, $v2, $v3, $v4);
if ($version_num =~ /(^[0-9a-f]{1})([0-9a-f]{2})([0-9a-f]{2})([0-9a-f]{2})/i) {
$v1=hex $1;
$v2=hex $2;
$v3=hex $3;
$v4=hex $4;
}
open (OUT,">ms/version32.rc") || die "Can't open ms/version32.rc";
print OUT <<EOF;
#include <winver.h>

LANGUAGE 0x09,0x01

1 VERSIONINFO
FILEVERSION $v1,$v2,$v3,$v4
PRODUCTVERSION $v1,$v2,$v3,$v4
FILEFLAGSMASK 0x3fL
#ifdef _DEBUG
FILEFLAGS 0x01L
#else
FILEFLAGS 0x00L
#endif
FILEOS VOS__WINDOWS32
FILETYPE VFT_DLL
FILESUBTYPE 0x0L
BEGIN
BLOCK "StringFileInfo"
BEGIN
BLOCK "040904b0"
BEGIN
// Required:
VALUE "CompanyName", "The OpenSSL Project, http://www.openssl.org/\\0"
VALUE "FileDescription", "OpenSSL Shared Library\\0"
VALUE "FileVersion", "$version\\0"
#if defined(CRYPTO)
VALUE "InternalName", "libeay32\\0"
VALUE "OriginalFilename", "libeay32.dll\\0"
#elif defined(SSL)
VALUE "InternalName", "ssleay32\\0"
VALUE "OriginalFilename", "ssleay32.dll\\0"
#endif
VALUE "ProductName", "The OpenSSL Toolkit\\0"
VALUE "ProductVersion", "$version\\0"
// Optional:
//VALUE "Comments", "\\0"
VALUE "LegalCopyright", "Copyright © 1998-2005 The OpenSSL Project. Copyright © 1995-1998 Eric A. Young, Tim J. Hudson. All rights reserved.\\0"
//VALUE "LegalTrademarks", "\\0"
//VALUE "PrivateBuild", "\\0"
//VALUE "SpecialBuild", "\\0"
END
END
BLOCK "VarFileInfo"
BEGIN
VALUE "Translation", 0x409, 0x4b0
END
END
EOF
close(OUT);
}

print <<EOF;

Configured for $target.
EOF

print <<\EOF if (!$no_threads && !$threads);

The library could not be configured for supporting multi-threaded
applications as the compiler options required on this system are not known.
See file INSTALL for details if you need multi-threading.
EOF

print <<\EOF if ($no_shared_warn);

You gave the option 'shared'. Normally, that would give you shared libraries.
Unfortunately, the OpenSSL configuration doesn't include shared library support
for this platform yet, so it will pretend you gave the option 'no-shared'. If
you can inform the developpers (openssl-dev\@openssl.org) how to support shared
libraries on this platform, they will at least look at it and try their best
(but please first make sure you have tried with a current version of OpenSSL).
EOF

exit(0);

sub usage
{
print STDERR $usage;
print STDERR "\npick os/compiler from:\n";
my $j=0;
my $i;
my $k=0;
foreach $i (sort keys %table)
{
next if $i =~ /^debug/;
$k += length($i) + 1;
if ($k > 78)
{
print STDERR "\n";
$k=length($i);
}
print STDERR $i . " ";
}
foreach $i (sort keys %table)
{
next if $i !~ /^debug/;
$k += length($i) + 1;
if ($k > 78)
{
print STDERR "\n";
$k=length($i);
}
print STDERR $i . " ";
}
print STDERR "\n\nNOTE: If in doubt, on Unix-ish systems use './config'.\n";
exit(1);
}

sub which
{
my($name)=@_;
my $path;
foreach $path (split /:/, $ENV{PATH})
{
if (-f "$path/$name$exe_ext" and -x _)
{
return "$path/$name$exe_ext" unless ($name eq "perl" and
system("$path/$name$exe_ext -e " . '\'exit($]<5.0);\''));
}
}
}

sub dofile
{
my $f; my $p; my %m; my @a; my $k; my $ff;
($f,$p,%m)=@_;

open(IN,"<$f.in") || open(IN,"<$f") || die "unable to open $f:$!\n";
@a=<IN>;
close(IN);
foreach $k (keys %m)
{
grep(/$k/ && ($_=sprintf($m{$k}."\n",$p)),@a);
}
open(OUT,">$f.new") || die "unable to open $f.new:$!\n";
print OUT @a;
close(OUT);
rename($f,"$f.bak") || die "unable to rename $f\n" if -e $f;
rename("$f.new",$f) || die "unable to rename $f.new\n";
}

sub print_table_entry
{
my $target = shift;

(my $cc,my $cflags,my $unistd,my $thread_cflag,my $sys_id,my $lflags,
my $bn_ops,my $cpuid_obj,my $bn_obj,my $des_obj,my $aes_obj, my $bf_obj,
my $md5_obj,my $sha1_obj,my $cast_obj,my $rc4_obj,my $rmd160_obj,
my $rc5_obj,my $wp_obj,my $cmll_obj,my $perlasm_scheme,my $dso_scheme,my $shared_target,my $shared_cflag,
my $shared_ldflag,my $shared_extension,my $ranlib,my $arflags,my $multilib)=
split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);

print <<EOF

*** $target
\$cc = $cc
\$cflags = $cflags
\$unistd = $unistd
\$thread_cflag = $thread_cflag
\$sys_id = $sys_id
\$lflags = $lflags
\$bn_ops = $bn_ops
\$cpuid_obj = $cpuid_obj
\$bn_obj = $bn_obj
\$des_obj = $des_obj
\$aes_obj = $aes_obj
\$bf_obj = $bf_obj
\$md5_obj = $md5_obj
\$sha1_obj = $sha1_obj
\$cast_obj = $cast_obj
\$rc4_obj = $rc4_obj
\$rmd160_obj = $rmd160_obj
\$rc5_obj = $rc5_obj
\$wp_obj = $wp_obj
\$cmll_obj = $cmll_obj
\$perlasm_scheme = $perlasm_scheme
\$dso_scheme = $dso_scheme
\$shared_target= $shared_target
\$shared_cflag = $shared_cflag
\$shared_ldflag = $shared_ldflag
\$shared_extension = $shared_extension
\$ranlib = $ranlib
\$arflags = $arflags
\$multilib = $multilib
EOF
}

sub test_sanity
{
my $errorcnt = 0;

print STDERR "=" x 70, "\n";
print STDERR "=== SANITY TESTING!\n";
print STDERR "=== No configuration will be done, all other arguments will be ignored!\n";
print STDERR "=" x 70, "\n";

foreach $target (sort keys %table)
{
@fields = split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);

if ($fields[$idx_dso_scheme-1] =~ /^(beos|dl|dlfcn|win32|vms)$/)
{
$errorcnt++;
print STDERR "SANITY ERROR: '$target' has the dso_scheme [$idx_dso_scheme] values\n";
print STDERR " in the previous field\n";
}
elsif ($fields[$idx_dso_scheme+1] =~ /^(beos|dl|dlfcn|win32|vms)$/)
{
$errorcnt++;
print STDERR "SANITY ERROR: '$target' has the dso_scheme [$idx_dso_scheme] values\n";
print STDERR " in the following field\n";
}
elsif ($fields[$idx_dso_scheme] !~ /^(beos|dl|dlfcn|win32|vms|)$/)
{
$errorcnt++;
print STDERR "SANITY ERROR: '$target' has the dso_scheme [$idx_dso_scheme] field = ",$fields[$idx_dso_scheme],"\n";
print STDERR " valid values are 'beos', 'dl', 'dlfcn', 'win32' and 'vms'\n";
}
}
print STDERR "No sanity errors detected!\n" if $errorcnt == 0;
return $errorcnt;
}
--
Member - Liberal International This is doctor@... Ici doctor@...
God, Queen and country! Never Satan President Republic! Beware AntiChrist rising!
http://twitter.com/rootnl2k http://www.myspace.com/502748630
Merry Christmas 2009 and Happy New Year 2010
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@...
Automated List Manager majordomo@...

[openssl.org #2125] [PATCH] Fixup compilation for gcc-aix target

2009-12-09T00:23:22Z

sltest.c:157:1: error: "_XOPEN_SOURCE" redefined
In file included from /opt/freeware/lib/gcc/powerpc-ibm-aix5.3.0.0/4.2.0/include/assert.h:64,
from ssltest.c:146:
/usr/include/standards.h:114:1: error: this is the location of the previous definition
make: 1254-004 The error code from the last command is 1.

Stop.
make: 1254-004 The error code from the last command is 1.

diff -urNp openssl-1.0.0-beta4.org/ssl/ssltest.c openssl-1.0.0-beta4/ssl/ssltest.c
--- openssl-1.0.0-beta4.org/ssl/ssltest.c 2009-01-08 01:44:27.000000000 +0200
+++ openssl-1.0.0-beta4/ssl/ssltest.c 2009-11-21 09:24:46.001175088 +0200
@@ -143,6 +143,9 @@
#define _BSD_SOURCE 1 /* Or gethostname won't be declared properly
on Linux and GNU platforms. */

+#define _XOPEN_SOURCE 500 /* Or isascii won't be declared properly on
+ VMS (at least with DECompHP C). */
+
#include <assert.h>
#include <errno.h>
#include <limits.h>
@@ -154,8 +157,6 @@
#define USE_SOCKETS
#include "e_os.h"

-#define _XOPEN_SOURCE 500 /* Or isascii won't be declared properly on
- VMS (at least with DECompHP C). */
#include <ctype.h>

#include <openssl/bio.h>

______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@...
Automated List Manager majordomo@...

Re: [openssl.org #2124] memory mismanagement in OpenSSL (patch included against 0.9.8l)

2009-12-08T04:12:55Z

On Tue, 8 Dec 2009, Jan Pechanec wrote:

sorry, forgot to include a link to the OpenSolaris bugster:

http://bugs.opensolaris.org/bugdatabase/view_bug.do?bug_id=6441083

with an explanation of a person who reported the problem.

J.

>
> hi,
>
> there are some places where functions allocating memory are not
>checked against NULL, or are checked too late (LHASH code). We run some
>tests with libumem(3lib) and "mtbf=5000" (mean time between failure) in
>UMEM_DEBUG, simulating occasional memory shortages and that was causing
>OpenSSL to crash.
>
> the changes have been used here at Sun internally for 2 years
>against 0.9.8a. Attached is a patch generated against 0.9.8l. "make
>test" passes on the changed code after rebuilding it.
>
> thanks, Jan.
>
>

--
Jan Pechanec

______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@...
Automated List Manager majordomo@...

[openssl.org #2124] memory mismanagement in OpenSSL (patch included against 0.9.8l)

2009-12-08T04:11:45Z

hi,

there are some places where functions allocating memory are not
checked against NULL, or are checked too late (LHASH code). We run some
tests with libumem(3lib) and "mtbf=5000" (mean time between failure) in
UMEM_DEBUG, simulating occasional memory shortages and that was causing
OpenSSL to crash.

the changes have been used here at Sun internally for 2 years
against 0.9.8a. Attached is a patch generated against 0.9.8l. "make
test" passes on the changed code after rebuilding it.

thanks, Jan.

--
Jan Pechanec

diff -ur openssl-0.9.8l/crypto/evp/digest.c openssl-0.9.8l-patched//crypto/evp/digest.c
--- openssl-0.9.8l/crypto/evp/digest.c Tue Sep 16 00:21:40 2008
+++ openssl-0.9.8l-patched//crypto/evp/digest.c Tue Dec 8 12:06:21 2009
@@ -127,7 +127,8 @@
{
EVP_MD_CTX *ctx=OPENSSL_malloc(sizeof *ctx);

- EVP_MD_CTX_init(ctx);
+ if (ctx)
+ EVP_MD_CTX_init(ctx);

return ctx;
}
@@ -299,7 +300,14 @@
OPENSSL_free(ctx->md_data);
ctx->digest=type;
if (type->ctx_size)
+ {
ctx->md_data=OPENSSL_malloc(type->ctx_size);
+ if (!ctx->md_data)
+ {
+ EVPerr(EVP_F_EVP_DIGESTINIT_EX, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ }
}
#ifndef OPENSSL_NO_ENGINE
skip_to_init:
@@ -380,8 +388,17 @@

if (out->digest->ctx_size)
{
- if (tmp_buf) out->md_data = tmp_buf;
- else out->md_data=OPENSSL_malloc(out->digest->ctx_size);
+ if (tmp_buf)
+ out->md_data = tmp_buf;
+ else
+ {
+ out->md_data=OPENSSL_malloc(out->digest->ctx_size);
+ if (!out->md_data)
+ {
+ EVPerr(EVP_F_EVP_MD_CTX_COPY_EX,ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ }
memcpy(out->md_data,in->md_data,out->digest->ctx_size);
}

diff -ur openssl-0.9.8l/crypto/lhash/lhash.c openssl-0.9.8l-patched//crypto/lhash/lhash.c
--- openssl-0.9.8l/crypto/lhash/lhash.c Sun Jan 21 14:16:32 2007
+++ openssl-0.9.8l-patched//crypto/lhash/lhash.c Tue Dec 8 12:06:21 2009
@@ -305,16 +305,40 @@
static void expand(LHASH *lh)
{
LHASH_NODE **n,**n1,**n2,*np;
- unsigned int p,i,j;
+ unsigned int p,i,j,pmax;
unsigned long hash,nni;

+ p=(int)lh->p++;
+ nni=lh->num_alloc_nodes;
+ pmax=lh->pmax;
+
+ if ((lh->p) >= lh->pmax)
+ {
+ j=(int)lh->num_alloc_nodes*2;
+ n=(LHASH_NODE **)OPENSSL_realloc(lh->b,
+ (int)sizeof(LHASH_NODE *)*j);
+ if (n == NULL)
+ {
+/* fputs("realloc error in lhash",stderr); */
+ lh->error++;
+ lh->p=0;
+ return;
+ }
+ /* else */
+ for (i=(int)lh->num_alloc_nodes; i<j; i++)/* 26/02/92 eay */
+ n[i]=NULL; /* 02/03/92 eay */
+ lh->pmax=lh->num_alloc_nodes;
+ lh->num_alloc_nodes=j;
+ lh->num_expand_reallocs++;
+ lh->p=0;
+ lh->b=n;
+ }
+
lh->num_nodes++;
lh->num_expands++;
- p=(int)lh->p++;
n1= &(lh->b[p]);
- n2= &(lh->b[p+(int)lh->pmax]);
+ n2= &(lh->b[p+pmax]);
*n2=NULL; /* 27/07/92 - eay - undefined pointer bug */
- nni=lh->num_alloc_nodes;

for (np= *n1; np != NULL; )
{
@@ -335,35 +359,14 @@
np= *n1;
}

- if ((lh->p) >= lh->pmax)
- {
- j=(int)lh->num_alloc_nodes*2;
- n=(LHASH_NODE **)OPENSSL_realloc(lh->b,
- (int)(sizeof(LHASH_NODE *)*j));
- if (n == NULL)
- {
-/* fputs("realloc error in lhash",stderr); */
- lh->error++;
- lh->p=0;
- return;
- }
- /* else */
- for (i=(int)lh->num_alloc_nodes; i<j; i++)/* 26/02/92 eay */
- n[i]=NULL; /* 02/03/92 eay */
- lh->pmax=lh->num_alloc_nodes;
- lh->num_alloc_nodes=j;
- lh->num_expand_reallocs++;
- lh->p=0;
- lh->b=n;
- }
}

static void contract(LHASH *lh)
{
LHASH_NODE **n,*n1,*np;
+ int idx = lh->p+lh->pmax-1;

- np=lh->b[lh->p+lh->pmax-1];
- lh->b[lh->p+lh->pmax-1]=NULL; /* 24/07-92 - eay - weird but :-( */
+ np=lh->b[idx];
if (lh->p == 0)
{
n=(LHASH_NODE **)OPENSSL_realloc(lh->b,
@@ -383,6 +386,7 @@
else
lh->p--;

+ lh->b[idx] = NULL;
lh->num_nodes--;
lh->num_contracts++;

diff -ur openssl-0.9.8l/crypto/rsa/rsa_eng.c openssl-0.9.8l-patched//crypto/rsa/rsa_eng.c
--- openssl-0.9.8l/crypto/rsa/rsa_eng.c Tue Sep 16 16:55:26 2008
+++ openssl-0.9.8l-patched//crypto/rsa/rsa_eng.c Tue Dec 8 12:31:24 2009
@@ -208,7 +208,16 @@
ret->mt_blinding=NULL;
ret->bignum_data=NULL;
ret->flags=ret->meth->flags;
- CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data);
+ if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data))
+ {
+#ifndef OPENSSL_NO_ENGINE
+ if (ret->engine)
+ ENGINE_finish(ret->engine);
+#endif
+ OPENSSL_free(ret);
+ return(NULL);
+ }
+
if ((ret->meth->init != NULL) && !ret->meth->init(ret))
{
#ifndef OPENSSL_NO_ENGINE
diff -ur openssl-0.9.8l/crypto/x509/x509_lu.c openssl-0.9.8l-patched//crypto/x509/x509_lu.c
--- openssl-0.9.8l/crypto/x509/x509_lu.c Wed May 11 05:45:35 2005
+++ openssl-0.9.8l-patched//crypto/x509/x509_lu.c Tue Dec 8 12:06:21 2009
@@ -198,7 +198,13 @@
ret->cert_crl = 0;
ret->cleanup = 0;

- CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE, ret, &ret->ex_data);
+ if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE, ret, &ret->ex_data))
+ {
+ sk_X509_OBJECT_free(ret->objs);
+ OPENSSL_free(ret);
+ return NULL;
+ }
+
ret->references=1;
return ret;
}

Re: [openssl.org #2121] [PATCH] DTLS extensions

2009-12-07T07:40:22Z

On Dec 7, 2009, at 4:06 PM, Stephen Henson via RT wrote:

>> [seggelmann@... - Thu Dec 03 20:54:44 2009]:
>>
>> This patch enables the servername, renegotiation and session ticket
>> extensions for DTLS. The TLS code is reused and my former separate
>> implementation of the renegotiation extension removed. The other
>> not yet implemented extensions are disabled.
>>
>
> Thanks. I note that the functions dtls1_send_newsession_ticket and
> tl1s_send_newsession_ticket() are very similar. Could we further reduce
> code duplication by having one version which checks the version and does
> the right thing?

I decided to duplicate it because the header is different for DTLS, and therefore several lenghts and buffer positions differ all across the function. That'd require many checks, and that's probably the reason why all message assembling functions are duplicated for DTLS while the receiving ones are the same.

I just noticed that in the submitted patch the declaration of dtls1_send_newsession_ticket() is missing. That'd be:

--- ssl/ssl_locl.h 2009-11-09 19:58:50.000000000 +0100
+++ ssl/ssl_locl.h 2009-12-07 11:21:16.000000000 +0100
@@ -949,6 +949,7 @@
void dtls1_stop_timer(SSL *s);
int dtls1_is_timer_expired(SSL *s);
void dtls1_double_timeout(SSL *s);
+int dtls1_send_newsession_ticket(SSL *s);

/* some client-only functions */

Regards,
Robin

______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@...
Automated List Manager majordomo@...

[openssl.org #2121] [PATCH] DTLS extensions

2009-12-07T07:06:01Z

> [seggelmann@... - Thu Dec 03 20:54:44 2009]:
>
> This patch enables the servername, renegotiation and session ticket
> extensions for DTLS. The TLS code is reused and my former separate
> implementation of the renegotiation extension removed. The other
> not yet implemented extensions are disabled.
>

Thanks. I note that the functions dtls1_send_newsession_ticket and
tl1s_send_newsession_ticket() are very similar. Could we further reduce
code duplication by having one version which checks the version and does
the right thing?

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org

______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@...
Automated List Manager majordomo@...

[openssl.org #2122] bug report

2009-12-07T06:36:44Z

> [gpk32@... - Thu Dec 03 20:55:37 2009]:
>
> Hi,
> am I missing something or following source code shows an OpenSSL
> bug
> (duplication is not well performed) ?
>

Your problem is accessing the structures directly. This should be
avoided where possible as it can produce misleading results, the "sn"
field is only currently set if the OID is directly initialised from the
registered table, duplicated OIDs wont have it set.

If instead of accessing "sn" you use OBJ_nid2sn(OBJ_nid2obj(oid)) you
get the correct result.

Note that you can also avoid accessing the X509_ALGOR directly by using
X509_ALGOR_get0().

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org

______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@...
Automated List Manager majordomo@...

Re: EVP_SignFinal dramatically slow

2009-12-05T23:37:26Z

Thank your help, Kirk.
i have solved this problem now. the big difference of time is consumed by dll loading. So the benchmark is correct. thank you
armstrong
2009-12-06

Kirk81 wrote:

armstrong wrote:

Hi
Is someone here can help me? I am using "EVP Public Key Interface" to sign and verify some digital signatures. And i find the call to "EVP_SignFinal" is very slow.

In the test, RSA1024-SHA1 was used, the call to "EVP_SignFinal" consuming almost 0.19~0.2 second.

In contrast to the openssl benchmark(i.e openssl speed rsa1024), the benchmark reports 'rsa 1024 bit' sign operation only take 0.002s(approximate) on my computer. This result is close to my call to RSA_sign directly.

Hi,

I've created a RSA application for MVS: RSA-1024 with SHA56 using the native functions (RSA_sign, SHA256, ...). Here u can find the code:

rsa.cpp

With an IA-32 Pentium M 1.5 GHz, I'm in the order of milliseconds:
- signature: 3.6 ms
- verify: 0.19 ms

Now you can try the EVP interface.

Kirk

Re: openssl-0.9.8a - Why does the UNIX process display [error:00000000:lib(0):func(0):reason(0)]?

2009-12-04T19:36:08Z

Thank you Dave for your response.
Let me try using SSL_get_error() as you described to see what information it
gives me.
-sal

--------------------------------------------------
From: "Dave Thompson" <dave.thompson@...>
Sent: Friday, December 04, 2009 7:58 PM
To: <openssl-dev@...>
Subject: RE: openssl-0.9.8a - Why does the UNIX process display
[error:00000000:lib(0):func(0):reason(0)]?

>> From: owner-openssl-dev@... On Behalf Of Salvatore DeGrezia
>> Sent: Thursday, 03 December, 2009 15:05
>
>> I have written a simple Winform application (based on .NET Framework
> 2.0) that
>> tries to establish an SSL connection with a server-side UNIX (SunOS
> version 5.10) process
>> that is using openssl-0.9.8a. When i run the application, the UNIX
> process
>> displays the following message
> "[error:00000000:lib(0):func(0):reason(0)]"
>> when it calls the SSL_accept() call.
> <snip>
>> int err = SSL_accept((SSL *)SockObj->SSLCtx);
> ...
>
> SSL_accept() itself should not display anything (in a normal build).
> There must be some code in your "..." (or later) that displays this.
>
> If it is trying to decode-and-display the returned value from
> SSL_accept(),
> i.e. the value in err, that is wrong, and could produce this useless
> result.
>
> After a <=0 return from SSL_accept (and several other, see the man page)
> your code should call SSL_get_error() to determine whether this was:
>
> - a protocol error (SSL_ERROR_SSL) in which case you should display
> the OpenSSL error queue (call ERR_get_error, preferably decode and
> display the result, loop until zero; or just call ERR_print_errors*)
>
> - an underlying communications error (SSL_ERROR_SYSCALL) in which case
> the man page says there *may* be an error queue (but I've never seen it)
> and if not you should display the (real operation) return value and
> Unix errno (preferably explained with perror() or strerror() etc.)
> (or Windows WSAGetLastError(), not quite as easy to explain)
>
> - a nonblocking operation that needs to be rescheduled (SSL_WANT_READ
> etc.)
> but if you are using nonblocking and your code doesn't already handle
> these
> it won't ever work or ever have worked, and you would have noticed
>
> PS- 0.9.8a is pretty old. That may or may not matter to your problem.
>
>
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> Development Mailing List openssl-dev@...
> Automated List Manager majordomo@...
>

______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@...
Automated List Manager majordomo@...

RE: openssl-0.9.8a - Why does the UNIX process display [error:00000000:lib(0):func(0):reason(0)]?

2009-12-04T16:58:51Z

> From: owner-openssl-dev@... On Behalf Of Salvatore DeGrezia
> Sent: Thursday, 03 December, 2009 15:05

> I have written a simple Winform application (based on .NET Framework
2.0) that
> tries to establish an SSL connection with a server-side UNIX (SunOS
version 5.10) process
> that is using openssl-0.9.8a. When i run the application, the UNIX
process
> displays the following message
"[error:00000000:lib(0):func(0):reason(0)]"
> when it calls the SSL_accept() call.
<snip>
> int err = SSL_accept((SSL *)SockObj->SSLCtx);
...

SSL_accept() itself should not display anything (in a normal build).
There must be some code in your "..." (or later) that displays this.

If it is trying to decode-and-display the returned value from SSL_accept(),
i.e. the value in err, that is wrong, and could produce this useless result.

After a <=0 return from SSL_accept (and several other, see the man page)
your code should call SSL_get_error() to determine whether this was:

- a protocol error (SSL_ERROR_SSL) in which case you should display
the OpenSSL error queue (call ERR_get_error, preferably decode and
display the result, loop until zero; or just call ERR_print_errors*)

- an underlying communications error (SSL_ERROR_SYSCALL) in which case
the man page says there *may* be an error queue (but I've never seen it)
and if not you should display the (real operation) return value and
Unix errno (preferably explained with perror() or strerror() etc.)
(or Windows WSAGetLastError(), not quite as easy to explain)

- a nonblocking operation that needs to be rescheduled (SSL_WANT_READ etc.)
but if you are using nonblocking and your code doesn't already handle these
it won't ever work or ever have worked, and you would have noticed

PS- 0.9.8a is pretty old. That may or may not matter to your problem.

______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@...
Automated List Manager majordomo@...

proposed patch for WINCE to the latest openssl cvs

2009-12-04T02:08:15Z

hi,
i've made this patch to compile the latest openssl cvs on WINCE. i've
succesfully compiled the these dlls on Windows Mobile 6.x :
04/12/2009 10:49 1.222.144 libeay32.dll
04/12/2009 10:49 258.560 ssleay32.dll
04/12/2009 10:49 12.288 4758cca.dll
04/12/2009 10:49 10.752 aep.dll
04/12/2009 10:49 8.704 atalla.dll
04/12/2009 10:49 13.824 cswift.dll
04/12/2009 10:49 4.096 gmp.dll
04/12/2009 10:49 15.360 chil.dll
04/12/2009 10:49 7.168 nuron.dll
04/12/2009 10:49 15.872 sureware.dll
04/12/2009 10:49 12.288 ubsec.dll
04/12/2009 10:49 4.096 padlock.dll
compiled using nmake -f /ms/cedll.mak using these patches (just a
bunch of includes and fixing outdated stuff like winsock.lib instead
of ws2.lib). I'm using the WceCompat library, of which i'm a
contributor, so my patches are only related to compiling on WINCE
using that libc extension.

regards,
valerio

===================================================================
RCS file: /v/openssl/cvs/openssl/e_os.h,v
retrieving revision 1.100
diff -u -r1.100 e_os.h
--- e_os.h 26 Aug 2009 15:15:14 -0000 1.100
+++ e_os.h 4 Dec 2009 04:58:56 -0000
@@ -499,7 +499,8 @@
# endif
# if !defined(IPPROTO_IP)
/* winsock[2].h was included already? */
-# include <winsock.h>
+# include <winsock2.h>
+# include <ws2tcpip.h>
# endif
# ifdef getservbyname
# undef getservbyname
===================================================================
RCS file: /v/openssl/cvs/openssl/crypto/bio/bss_fd.c,v
retrieving revision 1.7
diff -u -r1.7 bss_fd.c
--- crypto/bio/bss_fd.c 12 Feb 2006 23:11:30 -0000 1.7
+++ crypto/bio/bss_fd.c 4 Dec 2009 05:15:31 -0000
@@ -64,8 +64,26 @@
#if defined(OPENSSL_NO_POSIX_IO)
/*
* One can argue that one should implement dummy placeholder for
- * BIO_s_fd here...
+ * BIO_s_fd here... NEEDED for WINCE
*/
+ BIO *BIO_new_fd(int fd,int close_flag)
+ {
+ return NULL;
+ }
+ int BIO_fd_non_fatal_error(int err)
+ {
+ return 0;
+ }
+ int BIO_fd_should_retry(int i)
+ {
+ return 0;
+ }
+
+ BIO_METHOD *BIO_s_fd(void)
+ {
+ return NULL;
+ }
+
#else
/*
* As for unconditional usage of "UPLINK" interface in this module.
===================================================================
RCS file: /v/openssl/cvs/openssl/crypto/cms/cms.h,v
retrieving revision 1.29
diff -u -r1.29 cms.h
--- crypto/cms/cms.h 26 Nov 2009 18:57:39 -0000 1.29
+++ crypto/cms/cms.h 4 Dec 2009 05:10:10 -0000
@@ -55,6 +55,7 @@
#ifndef HEADER_CMS_H
#define HEADER_CMS_H

+#include <e_os.h>
#include <openssl/x509.h>

#ifdef OPENSSL_NO_CMS
===================================================================
RCS file: /v/openssl/cvs/openssl/util/pl/VC-32.pl,v
retrieving revision 1.63
diff -u -r1.63 VC-32.pl
--- util/pl/VC-32.pl 19 Nov 2009 22:29:03 -0000 1.63
+++ util/pl/VC-32.pl 4 Dec 2009 07:20:22 -0000
@@ -99,7 +99,7 @@
}

$cc='$(CC)';
- $base_cflags=' /W3 /WX /GF /Gy /nologo -DUNICODE -D_UNICODE
-DOPENSSL_SYSNAME_WINCE -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32
-DNO_CHMOD -DOPENSSL_SMALL_FOOTPRINT';
+ $base_cflags=' /W3 /GF /Gy /nologo -DUNICODE -D_UNICODE
-DOPENSSL_SYSNAME_WINCE -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32
-DNO_CHMOD -DOPENSSL_SMALL_FOOTPRINT';
$base_cflags.=" $wcecdefs";
$base_cflags.=' -I$(WCECOMPAT)/include' if (defined($ENV{'WCECOMPAT'}));
$base_cflags.=' -I$(PORTSDK_LIBPATH)/../../include' if
(defined($ENV{'PORTSDK_LIBPATH'}));
@@ -143,12 +143,12 @@
$efile="/out:";
$exep='.exe';
if ($no_sock) { $ex_libs=''; }
-elsif ($FLAVOR =~ /CE/) { $ex_libs='winsock.lib'; }
+elsif ($FLAVOR =~ /CE/) { $ex_libs='ws2.lib'; }
else { $ex_libs='ws2_32.lib'; }

if ($FLAVOR =~ /CE/)
{
- $ex_libs.=' $(WCECOMPAT)/lib/wcecompatex.lib' if (defined($ENV{'WCECOMPAT'}));
+ $ex_libs.=' /NODEFAULTLIB:oldnames.lib coredll.lib corelibc.lib
$(WCECOMPAT)/lib/wcecompat.lib' if (defined($ENV{'WCECOMPAT'}));
$ex_libs.=' $(PORTSDK_LIBPATH)/portlib.lib' if
(defined($ENV{'PORTSDK_LIBPATH'}));
$ex_libs.=' /nodefaultlib:oldnames.lib coredll.lib corelibc.lib' if
($ENV{'TARGETCPU'} eq "X86");
}
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@...
Automated List Manager majordomo@...